URL: https://www.microsoftirks.com/
Submission Tags: @phishunt_io
Submission: On January 25 via api from ES

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2a00:1450:4001:814::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.microsoftirks.com.
TLS certificate: Issued by GTS CA 1D2 on January 23rd 2021. Valid for: 3 months.
This is the only time www.microsoftirks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
19 1.bp.blogspot.com www.microsoftirks.com
6 www.blogger.com www.microsoftirks.com
www.blogger.com
apis.google.com
4 resources.blogblog.com www.microsoftirks.com
3 apis.google.com www.microsoftirks.com
apis.google.com
2 i.ibb.co www.microsoftirks.com
2 cdn.windowsreport.com 2 redirects
2 www.microsoftirks.com www.microsoftirks.com
1 www.youtube.com www.microsoftirks.com
1 pagead2.googlesyndication.com www.microsoftirks.com
38 9
Subject Issuer Validity Valid
www.microsoftirks.com
GTS CA 1D2
2021-01-23 -
2021-04-23
3 months crt.sh
*.blogger.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
ibb.co
R3
2020-12-03 -
2021-03-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.microsoftirks.com/
Frame ID: 1594DB2BD0738EA596BC2736C1B52F89
Requests: 36 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OGNqR8lylzk
Frame ID: B94B8026765984B676F85852A049E607
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4332142815866477618&blogName=Why+Does+Microsoft+Do+This%3F&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.microsoftirks.com/search&blogLocale=en&v=2&homepageUrl=https://www.microsoftirks.com/&vt=-7782174516369199868&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Frame ID: F75A9D74FEDC4695F1888AD2F3F604CB
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

38
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

954 kB
Transfer

1569 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://cdn.windowsreport.com/wp-content/uploads/2014/10/user-account-this-PC-windows-10.png HTTP 302
  • https://i.ibb.co/rwVKqny/windowsreport-logo.png
Request Chain 19
  • https://cdn.windowsreport.com/wp-content/uploads/2014/10/change-download-folder-location-pc.png HTTP 302
  • https://i.ibb.co/rwVKqny/windowsreport-logo.png

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.microsoftirks.com/
76 KB
19 KB
Document
General
Full URL
https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a90e4c25ed5453fe586a30c8474160d0b736e3b9ae7589910d65fcf2d6b47d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.microsoftirks.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Mon, 25 Jan 2021 09:34:21 GMT
date
Mon, 25 Jan 2021 09:34:21 GMT
cache-control
private, max-age=0
last-modified
Sat, 23 Jan 2021 11:10:02 GMT
etag
W/"cb98d254a7f94d3d4da33da4e1f9544818a49829d0da231d42e1229e30dcb9c7"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
19323
server
GSE
3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/
36 KB
8 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:59:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 07:10:48 GMT
server
sffe
age
246888
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7982
x-xss-protection
0
expires
Sat, 22 Jan 2022 12:59:33 GMT
plusone.js
apis.google.com/js/
49 KB
19 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f74c5ca18772897763b6463f2b9719ecafe7d4395d261157c1aadfa330a6df76
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CipBrtnJewKAi6U9jZaDJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"bc20ff06304acba70b7f8847e797c480"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-CipBrtnJewKAi6U9jZaDJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 25 Jan 2021 09:34:21 GMT
ToolsPreferences-Windows_8.png
1.bp.blogspot.com/-8DGhzLpRv1o/Xe7CNcLbZJI/AAAAAAAAFGs/ASHjelZnvWMSromqqCnPMpKjHIRRQCirACLcBGAsYHQ/s640/
22 KB
23 KB
Image
General
Full URL
https://1.bp.blogspot.com/-8DGhzLpRv1o/Xe7CNcLbZJI/AAAAAAAAFGs/ASHjelZnvWMSromqqCnPMpKjHIRRQCirACLcBGAsYHQ/s640/ToolsPreferences-Windows_8.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a55978cf4b0cb3a847b6bf3bbcba9aee971bcd914680a9240c128d47b0c9fa91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="ToolsPreferences-Windows_8.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22933
x-xss-protection
0
server
fife
etag
"v146e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 15:12:33 GMT
Preferences-Windows_8.png
1.bp.blogspot.com/-BXbRq3htEhk/Xe7CNVsIhsI/AAAAAAAAFGo/1ExRlc_S1owfcL_GUcteXEF0sQ2qox08gCEwYBhgL/s640/
99 KB
99 KB
Image
General
Full URL
https://1.bp.blogspot.com/-BXbRq3htEhk/Xe7CNVsIhsI/AAAAAAAAFGo/1ExRlc_S1owfcL_GUcteXEF0sQ2qox08gCEwYBhgL/s640/Preferences-Windows_8.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d9b3e126ad3162ba0c43670de3f791eeb13ffa3896d3a6582a3870207c1a62eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Preferences-Windows_8.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101140
x-xss-protection
0
server
fife
etag
"v146d"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 15:12:33 GMT
Set-programme-associations.png
1.bp.blogspot.com/-Sq8DZWUsius/Xe7CNevptcI/AAAAAAAAFGk/wQplptlnhKYYvyqwOC01wB1rpuubUnGeQCEwYBhgL/s640/
42 KB
42 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Sq8DZWUsius/Xe7CNevptcI/AAAAAAAAFGk/wQplptlnhKYYvyqwOC01wB1rpuubUnGeQCEwYBhgL/s640/Set-programme-associations.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fa4dece97c6edadd9d4940cc0abe1e15b2c1dfd19af245c54ff18628d47015fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Set-programme-associations.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42529
x-xss-protection
0
server
fife
etag
"v146c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 21:48:03 GMT
BlockVLC.jpg
1.bp.blogspot.com/-sZmlQWouIX8/Xe7FtdC-0uI/AAAAAAAAFHA/ZVQQ--tNW34A2O5d7IwW_TYJ1Wluh5h4gCLcBGAsYHQ/s640/
28 KB
28 KB
Image
General
Full URL
https://1.bp.blogspot.com/-sZmlQWouIX8/Xe7FtdC-0uI/AAAAAAAAFHA/ZVQQ--tNW34A2O5d7IwW_TYJ1Wluh5h4gCLcBGAsYHQ/s640/BlockVLC.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
918e998f3d37dc25c8519f67ad1dc616690dfceabc183a85b64d19dd5be6cb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="BlockVLC.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28868
x-xss-protection
0
server
fife
etag
"v1471"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 25 Jan 2021 22:24:16 GMT
photoviewerO.jpg
1.bp.blogspot.com/-JYwcUieC_Ls/Xe7SBHnQvAI/AAAAAAAAFHM/HWGaqy3JF0kz9wVn4MyTeIkUo22oEKqDACLcBGAsYHQ/s640/
41 KB
42 KB
Image
General
Full URL
https://1.bp.blogspot.com/-JYwcUieC_Ls/Xe7SBHnQvAI/AAAAAAAAFHM/HWGaqy3JF0kz9wVn4MyTeIkUo22oEKqDACLcBGAsYHQ/s640/photoviewerO.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
49cde1a18214face419c138c00e769ea292f8d6556025b7e5d08ba70d8943a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="photoviewerO.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42363
x-xss-protection
0
server
fife
etag
"v1477"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 25 Jan 2021 22:24:15 GMT
slectPart.jpg
1.bp.blogspot.com/-TuW1qWivuZU/Xe7SBHiJE0I/AAAAAAAAFHY/M44DK1lrLUoXZuQzbaKmGU1be9go3xRvwCEwYBhgL/s640/
40 KB
41 KB
Image
General
Full URL
https://1.bp.blogspot.com/-TuW1qWivuZU/Xe7SBHiJE0I/AAAAAAAAFHY/M44DK1lrLUoXZuQzbaKmGU1be9go3xRvwCEwYBhgL/s640/slectPart.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d1359c564cf445ce173938244f1a1e2ecb3edf1a4dfa34652fcb3d0116a25d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="slectPart.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41433
x-xss-protection
0
server
fife
etag
"v1476"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 15:12:30 GMT
OpenWith.jpg
1.bp.blogspot.com/-mJfIsfY0lEo/Xe7U2yfKy3I/AAAAAAAAFHo/eBHksevU0o0dSnz7cSkWzXsxvHfVlj81gCLcBGAsYHQ/s640/
65 KB
65 KB
Image
General
Full URL
https://1.bp.blogspot.com/-mJfIsfY0lEo/Xe7U2yfKy3I/AAAAAAAAFHo/eBHksevU0o0dSnz7cSkWzXsxvHfVlj81gCLcBGAsYHQ/s640/OpenWith.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6b840038dacb1597f2c60ef86dfe6b4b5746fb8524c0b671d8113e18cd5407ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="OpenWith.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66525
x-xss-protection
0
server
fife
etag
"v147d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 15:12:28 GMT
MoreApps.jpg
1.bp.blogspot.com/-jPXZR_2lcQ8/Xe7U26_ZdzI/AAAAAAAAFHs/EbIPzn1mSs8garf1kH0sAqQbDUedQoYRgCLcBGAsYHQ/s640/
43 KB
43 KB
Image
General
Full URL
https://1.bp.blogspot.com/-jPXZR_2lcQ8/Xe7U26_ZdzI/AAAAAAAAFHs/EbIPzn1mSs8garf1kH0sAqQbDUedQoYRgCLcBGAsYHQ/s640/MoreApps.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7cc3bd121313b4f89f1c3fb88af25ddddea2e0d74c2df175cfb135d575e50e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="MoreApps.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43524
x-xss-protection
0
server
fife
etag
"v147e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 25 Jan 2021 22:24:15 GMT
Select%2Bor%2Bother.jpg
1.bp.blogspot.com/-5Q11aaCBdko/Xe7U2_GbW3I/AAAAAAAAFHw/YpQri8lrGWsbNeMA01PZrFel2VGwyNsBQCEwYBhgL/s640/
40 KB
40 KB
Image
General
Full URL
https://1.bp.blogspot.com/-5Q11aaCBdko/Xe7U2_GbW3I/AAAAAAAAFHw/YpQri8lrGWsbNeMA01PZrFel2VGwyNsBQCEwYBhgL/s640/Select%2Bor%2Bother.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
909769482479f7602dcea839be282c9d118bfe892a56e01e6860386e53d81810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Select or other.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41299
x-xss-protection
0
server
fife
etag
"v147c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 25 Jan 2021 22:24:15 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/
162 B
281 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 23:40:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Jan 2021 19:31:02 GMT
server
sffe
age
554036
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
expires
Mon, 25 Jan 2021 23:40:25 GMT
Clipboard01.jpg
1.bp.blogspot.com/-_2wfB7hod-8/XeUXs54lz8I/AAAAAAAAFE0/_GehB5V0BSASgkRja-bYHSQfznldfZDogCLcBGAsYHQ/s320/
8 KB
8 KB
Image
General
Full URL
https://1.bp.blogspot.com/-_2wfB7hod-8/XeUXs54lz8I/AAAAAAAAFE0/_GehB5V0BSASgkRja-bYHSQfznldfZDogCLcBGAsYHQ/s320/Clipboard01.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
81c9cc62c5e8ac4834fff5d2aa3df065cd8feb43891c1d8ff46f8cd44ca3d3eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Clipboard01.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8200
x-xss-protection
0
server
fife
etag
"v144e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 25 Jan 2021 22:24:15 GMT
Clipboard02.jpg
1.bp.blogspot.com/-3jl-8hLDIMY/XeUZY-1rrUI/AAAAAAAAFFA/gukdNGP03r80Cf_KE3pSxrvSIQ-rpOFWgCLcBGAsYHQ/s320/
14 KB
14 KB
Image
General
Full URL
https://1.bp.blogspot.com/-3jl-8hLDIMY/XeUZY-1rrUI/AAAAAAAAFFA/gukdNGP03r80Cf_KE3pSxrvSIQ-rpOFWgCLcBGAsYHQ/s320/Clipboard02.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1abbbd97b7cfaa3525852d4d143c176177decafdce51eae78f6f212036dd8bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Clipboard02.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14563
x-xss-protection
0
server
fife
etag
"v1451"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Jan 2021 00:44:46 GMT
Clipboard03.jpg
1.bp.blogspot.com/-kFyxdIh_Qmc/XeUaQtGLw1I/AAAAAAAAFFI/f-_oih8EwfQnfCusE5xYP5FMHHldcWjUgCLcBGAsYHQ/s320/
15 KB
15 KB
Image
General
Full URL
https://1.bp.blogspot.com/-kFyxdIh_Qmc/XeUaQtGLw1I/AAAAAAAAFFI/f-_oih8EwfQnfCusE5xYP5FMHHldcWjUgCLcBGAsYHQ/s320/Clipboard03.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98840cdf20dbc46a7f83bf6769e905ab67ded661b78fb8ee6a4a9f96ce38ce39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Clipboard03.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14856
x-xss-protection
0
server
fife
etag
"v1453"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Jan 2021 00:44:46 GMT
Clipboard04.jpg
1.bp.blogspot.com/-GSvhcPNosZ8/XeUb8ZVbJ_I/AAAAAAAAFFU/F4mZ7bJptq48RaR9c-eAb1cYRbsdcBjKACLcBGAsYHQ/s320/
19 KB
19 KB
Image
General
Full URL
https://1.bp.blogspot.com/-GSvhcPNosZ8/XeUb8ZVbJ_I/AAAAAAAAFFU/F4mZ7bJptq48RaR9c-eAb1cYRbsdcBjKACLcBGAsYHQ/s320/Clipboard04.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ea393861012f69ec9e722b4143c907dd50f35493550bf2749d5619b1f1d94da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Clipboard04.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19031
x-xss-protection
0
server
fife
etag
"v1456"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 15:12:14 GMT
Clipboard06.jpg
1.bp.blogspot.com/-djYjTaG2pbQ/XeUdLIa7NzI/AAAAAAAAFFg/Nj3gkpog35kvp3jC02VgJiBqDLlP9K4LQCLcBGAsYHQ/s320/
14 KB
14 KB
Image
General
Full URL
https://1.bp.blogspot.com/-djYjTaG2pbQ/XeUdLIa7NzI/AAAAAAAAFFg/Nj3gkpog35kvp3jC02VgJiBqDLlP9K4LQCLcBGAsYHQ/s320/Clipboard06.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7cdbd5e9b042336222aa3c09c70ee2374f7403bbd768bb9c0f6d9afe078ef92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Clipboard06.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13966
x-xss-protection
0
server
fife
etag
"v1459"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 21:48:03 GMT
Clipboard07.jpg
1.bp.blogspot.com/-jFRuNzcGN0c/XeUdqzUTJnI/AAAAAAAAFFo/W3mHtG-BPvo0Kh2NhELSeQg02aUDG4C2QCLcBGAsYHQ/s320/
16 KB
16 KB
Image
General
Full URL
https://1.bp.blogspot.com/-jFRuNzcGN0c/XeUdqzUTJnI/AAAAAAAAFFo/W3mHtG-BPvo0Kh2NhELSeQg02aUDG4C2QCLcBGAsYHQ/s320/Clipboard07.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9f3f4baf61877eccdb671212eb463627594604f35f30f5eedb54c91ca1a114e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Clipboard07.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16317
x-xss-protection
0
server
fife
etag
"v145b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Jan 2021 00:44:46 GMT
windowsreport-logo.png
i.ibb.co/rwVKqny/
Redirect Chain
  • https://cdn.windowsreport.com/wp-content/uploads/2014/10/user-account-this-PC-windows-10.png
  • https://i.ibb.co/rwVKqny/windowsreport-logo.png
27 KB
27 KB
Image
General
Full URL
https://i.ibb.co/rwVKqny/windowsreport-logo.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
48d4a57564f04064cdfa7a42d1f1fcc7ed205ba5554fd7486a7dd6cc0c7cfe24

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
last-modified
Wed, 07 Oct 2020 06:04:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
27339
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 25 Jan 2021 09:34:21 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,OPTIONS
content-type
text/html
location
https://i.ibb.co/rwVKqny/windowsreport-logo.png
access-control-expose-headers
Content-Length,Content-Range,X-WP-Total,X-WP-TotalPages,Link
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-WP-Nonce
content-length
154
x-request-id
8bf4dcb4513427048c8ed07e1fcbdecf
windowsreport-logo.png
i.ibb.co/rwVKqny/
Redirect Chain
  • https://cdn.windowsreport.com/wp-content/uploads/2014/10/change-download-folder-location-pc.png
  • https://i.ibb.co/rwVKqny/windowsreport-logo.png
27 KB
27 KB
Image
General
Full URL
https://i.ibb.co/rwVKqny/windowsreport-logo.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
48d4a57564f04064cdfa7a42d1f1fcc7ed205ba5554fd7486a7dd6cc0c7cfe24

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
last-modified
Wed, 07 Oct 2020 06:04:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
27339
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 25 Jan 2021 09:34:21 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,OPTIONS
content-type
text/html
location
https://i.ibb.co/rwVKqny/windowsreport-logo.png
access-control-expose-headers
Content-Length,Content-Range,X-WP-Total,X-WP-TotalPages,Link
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-WP-Nonce
content-length
154
x-request-id
bd16bb2260eaf2363c0c35a10020bfc6
downloadsLocation.png
1.bp.blogspot.com/-rPB0DEwyZJY/XdqVk7pwqXI/AAAAAAAAFDc/hnK2J9OYVfEn-OkFeSdB3wfIlYKpQOrnACLcBGAsYHQ/s320/
24 KB
24 KB
Image
General
Full URL
https://1.bp.blogspot.com/-rPB0DEwyZJY/XdqVk7pwqXI/AAAAAAAAFDc/hnK2J9OYVfEn-OkFeSdB3wfIlYKpQOrnACLcBGAsYHQ/s320/downloadsLocation.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4e863986c4db22bad20b793c1dcabb2ba67922395f85685372ebf92a49eaf387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
server
fife
etag
"v1438"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="downloadsLocation.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Tue, 26 Jan 2021 09:34:21 GMT
missingTabAnswer.jpg
1.bp.blogspot.com/-sz2A7EOZhBA/XdqXp57OOyI/AAAAAAAAFDo/XTe93XL1VLMwbhGWCWn49hO_AtTgHWUVgCLcBGAsYHQ/s640/
12 KB
12 KB
Image
General
Full URL
https://1.bp.blogspot.com/-sz2A7EOZhBA/XdqXp57OOyI/AAAAAAAAFDo/XTe93XL1VLMwbhGWCWn49hO_AtTgHWUVgCLcBGAsYHQ/s640/missingTabAnswer.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2ea4d157af22419b337c100ad8159003cc0cad9cb3de4c35bd2438c2281a0b13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="missingTabAnswer.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12305
x-xss-protection
0
server
fife
etag
"v143b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 24 Jan 2021 15:12:03 GMT
favAnswer.jpg
1.bp.blogspot.com/-XU7ajsFOXTg/XdqaT1AWMXI/AAAAAAAAFD0/d_135tU-xw0gBHJPXNgaiFErxuHraO4ygCLcBGAsYHQ/s640/
24 KB
24 KB
Image
General
Full URL
https://1.bp.blogspot.com/-XU7ajsFOXTg/XdqaT1AWMXI/AAAAAAAAFD0/d_135tU-xw0gBHJPXNgaiFErxuHraO4ygCLcBGAsYHQ/s640/favAnswer.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
17ef2dad67a48971344044dfa3d96f7eeb6bc1793b899afb7ba61f3b1a9cf424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
server
fife
etag
"v143e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="favAnswer.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24686
x-xss-protection
0
expires
Tue, 26 Jan 2021 09:34:21 GMT
quickA.jpg
1.bp.blogspot.com/-5MXYh3RuyvM/Xdqi3-yFYUI/AAAAAAAAFEE/MgJUmLWhJVAD3WA_1Gf-zNJCdrr2ac5DgCLcBGAsYHQ/s640/
29 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-5MXYh3RuyvM/Xdqi3-yFYUI/AAAAAAAAFEE/MgJUmLWhJVAD3WA_1Gf-zNJCdrr2ac5DgCLcBGAsYHQ/s640/quickA.jpg
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dbf37492f59d9b9446ccddcfb8d05bca707b6d7d4b3dde20ea9dfefe5e61bee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="quickA.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30144
x-xss-protection
0
server
fife
etag
"v1442"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Jan 2021 00:44:46 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/
475 B
611 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 11:30:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 10:22:55 GMT
server
sffe
age
252209
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Fri, 29 Jan 2021 11:30:52 GMT
cookienotice.js
www.microsoftirks.com/js/
6 KB
2 KB
Script
General
Full URL
https://www.microsoftirks.com/js/cookienotice.js
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 09:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 24 Jan 2021 19:15:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Mon, 01 Feb 2021 09:34:21 GMT
1617771680-widgets.js
www.blogger.com/static/v1/widgets/
142 KB
52 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/1617771680-widgets.js
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ce75791c74defe5000584113aa59e7d12cf564b712fa22a60758339c52d76ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 06:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 21:27:03 GMT
server
sffe
age
183834
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52716
x-xss-protection
0
expires
Sun, 23 Jan 2022 06:30:27 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/
141 KB
49 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e9acf30def310f5d6d2e7f17e5ae9b871a347cfe63ce783b7cdb029a42114a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 18:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 17:30:41 GMT
server
sffe
age
313815
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50336
x-xss-protection
0
expires
Fri, 21 Jan 2022 18:24:06 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/
54 KB
18 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a071f470f9bcff380e9543c38154fda4971df62ac40812e3ffd8a49cce220c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 17:30:41 GMT
server
sffe
age
313807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17839
x-xss-protection
0
expires
Fri, 21 Jan 2022 18:24:14 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
192 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 24 Jan 2021 19:53:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Feb 2021 19:53:46 GMT
OGNqR8lylzk
www.youtube.com/embed/ Frame B94B
0
0
Document
General
Full URL
https://www.youtube.com/embed/OGNqR8lylzk
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/OGNqR8lylzk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.microsoftirks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.microsoftirks.com/

Response headers

content-length
21053
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache
content-encoding
br
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Mon, 25 Jan 2021 09:34:21 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=sF635j_-C1k; path=/; domain=.youtube.com; secure; expires=Sat, 24-Jul-2021 09:34:21 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=sF635j_-C1k; path=/; domain=.youtube.com; secure; expires=Sat, 24-Jul-2021 09:34:21 GMT; httponly; samesite=None YSC=-S2eg11OxEc; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 25-Jan-2021 10:04:21 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/
403 B
530 B
Image
General
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 18:23:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 12:21:25 GMT
server
sffe
age
313839
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
expires
Thu, 28 Jan 2021 18:23:42 GMT
body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/
95 B
195 B
Image
General
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png
Requested by
Host: www.microsoftirks.com
URL: https://www.microsoftirks.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 19:53:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 07:10:48 GMT
server
sffe
age
222041
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Fri, 29 Jan 2021 19:53:40 GMT
share_buttons_20_3.png
www.blogger.com/img/
5 KB
5 KB
Image
General
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 07:18:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 15:19:13 GMT
server
sffe
age
180959
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5080
x-xss-protection
0
expires
Sat, 30 Jan 2021 07:18:22 GMT
navbar.g
www.blogger.com/ Frame F75A
0
0
Document
General
Full URL
https://www.blogger.com/navbar.g?targetBlogID=4332142815866477618&blogName=Why+Does+Microsoft+Do+This%3F&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.microsoftirks.com/search&blogLocale=en&v=2&homepageUrl=https://www.microsoftirks.com/&vt=-7782174516369199868&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/cb=gapi.loaded_0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=4332142815866477618&blogName=Why+Does+Microsoft+Do+This%3F&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.microsoftirks.com/search&blogLocale=en&v=2&homepageUrl=https://www.microsoftirks.com/&vt=-7782174516369199868&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.microsoftirks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.microsoftirks.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Jan 2021 09:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2596
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css/
35 KB
6 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1617771680-widgets.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 24 Jan 2021 01:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Jan 2021 17:14:15 GMT
server
sffe
age
115252
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6541
x-xss-protection
0
expires
Mon, 24 Jan 2022 01:33:29 GMT
3511696064-lbx.js
www.blogger.com/static/v1/jsbin/
376 KB
121 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/3511696064-lbx.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1617771680-widgets.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab193d93282221ba56228eec970538cdc4044ef0b8e0701f2e7339b432114961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.microsoftirks.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 01:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 23:14:57 GMT
server
sffe
age
374645
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123937
x-xss-protection
0
expires
Fri, 21 Jan 2022 01:30:16 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_440142 object| cookieChoices boolean| google_empty_script_included object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: -S2eg11OxEc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: sF635j_-C1k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
apis.google.com
cdn.windowsreport.com
i.ibb.co
pagead2.googlesyndication.com
resources.blogblog.com
www.blogger.com
www.microsoftirks.com
www.youtube.com
136.243.171.217
145.239.131.51
2a00:1450:4001:809::200e
2a00:1450:4001:814::2013
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2009
2a00:1450:4001:81f::2001
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
17ef2dad67a48971344044dfa3d96f7eeb6bc1793b899afb7ba61f3b1a9cf424
1abbbd97b7cfaa3525852d4d143c176177decafdce51eae78f6f212036dd8bd2
2ea4d157af22419b337c100ad8159003cc0cad9cb3de4c35bd2438c2281a0b13
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3a90e4c25ed5453fe586a30c8474160d0b736e3b9ae7589910d65fcf2d6b47d8
3ce75791c74defe5000584113aa59e7d12cf564b712fa22a60758339c52d76ae
48d4a57564f04064cdfa7a42d1f1fcc7ed205ba5554fd7486a7dd6cc0c7cfe24
49cde1a18214face419c138c00e769ea292f8d6556025b7e5d08ba70d8943a90
4e863986c4db22bad20b793c1dcabb2ba67922395f85685372ebf92a49eaf387
52e9acf30def310f5d6d2e7f17e5ae9b871a347cfe63ce783b7cdb029a42114a
6b840038dacb1597f2c60ef86dfe6b4b5746fb8524c0b671d8113e18cd5407ca
7cc3bd121313b4f89f1c3fb88af25ddddea2e0d74c2df175cfb135d575e50e71
7cdbd5e9b042336222aa3c09c70ee2374f7403bbd768bb9c0f6d9afe078ef92d
81c9cc62c5e8ac4834fff5d2aa3df065cd8feb43891c1d8ff46f8cd44ca3d3eb
909769482479f7602dcea839be282c9d118bfe892a56e01e6860386e53d81810
918e998f3d37dc25c8519f67ad1dc616690dfceabc183a85b64d19dd5be6cb13
98840cdf20dbc46a7f83bf6769e905ab67ded661b78fb8ee6a4a9f96ce38ce39
9f3f4baf61877eccdb671212eb463627594604f35f30f5eedb54c91ca1a114e5
a071f470f9bcff380e9543c38154fda4971df62ac40812e3ffd8a49cce220c2c
a55978cf4b0cb3a847b6bf3bbcba9aee971bcd914680a9240c128d47b0c9fa91
ab193d93282221ba56228eec970538cdc4044ef0b8e0701f2e7339b432114961
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d1359c564cf445ce173938244f1a1e2ecb3edf1a4dfa34652fcb3d0116a25d71
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d9b3e126ad3162ba0c43670de3f791eeb13ffa3896d3a6582a3870207c1a62eb
dbf37492f59d9b9446ccddcfb8d05bca707b6d7d4b3dde20ea9dfefe5e61bee8
ea393861012f69ec9e722b4143c907dd50f35493550bf2749d5619b1f1d94da9
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f74c5ca18772897763b6463f2b9719ecafe7d4395d261157c1aadfa330a6df76
fa4dece97c6edadd9d4940cc0abe1e15b2c1dfd19af245c54ff18628d47015fb