preparingwindows.com Open in urlscan Pro
2606:4700:3033::681f:474e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://preparingwindows.com/
Submission Tags: @phishunt_io
Submission: On August 16 via api (August 16th 2020, 4:11:26 pm UTC) from ES

Summary HTTP 37 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3033::681f:474e, located in United States and belongs to CLOUDFLARENET, US. The main domain is preparingwindows.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.

This is the only time preparingwindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3033::681f:474e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
8	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
37	8

5 2606:4700:3033::681f:474e (United States)

ASN13335 (CLOUDFLARENET, US)

preparingwindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	wp.com i1.wp.com i2.wp.com i0.wp.com stats.wp.com pixel.wp.com	107 KB
7	doubleclick.net googleads.g.doubleclick.net
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	141 KB
5	preparingwindows.com preparingwindows.com	103 KB
3	youtube.com www.youtube.com
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	829 B
1	google.de adservice.google.de	829 B
1	gstatic.com fonts.gstatic.com	20 KB
1	googleapis.com fonts.googleapis.com	819 B
37	10

	Domain	Requested by
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	i2.wp.com	preparingwindows.com
5	pagead2.googlesyndication.com	preparingwindows.com pagead2.googlesyndication.com
5	preparingwindows.com	preparingwindows.com
3	www.youtube.com	preparingwindows.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	i1.wp.com	preparingwindows.com
1	pixel.wp.com	preparingwindows.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.wp.com	preparingwindows.com
1	i0.wp.com	preparingwindows.com
1	fonts.googleapis.com	preparingwindows.com
37	15

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
answers.microsoft.com
www.amazon.com
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://preparingwindows.com/
Frame ID: 22965506EDD42B7696CD4CF2B12EC3CC
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/zrt_lookup.html
Frame ID: 2C37B5A270E834365C1AAAC77BE29C64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false
Frame ID: C7D13D96E8CF1D02DB9444B316E9894F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GwumYA50mPk?feature=oembed
Frame ID: A83D2B6A5226648DE05BFE34939E2E8C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/tS_k61BA7TI?feature=oembed
Frame ID: DF9C9A9A7D83C9E6447DFBBC175CB594
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=182&slotname=7530496036&adk=4065539060&adf=1430298841&w=725&fwrn=4&lmt=1597594265&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=725x182&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268085&bpp=28&bdt=1077&idt=103&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1701126787756&frm=20&pv=2&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12795423402&dssz=30&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oLpPJtYM1J&p=https%3A//preparingwindows.com&dtd=121
Frame ID: FA30388C359B2FF504A8AD3B1EAF9803
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=250&slotname=2225547471&adk=2014797528&adf=1025994965&w=300&lmt=1597594265&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268113&bpp=3&bdt=1105&idt=104&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=188620647082&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=1189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wf9Rwy9XOO&p=https%3A//preparingwindows.com&dtd=112
Frame ID: 3A650F2D99406621F416537FDF7820C4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3wcZRXUxU6s?feature=oembed
Frame ID: C922B6D3B39851EA1670503C8AE2372E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=182&slotname=7530496036&adk=4155893430&adf=3003260713&w=725&fwrn=4&lmt=1597594265&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=725x182&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268119&bpp=1&bdt=1111&idt=140&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=3017930353322&dssz=37&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=v7uWKEpfjU&p=https%3A//preparingwindows.com&dtd=176
Frame ID: 446EC882FA0AF8E3C4333866E591D18D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=600&slotname=5021556611&adk=355039727&adf=2469378922&w=195&fwrn=4&fwrnh=100&lmt=1597594265&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=195x600&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1597594268301&bpp=2&bdt=1294&idt=2&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12071721413290&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1115&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=16&uci=a!g&fsb=1&xpc=thJpxU6koG&p=https%3A//preparingwindows.com&dtd=5
Frame ID: D808F846A1506FF49FB344373B0E73BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=250&slotname=2225547471&adk=235450482&adf=4127339422&w=300&lmt=1597594265&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268121&bpp=1&bdt=1114&idt=190&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182%2C195x600&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12071721413290&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=3504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HwMYQA1f7K&p=https%3A//preparingwindows.com&dtd=195
Frame ID: B33D16734E02C3E72FD2625D12C4DA41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&adk=1812271804&adf=3025194257&lmt=1597594265&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpreparingwindows.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597594268322&bpp=1&bdt=1314&idt=1&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182%2C195x600%2C300x250&nras=1&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=48286885653160&dssz=42&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=16&uci=a!g&fsb=1&dtd=9
Frame ID: 17518DAEE99BD9FE3874981D6ED45D1E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: D5CE9BAF201BCA92802E51F283661FA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

37
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

8
IPs

2
Countries

400 kB
Transfer

994 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://en.wikipedia.org/wiki/Internet_fax
Title: online faxing service

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Fax
Title: fax

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/RingCentral
Title: RingCentralFax app

Search URL Search Domain Scan URL

URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-files/windows10upgrade-folder/77ae4742-0f58-4598-a28b-2302280ef21c?page=2
Title: microsoft community

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Dell-TOUCHSCREEN-i7-7700HQ-Certified-Refurbished/dp/B06Y3VKHT4

Search URL Search Domain Scan URL

URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/tls-security-setting/b46d09c0-199c-4822-8bd5-25b09b417e13
Title: Microsoft Community

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
preparingwindows.com/ 286 KB
61 KB 940ms
890ms Document
text/html 2606:4700:3033::681f:474e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preparingwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:474e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 812bbdb9578c0644293198cffb11c44e5fff78a62c66aa33760ee61654f37af7

Request headers

:method: GET
:authority: preparingwindows.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 16 Aug 2020 16:11:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df85c0195fb23de7784304723986ac7991597594266; expires=Tue, 15-Sep-20 16:11:06 GMT; path=/; domain=.preparingwindows.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/5.6.40
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
last-modified: Sun, 16 Aug 2020 16:11:05 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 0499a302040000d705c62c7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c3c6de33da7d705-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 17 KB
819 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3bf664489772d1de38d984889499e3096343affd99d5b2df8381f2e57a80332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 Aug 2020 16:11:07 GMT
server: ESF
date: Sun, 16 Aug 2020 16:11:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Aug 2020 16:11:07 GMT

GET
H2 200 jquery.js Show response
preparingwindows.com/wp-includes/js/jquery/ 95 KB
32 KB 830ms
830ms Script
application/javascript 2606:4700:3033::681f:474e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preparingwindows.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: preparingwindows.com
URL: https://preparingwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:474e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 12 Apr 2020 08:25:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5c3c6de9cf76d705-FRA
cf-request-id: 0499a3061e0000d705c6315200000001
expires: Sun, 23 Aug 2020 16:11:07 GMT

GET
H2 200 autoptimize_af1b254bee4c7dd1b0c2630da0e72300.js Show response
preparingwindows.com/wp-content/cache/autoptimize/js/ 22 KB
7 KB 708ms
707ms Script
application/javascript 2606:4700:3033::681f:474e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preparingwindows.com/wp-content/cache/autoptimize/js/autoptimize_af1b254bee4c7dd1b0c2630da0e72300.js
Requested by: Host: preparingwindows.com
URL: https://preparingwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:474e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fe0de850baaa53fe32337e19f9f8feaa2a458411af4d70e44e2955839b96d59

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 16 Aug 2020 10:26:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=30672000, immutable
x-turbo-charged-by: LiteSpeed
cf-ray: 5c3c6de9cf77d705-FRA
cf-request-id: 0499a3061e0000d705c6316200000001
expires: Fri, 06 Aug 2021 16:11:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 124 KB
44 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3ec2cd8be237a81965e17c0bbc842514d45b0b491cc22316bf60904e93d82e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44552
x-xss-protection: 0
server: cafe
etag: 5282756978700322978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Aug 2020 16:11:07 GMT

GET
H2 200 How-to-Get-a-Fax-Number-630x380.jpg
i1.wp.com/preparingwindows.com/wp-content/uploads/2020/08/ 9 KB
9 KB 164ms
62ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/preparingwindows.com/wp-content/uploads/2020/08/How-to-Get-a-Fax-Number-630x380.jpg?resize=630%2C380&ssl=1

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ae16cfcfb2c4b8f38e408bf684bf51293ee8fefa5a7b22ad9dbeaa17141ea4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 4
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "82f351d3b098e7f3"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://preparingwindows.com/wp-content/uploads/2020/08/How-to-Get-a-Fax-Number-630x380.jpg>; rel="canonical"
content-length: 9412
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 best-fax-app-for-iPhone-630x380.jpg
i2.wp.com/preparingwindows.com/wp-content/uploads/2020/08/ 5 KB
6 KB 214ms
103ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/preparingwindows.com/wp-content/uploads/2020/08/best-fax-app-for-iPhone-630x380.jpg?resize=630%2C380&ssl=1

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1dfe949dc1ef59312945c463f3b28e15eb23125ecb28ae2b2a61bf0719047434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 6
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "54e08d577f64296b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://preparingwindows.com/wp-content/uploads/2020/08/best-fax-app-for-iPhone-630x380.jpg>; rel="canonical"
content-length: 5606
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 How-to-Receive-a-Fax-630x380.jpg
i2.wp.com/preparingwindows.com/wp-content/uploads/2020/08/ 12 KB
12 KB 175ms
78ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/preparingwindows.com/wp-content/uploads/2020/08/How-to-Receive-a-Fax-630x380.jpg?resize=630%2C380&ssl=1

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

46234ed73343da669265d9b3c8d2e3b53685dea7b77d167f54a0ec28f912b8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 6
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "bc946db07b1ba080"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://preparingwindows.com/wp-content/uploads/2020/08/How-to-Receive-a-Fax-630x380.jpg>; rel="canonical"
content-length: 12478
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 Complete-Guide-Send-Fax-From-Phone-630x380.jpg
i2.wp.com/preparingwindows.com/wp-content/uploads/2020/08/ 7 KB
7 KB 175ms
79ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/preparingwindows.com/wp-content/uploads/2020/08/Complete-Guide-Send-Fax-From-Phone-630x380.jpg?resize=630%2C380&ssl=1

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

13a51015a98c592fc3cbb26ba189df0a067291addacba0bc22a1ec7369306ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 6
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "09245685bbc27e97"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://preparingwindows.com/wp-content/uploads/2020/08/Complete-Guide-Send-Fax-From-Phone-630x380.jpg>; rel="canonical"
content-length: 7478
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 email-decode.min.js Show response
preparingwindows.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
841 B 7ms
7ms Script
application/javascript 2606:4700:3033::681f:474e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preparingwindows.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:474e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:07 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 12 Aug 2020 15:28:25 GMT
server: cloudflare
etag: W/"5f340a99-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5c3c6dee3c34d705-FRA
cf-request-id: 0499a308e30000d705c6354200000001
expires: Tue, 18 Aug 2020 16:11:07 GMT

GET
H2 200 How-to-delete-Windows-10-Upgrade-Folder.jpg
i0.wp.com/preparingwindows.com/wp-content/uploads/2019/11/ 25 KB
25 KB 170ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/preparingwindows.com/wp-content/uploads/2019/11/How-to-delete-Windows-10-Upgrade-Folder.jpg?resize=423%2C503

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

13dea0c115e2cdf8681f0b9b2885878ca06158ebf0284f5dab318dac3f00d988

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 2
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "6f547777a4cb7e9a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <http://preparingwindows.com/wp-content/uploads/2019/11/How-to-delete-Windows-10-Upgrade-Folder.jpg>; rel="canonical"
content-length: 25628
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 Best-Laptops-for-Nursing-Students-Dell-XPS-15-9560-REVIEW.jpg
i1.wp.com/preparingwindows.com/wp-content/uploads/2019/10/ 26 KB
26 KB 116ms
90ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/preparingwindows.com/wp-content/uploads/2019/10/Best-Laptops-for-Nursing-Students-Dell-XPS-15-9560-REVIEW.jpg?w=1208&ssl=1

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

08e0e6f6b3f376b6c03cc4e859aeb90e745a82325a7420bebf96e0366bcff183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 3
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "e6941aefc0d9ef5f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://preparingwindows.com/wp-content/uploads/2019/10/Best-Laptops-for-Nursing-Students-Dell-XPS-15-9560-REVIEW.jpg>; rel="canonical"
content-length: 26174
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 buy-now-amazon-button.png
i2.wp.com/preparingwindows.com/wp-content/uploads/2019/10/ 9 KB
9 KB 188ms
92ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/preparingwindows.com/wp-content/uploads/2019/10/buy-now-amazon-button.png?resize=380%2C262

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

eb5788bc45b5d0ec61925ebcf29dac2473915e267d1c3b7993feca2d176b5598

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 8
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:49 GMT
server: nginx
etag: "c4785b53c0dda446"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <http://preparingwindows.com/wp-content/uploads/2019/10/buy-now-amazon-button.png>; rel="canonical"
content-length: 9458
expires: Wed, 17 Aug 2022 00:40:49 GMT

GET
H2 200 TLS-security-settings.jpg
i2.wp.com/preparingwindows.com/wp-content/uploads/2019/10/ 8 KB
8 KB 157ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/preparingwindows.com/wp-content/uploads/2019/10/TLS-security-settings.jpg?resize=550%2C377

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

57ddf5f2118c95f78c8d9c25bc8af018ddd1c775848a8aee579ee62083f31937

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS fra 5
date: Sun, 16 Aug 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Aug 2020 12:40:48 GMT
server: nginx
etag: "10b52f046914430e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <http://preparingwindows.com/wp-content/uploads/2019/10/TLS-security-settings.jpg>; rel="canonical"
content-length: 8288
expires: Wed, 17 Aug 2022 00:40:48 GMT

GET
H2 200 e-202033.js Show response
stats.wp.com/ 9 KB
3 KB 161ms
54ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202033.js
Requested by: Host: preparingwindows.com
URL: https://preparingwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:08 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 08 Aug 2021 14:13:18 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v11/ 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v11/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://preparingwindows.com
Referer: https://fonts.googleapis.com/css?family=Exo:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:07:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:06:03 GMT
server: sffe
age: 327839
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20220
x-xss-protection: 0
expires: Thu, 12 Aug 2021 21:07:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=preparingwindows.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 Aug 2020 16:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 26ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=preparingwindows.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 Aug 2020 16:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/2+Q/46 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/ 224 KB
85 KB 48ms
35ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2157177c0f88c0ed5fd3b39d2ea42b21e73bf6e32b597704cb4d46ecf7e8c828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85957
x-xss-protection: 0
server: cafe
etag: 1127264767404182965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Aug 2020 16:11:08 GMT

GET
H2 200 generatepress.woff2
preparingwindows.com/wp-content/themes/generatepress/fonts/ 1 KB
1 KB 658ms
657ms Font
font/woff2 2606:4700:3033::681f:474e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preparingwindows.com/wp-content/themes/generatepress/fonts/generatepress.woff2
Requested by: Host: preparingwindows.com
URL: https://preparingwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:474e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://preparingwindows.com
Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:08 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Aug 2020 13:33:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5c3c6def9fc2d705-FRA
content-length: 1264
cf-request-id: 0499a309bb0000d705c6365200000001

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/ Frame 2C37 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200810/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 10 Aug 2020 23:54:36 GMT
expires: Mon, 24 Aug 2020 23:54:36 GMT
content-type: text/html; charset=UTF-8
etag: 1003971328536524430
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 490592
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7D1 0
0 39ms
38ms Document
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/gen_204?id=rmvasftr&type=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
date: Sun, 16 Aug 2020 16:11:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 GwumYA50mPk
www.youtube.com/embed/ Frame A83D 0
0 115ms
102ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GwumYA50mPk?feature=oembed

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/GwumYA50mPk?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
cache-control: no-cache
strict-transport-security: max-age=31536000
content-length: 11304
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=2mdR90FrJHo; path=/; domain=.youtube.com; secure; expires=Fri, 12-Feb-2021 16:11:08 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 16-Aug-2020 16:41:08 GMT YSC=RDRD37JPV_I; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=2mdR90FrJHo; path=/; domain=.youtube.com; secure; expires=Fri, 12-Feb-2021 16:11:08 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tS_k61BA7TI
www.youtube.com/embed/ Frame DF9C 0
0 111ms
109ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/tS_k61BA7TI?feature=oembed

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/tS_k61BA7TI?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
cache-control: no-cache
strict-transport-security: max-age=31536000
content-length: 11257
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Sun, 16 Aug 2020 16:11:08 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Lkb-DwFKGWk; path=/; domain=.youtube.com; secure; expires=Fri, 12-Feb-2021 16:11:08 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 16-Aug-2020 16:41:08 GMT YSC=vSRbXkoaRmQ; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=Lkb-DwFKGWk; path=/; domain=.youtube.com; secure; expires=Fri, 12-Feb-2021 16:11:08 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame FA30 0
0 429ms
428ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=182&slotname=7530496036&adk=4065539060&adf=1430298841&w=725&fwrn=4&lmt=1597594265&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=725x182&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268085&bpp=28&bdt=1077&idt=103&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1701126787756&frm=20&pv=2&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12795423402&dssz=30&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oLpPJtYM1J&p=https%3A//preparingwindows.com&dtd=121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3063024087026929&output=html&h=182&slotname=7530496036&adk=4065539060&adf=1430298841&w=725&fwrn=4&lmt=1597594265&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=725x182&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268085&bpp=28&bdt=1077&idt=103&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1701126787756&frm=20&pv=2&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12795423402&dssz=30&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oLpPJtYM1J&p=https%3A//preparingwindows.com&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: cafe
content-length: 21828
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-Aug-2020 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c2e8cc6bb34d90c88a96d20554236a69f0e8f82fd2c3d311eca6e604615a363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597280563698695"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Sun, 16 Aug 2020 16:11:08 GMT

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3A65 0
0 542ms
540ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=250&slotname=2225547471&adk=2014797528&adf=1025994965&w=300&lmt=1597594265&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268113&bpp=3&bdt=1105&idt=104&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=188620647082&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=1189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wf9Rwy9XOO&p=https%3A//preparingwindows.com&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3063024087026929&output=html&h=250&slotname=2225547471&adk=2014797528&adf=1025994965&w=300&lmt=1597594265&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268113&bpp=3&bdt=1105&idt=104&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=188620647082&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=1189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wf9Rwy9XOO&p=https%3A//preparingwindows.com&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: cafe
content-length: 14223
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-Aug-2020 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: private

GET
H2 200 3wcZRXUxU6s
www.youtube.com/embed/ Frame C922 0
0 159ms
159ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3wcZRXUxU6s?feature=oembed

Requested by

Host: preparingwindows.com
URL: https://preparingwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/3wcZRXUxU6s?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
content-length: 10721
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Sun, 16 Aug 2020 16:11:08 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=FKSMibtKB9E; path=/; domain=.youtube.com; secure; expires=Fri, 12-Feb-2021 16:11:08 GMT; httponly; samesite=None YSC=MUphDhkqChk; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=FKSMibtKB9E; path=/; domain=.youtube.com; secure; expires=Fri, 12-Feb-2021 16:11:08 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 16-Aug-2020 16:41:08 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame 446E 0
0 526ms
526ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=182&slotname=7530496036&adk=4155893430&adf=3003260713&w=725&fwrn=4&lmt=1597594265&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=725x182&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268119&bpp=1&bdt=1111&idt=140&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=3017930353322&dssz=37&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=v7uWKEpfjU&p=https%3A//preparingwindows.com&dtd=176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3063024087026929&output=html&h=182&slotname=7530496036&adk=4155893430&adf=3003260713&w=725&fwrn=4&lmt=1597594265&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=725x182&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268119&bpp=1&bdt=1111&idt=140&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=3017930353322&dssz=37&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=2901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=v7uWKEpfjU&p=https%3A//preparingwindows.com&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: cafe
content-length: 21191
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-Aug-2020 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: private

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame D808 0
0 507ms
507ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=600&slotname=5021556611&adk=355039727&adf=2469378922&w=195&fwrn=4&fwrnh=100&lmt=1597594265&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=195x600&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1597594268301&bpp=2&bdt=1294&idt=2&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12071721413290&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1115&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=16&uci=a!g&fsb=1&xpc=thJpxU6koG&p=https%3A//preparingwindows.com&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3063024087026929&output=html&h=600&slotname=5021556611&adk=355039727&adf=2469378922&w=195&fwrn=4&fwrnh=100&lmt=1597594265&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=195x600&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1597594268301&bpp=2&bdt=1294&idt=2&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12071721413290&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1115&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=16&uci=a!g&fsb=1&xpc=thJpxU6koG&p=https%3A//preparingwindows.com&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: cafe
content-length: 19643
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-Aug-2020 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: private

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame B33D 0
0 338ms
337ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&h=250&slotname=2225547471&adk=235450482&adf=4127339422&w=300&lmt=1597594265&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268121&bpp=1&bdt=1114&idt=190&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182%2C195x600&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12071721413290&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=3504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HwMYQA1f7K&p=https%3A//preparingwindows.com&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3063024087026929&output=html&h=250&slotname=2225547471&adk=235450482&adf=4127339422&w=300&lmt=1597594265&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fpreparingwindows.com%2F&flash=0&wgl=1&adsid=NT&dt=1597594268121&bpp=1&bdt=1114&idt=190&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182%2C195x600&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=12071721413290&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=3504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HwMYQA1f7K&p=https%3A//preparingwindows.com&dtd=195
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: cafe
content-length: 19717
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-Aug-2020 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: private

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1751 0
0 46ms
45ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063024087026929&output=html&adk=1812271804&adf=3025194257&lmt=1597594265&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpreparingwindows.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597594268322&bpp=1&bdt=1314&idt=1&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182%2C195x600%2C300x250&nras=1&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=48286885653160&dssz=42&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=16&uci=a!g&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3063024087026929&output=html&adk=1812271804&adf=3025194257&lmt=1597594265&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpreparingwindows.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597594268322&bpp=1&bdt=1314&idt=1&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=725x182%2C300x250%2C725x182%2C195x600%2C300x250&nras=1&correlator=1701126787756&frm=20&pv=1&ga_vid=1894923587.1597594268&ga_sid=1597594268&ga_hid=999433233&ga_fc=0&iag=0&icsg=48286885653160&dssz=42&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C21066922%2C21066921%2C21066806&oid=3&pvsid=4217615143564906&pem=465&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=16&uci=a!g&fsb=1&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 Aug 2020 16:11:08 GMT
server: cafe
content-length: 708
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-Aug-2020 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: private

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 56ms
54ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.8.1&blog=181499328&post=0&tz=0&srv=preparingwindows.com&host=preparingwindows.com&ref=&fcp=2011&rand=0.7403758151907898
Requested by: Host: preparingwindows.com
URL: https://preparingwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 16 Aug 2020 16:11:08 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 69ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200810&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9514deca19022bef8c2ecad87eb9fb5e0d65748ea393686215a28cd7c329bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 Aug 2020 16:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6231
x-xss-protection: 0

GET
H/2+Q/46 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 16 Aug 2020 16:11:09 GMT

GET
H/2+Q/46 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame D5CE 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://preparingwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://preparingwindows.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sun, 16 Aug 2020 15:34:10 GMT
expires: Mon, 16 Aug 2021 15:34:10 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2219
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
174 B 40ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200810&jk=4217615143564906&bg=!9Pel9-9YnCYe6ynmudECAAAATVIAAAAMmQGrktUBpfaaqGEhYJYlPMdhcf8t3zYliJvBwr0Vt6qEaQh1nSL7iCzc-F_nrHClNJz50Y0VpPTgWnE43WH8_1JdiBkJqe4A33tFcg22y-fmkSPGJbgeOfOp2I9EnR69LoeghgFG2gvrnf5zMxN9o9Dk50vGye6UfseCn147cQCK7w5bo05vmzEwIK58jk-Dk_-zq59dkuqUEb_jHZrtsY3yUpAhnDZ7atoYT29LPetBq0xrfGOHM5d_iO0QM8lWKCto9o0TazMu-vN3TMqu62TE3ci8v2Z-0q9KMZjKxwcGFL-irMGe5YKIUP3NREAvAHnOnWqQLBA176syED2B6UYzlRiCogf92NUpUIvsN8mj-sX9QyNGnAMTPW4GYZPL9MWs-T7dvTCPi5KZSAZRlBcsKHVTof37DaKoMBTSjOKno1jh9p3ASIupog5xr0tDv7e10ekSQN9V7PFnd1848Xm3KjL7OMapXzp-WFwcPutePYJIzdAXzgLQsVD0mtXSGjG6s2V41aepqyEXYVJq91r3Dd8Oh-odPm3lbbxmE6xMsZN2_2c4bJEgbMw7RA

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preparingwindows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Aug 2020 16:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 21:08:10	Name: IDE Value: AHWqTUlnUG5EZo8UrGFayVfH7Ie_G_tZ1CMDxiYYWBlhHzG6-jHFNrBmu5GfZWHx
			.doubleclick.net/	1970-01-19 11:46:37	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://preparingwindows.com/wp-content/cache/autoptimize/js/autoptimize_af1b254bee4c7dd1b0c2630da0e72300.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
pagead2.googlesyndication.com
pixel.wp.com
preparingwindows.com
stats.wp.com
tpc.googlesyndication.com
www.googletagservices.com
www.youtube.com
192.0.76.3
192.0.77.2
2606:4700:3033::681f:474e
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:819::200a
2a00:1450:4001:825::2001
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08e0e6f6b3f376b6c03cc4e859aeb90e745a82325a7420bebf96e0366bcff183
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
13a51015a98c592fc3cbb26ba189df0a067291addacba0bc22a1ec7369306ccc
13dea0c115e2cdf8681f0b9b2885878ca06158ebf0284f5dab318dac3f00d988
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dfe949dc1ef59312945c463f3b28e15eb23125ecb28ae2b2a61bf0719047434
2157177c0f88c0ed5fd3b39d2ea42b21e73bf6e32b597704cb4d46ecf7e8c828
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2fe0de850baaa53fe32337e19f9f8feaa2a458411af4d70e44e2955839b96d59
46234ed73343da669265d9b3c8d2e3b53685dea7b77d167f54a0ec28f912b8f2
57ddf5f2118c95f78c8d9c25bc8af018ddd1c775848a8aee579ee62083f31937
6c2e8cc6bb34d90c88a96d20554236a69f0e8f82fd2c3d311eca6e604615a363
812bbdb9578c0644293198cffb11c44e5fff78a62c66aa33760ee61654f37af7
ae16cfcfb2c4b8f38e408bf684bf51293ee8fefa5a7b22ad9dbeaa17141ea4b8
b3bf664489772d1de38d984889499e3096343affd99d5b2df8381f2e57a80332
c3ec2cd8be237a81965e17c0bbc842514d45b0b491cc22316bf60904e93d82e6
d9514deca19022bef8c2ecad87eb9fb5e0d65748ea393686215a28cd7c329bcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5788bc45b5d0ec61925ebcf29dac2473915e267d1c3b7993feca2d176b5598
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

preparingwindows.com Open in urlscan Pro 2606:4700:3033::681f:474e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

75 %IPv6

10 Domains

15 Subdomains

8 IPs

2 Countries

400 kBTransfer

994 kBSize

2 Cookies

7 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

preparingwindows.com Open in urlscan Pro
2606:4700:3033::681f:474e Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

8
IPs

2
Countries

400 kB
Transfer

994 kB
Size

2
Cookies

37 HTTP transactions
0 data transactions