www.windowsmode.com Open in urlscan Pro
170.39.76.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.windowsmode.com/
Submission Tags: @phishunt_io
Submission: On January 27 via api (January 27th 2021, 4:55:53 am UTC) from ES

Summary HTTP 69 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 69 HTTP transactions. The main IP is 170.39.76.14, located in and belongs to ASN-DIS, US. The main domain is www.windowsmode.com.
TLS certificate: Issued by R3 on January 26th 2021. Valid for: 3 months.

This is the only time www.windowsmode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	170.39.76.14 170.39.76.14	393398 (ASN-DIS) (ASN-DIS)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
69	9

41 170.39.76.14 (None, )

ASN393398 (ASN-DIS, US)
PTR: vps.oxavi.com

www.windowsmode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

windowsmode.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	windowsmode.com www.windowsmode.com	870 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	195 KB
8	doubleclick.net googleads.g.doubleclick.net
3	google.com 1 redirects www.google.com adservice.google.com	2 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	643 B
1	disqus.com windowsmode.disqus.com	2 KB
1	gstatic.com www.gstatic.com	4 KB
69	10

	Domain	Requested by
41	www.windowsmode.com	www.windowsmode.com
9	pagead2.googlesyndication.com	www.windowsmode.com pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	1 redirects www.windowsmode.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.windowsmode.com
1	windowsmode.disqus.com	www.windowsmode.com
1	stats.wp.com	www.windowsmode.com
1	www.gstatic.com	www.windowsmode.com
69	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
windowsmode.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.windowsmode.com/
Frame ID: C3464FFCFCCD0BE6C242C111A6C23204
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/zrt_lookup.html
Frame ID: 5EECB84CAE8625A0F27BEEE4BD494B43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&adk=1812271804&adf=3025194257&lmt=1611723334&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.windowsmode.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611723334117&bpp=13&bdt=502&idt=120&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2789504772838&frm=20&pv=2&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
Frame ID: 56C13DA5598E7F25EFFBA2A0896F2ACF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=90&slotname=2343468968&adk=2760205972&adf=3243898966&pi=t.ma~as.2343468968&w=728&lmt=1611723334&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&wgl=1&dt=1611723334130&bpp=4&bdt=515&idt=130&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=743&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hh5R6tz3e5&p=https%3A//www.windowsmode.com&dtd=135
Frame ID: A8E3F2BBD17C77C7C903E526FCC49E0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=250&slotname=1285538161&adk=1737950153&adf=886586737&pi=t.ma~as.1285538161&w=300&lmt=1611723334&psa=0&format=300x250&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&wgl=1&dt=1611723334134&bpp=1&bdt=519&idt=135&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1151&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TJ5tniBhVb&p=https%3A//www.windowsmode.com&dtd=138
Frame ID: A17C8544DF6C5831B798157AE7921B46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=719996608&adf=1576955139&pi=t.aa~a.3539104017~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=340x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=2&bdt=1050&idt=-M&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1131&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ZSIufbPlPY&p=https%3A//www.windowsmode.com&dtd=19
Frame ID: 1ED8EBCA971FB65A2A59A52E464D9465
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.3883520190~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=340x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=1&bdt=1050&idt=-M&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250%2C340x280&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1131&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S0vO1mVCC8&p=https%3A//www.windowsmode.com&dtd=23
Frame ID: 6A6DB3569FCC616487DD4BAD22E9193D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=1679740226&adf=243410441&pi=t.aa~a.3436676765~rp.1&w=941&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=941x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=1&bdt=1050&idt=1&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250%2C340x280%2C340x280&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=160&ady=3217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=n6o48QkYTD&p=https%3A//www.windowsmode.com&dtd=27
Frame ID: 426BB65CDB4A61E92CAA55FE80E8C09C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/zrt_lookup.html?fsb=1
Frame ID: 69B949E9BD55D1129907B508F215F3A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DB387353EC06E353B4CCDE69A16D4AAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

69
Requests

100 %
HTTPS

56 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

1106 kB
Transfer

1914 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/windowsmodedotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/windowsmode

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.windowsmode.com/ 76 KB
14 KB 2067ms
1744ms Document
text/html 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache / PHP/7.2.31
Resource Hash: 50f4843fe0035522ac71c3e115a2903dc5d7ea4e40cc53d0564d6368e3497341

Request headers

:method: GET
:authority: www.windowsmode.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:31 GMT
server: Apache
x-powered-by: PHP/7.2.31
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.windowsmode.com/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=76kgdjke7recf7bqsla2b82kd7; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14351
content-type: text/html; charset=UTF-8

GET
H2 200 style.min.css
www.windowsmode.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 152ms
150ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 05:15:24 GMT
server: Apache
etag: "c8e9-5b679d8950eae-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 7855

GET
H2 200 dashicons.min.css
www.windowsmode.com/wp-includes/css/ 58 KB
35 KB 273ms
271ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/css/dashicons.min.css?ver=5.6
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 05:15:24 GMT
server: Apache
etag: "e682-5b679d8957826-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 35726

GET
H2 200 frontend.css
www.windowsmode.com/wp-content/plugins/post-views-counter/css/ 289 B
312 B 144ms
142ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.3
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Thu, 05 Nov 2020 13:53:28 GMT
server: Apache
etag: "121-5b35c6ba94a8e-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 201

GET
H2 200 style.min.css
www.windowsmode.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
260 B 148ms
146ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.11
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 08:16:44 GMT
server: Apache
etag: "1b6-5a4ce26cc6ae7-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 208

GET
H2 200 screen.min.css
www.windowsmode.com/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
1 KB 145ms
144ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.11
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: d8faea6e218910bf83cd1e7fe9775b3b75195df3c16a3f4eea74b75f9b881dce

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 08:16:44 GMT
server: Apache
etag: "13b8-5a4ce26cc5377-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 1401

GET
H2 200 main.min.css
www.windowsmode.com/wp-content/themes/hueman/assets/front/css/ 87 KB
17 KB 238ms
236ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.27
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 7f1f520dbdcadcb7baa679aed47569033a2a25a678b8c19a76f7aa1203365cb1

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
etag: "15a32-567a6cac9ad00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 16830

GET
H2 200 font-awesome.min.css
www.windowsmode.com/wp-content/themes/hueman/assets/front/css/ 33 KB
7 KB 148ms
146ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.27
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 990e85d03cb4106a736f23fd9a195eed0fd212725204ad251689868e93e612c1

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
etag: "84a7-567a6cac9ad00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 7436

GET
H2 200 default.min.css
www.windowsmode.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 147ms
145ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.12
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 16:23:03 GMT
server: Apache
etag: "13e4-5ad294d26869f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 2244

GET
H2 200 jetpack.css
www.windowsmode.com/wp-content/plugins/jetpack/css/ 75 KB
14 KB 272ms
270ms Stylesheet
text/css 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.3
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 10:42:56 GMT
server: Apache
etag: "12d1d-5b8d9eb2b480b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 13701

GET
H2 200 jquery.min.js Show response
www.windowsmode.com/wp-includes/js/jquery/ 87 KB
30 KB 361ms
359ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 05:15:23 GMT
server: Apache
etag: "15d98-5b679d88d4e57-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 30916

GET
H2 200 jquery-migrate.min.js Show response
www.windowsmode.com/wp-includes/js/jquery/ 11 KB
4 KB 395ms
393ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:33 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 05:15:23 GMT
server: Apache
etag: "2bd8-5b679d88bd758-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4169

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
46 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e410a40fc31979257a3fd481cce8e163bda4c86759f02170e18450cc37bca021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47275
x-xss-protection: 0
server: cafe
etag: 9768879824619220292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Jan 2021 04:55:34 GMT

GET
H2 200 windowsmodelogo.png
www.windowsmode.com/wp-content/uploads/2015/08/ 24 KB
25 KB 144ms
142ms Image
image/png 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2015/08/windowsmodelogo.png
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 23ed07077f8430713c4c140dff7d699662be1c8de3b51bdff12a6c45c302758e

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Tue, 22 May 2018 11:33:21 GMT
server: Apache
accept-ranges: bytes
etag: "613d-56cc9c90f4240"
content-length: 24893
content-type: image/png

GET
H2 200 thumb-medium-empty.png
www.windowsmode.com/wp-content/themes/hueman/assets/front/img/ 110 B
164 B 143ms
142ms Image
image/png 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/img/thumb-medium-empty.png
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 980cc3f12dc71c2d7edf62a3693a14479627ee7ec8fb4fee26ba51fcbe9244c2

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
accept-ranges: bytes
etag: "6e-567a6cac9ad00"
content-length: 110
content-type: image/png

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

9 KB
4 KB

25ms
6ms

Script
text/javascript

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed12b8f75afb8edd258e8bcbd195c0a2e75ba94b4d87608ab3952e9e03cd0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 16:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 23:41:31 GMT
server: sffe
age: 45364
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3903
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:19:30 GMT

Redirect headers

date: Wed, 27 Jan 2021 04:35:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1224
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Wed, 27 Jan 2021 05:05:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.windowsmode.com/wp-includes/js/ 14 KB
5 KB 144ms
143ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 05:15:24 GMT
server: Apache
etag: "37a6-5b679d88f3a85-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4671

GET
H2 200 comment_count.js Show response
www.windowsmode.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
540 B 141ms
141ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.19
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 10:42:42 GMT
server: Apache
etag: "379-5b8d9ea5af4e6-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 440

GET
H2 200 underscore.min.js Show response
www.windowsmode.com/wp-includes/js/ 16 KB
6 KB 144ms
141ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Sat, 04 Apr 2020 17:47:48 GMT
server: Apache
etag: "3f1a-5a27aa1d970be-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 5705

GET
H2 200 scripts.min.js Show response
www.windowsmode.com/wp-content/themes/hueman/assets/front/js/ 82 KB
24 KB 148ms
146ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.3.27
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 66a800c12ce57eaa0df89dce6a76a8b4ea36b655341cdc3ae358890585a4fda5

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
etag: "149ce-567a6cac9ad00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 24613

GET
H2 200 wp-embed.min.js Show response
www.windowsmode.com/wp-includes/js/ 1 KB
845 B 143ms
141ms Script
application/javascript 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Sat, 04 Apr 2020 17:47:48 GMT
server: Apache
etag: "59a-5a27aa1d9805e-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 769

GET
H2 200 e-202104.js Show response
stats.wp.com/ 9 KB
3 KB 78ms
25ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202104.js
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 16 Jan 2022 22:10:48 GMT

GET
H2 200 fa-solid-900.woff2
www.windowsmode.com/wp-content/themes/hueman/assets/front/webfonts/ 36 KB
36 KB 146ms
146ms Font
application/octet-stream 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 0c1398670a1fabd16ce06d8e7e4f4c113a5e6bb1e89fcbab5cd8ded8cdb95f8d

Request headers

Origin: https://www.windowsmode.com
Referer: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
etag: "8fa4-567a6cac9ad00-gzip"
vary: Accept-Encoding,User-Agent
accept-ranges: bytes
content-length: 36776

GET
H2 200 s-right-s1.png
www.windowsmode.com/wp-content/themes/hueman/assets/front/img/sidebar/ 76 B
122 B 141ms
141ms Image
image/png 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/img/sidebar/s-right-s1.png
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: e80770517ccc4f80563fbf11a0a8ace35fd89a2e276dc090c23b73b16e157fa8

Request headers

Referer: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
accept-ranges: bytes
etag: "4c-567a6cac9ad00"
content-length: 76
content-type: image/png

GET
H2 200 Official-Office-2019-Logo-520x245.jpg
www.windowsmode.com/wp-content/uploads/2019/07/ 14 KB
14 KB 143ms
142ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2019/07/Official-Office-2019-Logo-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: c2d6c2dcce648ab361eaa02acd5bc339283855978c42255c481456a3e89593ec

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sat, 06 Jul 2019 20:41:51 GMT
server: Apache
accept-ranges: bytes
etag: "3801-58d093d95c1c0"
content-length: 14337
content-type: image/jpeg

GET
H2 200 Windows-Server-2019-Official-Logo-520x245.png
www.windowsmode.com/wp-content/uploads/2019/03/ 67 KB
68 KB 144ms
143ms Image
image/png 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2019/03/Windows-Server-2019-Official-Logo-520x245.png
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: a68699364c36af13d23520ceecc099e959688adb088d592da920ae963bb30f9e

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Tue, 12 Mar 2019 21:09:00 GMT
server: Apache
accept-ranges: bytes
etag: "10d07-583ec1916d300"
content-length: 68871
content-type: image/png

GET
H2 200 microsoft-s-new-surface-duo-ad-highlights-the-dual-screen-magic-video-532022-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 9 KB
9 KB 241ms
240ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-s-new-surface-duo-ad-highlights-the-dual-screen-magic-video-532022-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 3d619bcbf3deea7c452f5d9320ada17dcdb180a31e74d4aded9afd140b10a3a4

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Tue, 26 Jan 2021 17:44:05 GMT
server: Apache
accept-ranges: bytes
etag: "240e-5b9d133653c7e"
content-length: 9230
content-type: image/jpeg

GET
H2 200 microsoft-shows-awesome-design-skills-in-new-windows-10-video-532010-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 20 KB
21 KB 242ms
241ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-shows-awesome-design-skills-in-new-windows-10-video-532010-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 14d7867c7e0fed79c3999717e6a76680b4300308799e9112d7e8f3678d6844ab

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Mon, 25 Jan 2021 23:38:00 GMT
server: Apache
accept-ranges: bytes
etag: "5135-5b9c20743b350"
content-length: 20789
content-type: image/jpeg

GET
H2 200 microsoft-edge-can-now-switch-profiles-in-pwas-532012-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 17 KB
17 KB 146ms
145ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-edge-can-now-switch-profiles-in-pwas-532012-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 1a1fd809a3211ae316520a0ce853b6fa8f0e514c80d899e83cf58299a7935b40

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Mon, 25 Jan 2021 20:37:05 GMT
server: Apache
accept-ranges: bytes
etag: "443d-5b9bf80453b57"
content-length: 17469
content-type: image/jpeg

GET
H2 200 microsoft-video-shows-the-surface-pro-7-is-so-much-better-than-a-macbook-pro-532006-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 18 KB
19 KB 241ms
240ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-video-shows-the-surface-pro-7-is-so-much-better-than-a-macbook-pro-532006-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: a37959359388868db92fa93b44605b9a0d63db5d1f2d7a352992c7f536020d39

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sun, 24 Jan 2021 20:29:06 GMT
server: Apache
accept-ranges: bytes
etag: "499b-5b9ab45e72d7e"
content-length: 18843
content-type: image/jpeg

GET
H2 200 fa-brands-400.woff2
www.windowsmode.com/wp-content/themes/hueman/assets/front/webfonts/ 53 KB
53 KB 240ms
240ms Font
application/octet-stream 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: e5124be9d33d058bab6388a40569f746a47d2569752dcc28c68e979d15a15e78

Request headers

Origin: https://www.windowsmode.com
Referer: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
last-modified: Sun, 18 Mar 2018 02:42:28 GMT
server: Apache
etag: "d2a8-567a6cac9ad00-gzip"
vary: Accept-Encoding,User-Agent
accept-ranges: bytes
content-length: 53956

GET
H2 200 microsoft-releases-windows-10-build-21296-531984-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 24 KB
25 KB 234ms
233ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-releases-windows-10-build-21296-531984-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 78d349f03b01441656f2797cfcdb87718e8926978faa77eaf7ea52619d0f5038

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Fri, 22 Jan 2021 05:08:10 GMT
server: Apache
accept-ranges: bytes
etag: "6143-5b9762ca81fd8"
content-length: 24899
content-type: image/jpeg

GET
H2 200 microsoft-announces-exciting-new-features-for-microsoft-edge-88-531986-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 14 KB
14 KB 234ms
233ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-announces-exciting-new-features-for-microsoft-edge-88-531986-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 3c127c1fc5b202035d76080803503d0394bae67d5a58ec01ac2e8935bbe54bfa

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Fri, 22 Jan 2021 02:06:58 GMT
server: Apache
accept-ranges: bytes
etag: "3872-5b973a4a436c2"
content-length: 14450
content-type: image/jpeg

GET
H2 200 microsoft-edge-browser-updated-with-native-theme-support-531987-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 17 KB
17 KB 234ms
233ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/microsoft-edge-browser-updated-with-native-theme-support-531987-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: e3b5a9b160acc67c2e902040254722cb0d500bc129dda72ebb0a5743893a9c6b

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Thu, 21 Jan 2021 23:06:08 GMT
server: Apache
accept-ranges: bytes
etag: "4256-5b9711df53d15"
content-length: 16982
content-type: image/jpeg

GET
H2 200 windows-phones-aren-t-dead-as-windows-10x-keeps-lumia-950-xl-alive-531988-2-520x245.jpg
www.windowsmode.com/wp-content/uploads/2021/01/ 12 KB
12 KB 234ms
234ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2021/01/windows-phones-aren-t-dead-as-windows-10x-keeps-lumia-950-xl-alive-531988-2-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 7a7ec0db7baee08a9e1ff1876c01894ec262f535ef7816a1aafcb230516380d8

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Thu, 21 Jan 2021 20:05:00 GMT
server: Apache
accept-ranges: bytes
etag: "2f11-5b96e962ed17c"
content-length: 12049
content-type: image/jpeg

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:34:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 141674
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Tue, 25 Jan 2022 13:34:20 GMT

GET
H2 200 Cheap-laptops.png
www.windowsmode.com/wp-content/uploads/2019/09/ 127 KB
128 KB 213ms
209ms Image
image/png 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2019/09/Cheap-laptops.png
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 2a0e42e063d3b351d6c8beecae21d9719ead9236f783a78ab27b588a4096c5c0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sun, 08 Sep 2019 20:13:49 GMT
server: Apache
accept-ranges: bytes
etag: "1fd54-592104f2c7940"
content-length: 130388
content-type: image/png

GET
H2 200 Unruly-Heroes-Official-Logo-520x245.jpg
www.windowsmode.com/wp-content/uploads/2019/01/ 27 KB
27 KB 213ms
210ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2019/01/Unruly-Heroes-Official-Logo-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 35092a461e961725094b664c50c07b45f0fac091b58d34e51850edbb83f375ee

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Mon, 28 Jan 2019 17:20:53 GMT
server: Apache
accept-ranges: bytes
etag: "6a20-58087e61aa740"
content-length: 27168
content-type: image/jpeg

GET
H2 200 PixARK-Official-LOgo-520x245.jpg
www.windowsmode.com/wp-content/uploads/2018/04/ 28 KB
28 KB 214ms
211ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2018/04/PixARK-Official-LOgo-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 5eb5d18a866cbdfafe6a30c30e835a79125f605aaaf655e455bc69694878dc2c

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Thu, 12 Apr 2018 06:50:35 GMT
server: Apache
accept-ranges: bytes
etag: "6f5f-569a12c27a4c0"
content-length: 28511
content-type: image/jpeg

GET
H2 200 Final-Fantasy-XV-Game-Official-Logo-520x245.jpg
www.windowsmode.com/wp-content/uploads/2018/07/ 28 KB
29 KB 212ms
210ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2018/07/Final-Fantasy-XV-Game-Official-Logo-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 40f2c05a4d74b6c58aafb9e284547a0f075eef29427f9c92a287f08c163e2f72

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sun, 01 Jul 2018 11:07:20 GMT
server: Apache
accept-ranges: bytes
etag: "7112-56fee15ab4a00"
content-length: 28946
content-type: image/jpeg

GET
H2 200 Boston-Red-Sox-B-Letter-Wallpaper-For-Tablet-520x245.jpg
www.windowsmode.com/wp-content/uploads/2020/03/ 10 KB
10 KB 214ms
212ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2020/03/Boston-Red-Sox-B-Letter-Wallpaper-For-Tablet-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 51e0f9b2e19ab2869e5109fcebd1a81cbeb736c7541a4b8d935126f428f13c58

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Wed, 11 Mar 2020 21:42:34 GMT
server: Apache
accept-ranges: bytes
etag: "28d7-5a09b1d370fb0"
content-length: 10455
content-type: image/jpeg

GET
H2 200 Roblox-official-logo-520x245.jpg
www.windowsmode.com/wp-content/uploads/2020/04/ 60 KB
60 KB 214ms
212ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2020/04/Roblox-official-logo-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 2d1c5da0cd4dbc6a56890901030fc6bd8ce4af94051b5abfb77a22cc922b3251

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Sun, 19 Apr 2020 18:09:02 GMT
server: Apache
accept-ranges: bytes
etag: "eef1-5a3a8ad609ebf"
content-length: 61169
content-type: image/jpeg

GET
H2 200 New-York-Yankees-Vector-HD-520x245.jpg
www.windowsmode.com/wp-content/uploads/2020/03/ 10 KB
10 KB 214ms
212ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2020/03/New-York-Yankees-Vector-HD-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 45b2191a8ef574f08110bec87e1ef635966e1e0287668e706fb39295b0a3acb3

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Tue, 10 Mar 2020 21:07:10 GMT
server: Apache
accept-ranges: bytes
etag: "26b5-5a08680ccf26e"
content-length: 9909
content-type: image/jpeg

GET
H2 200 Shazam-Logo-wallpaper-520x245.jpg
www.windowsmode.com/wp-content/uploads/2019/04/ 24 KB
24 KB 212ms
211ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2019/04/Shazam-Logo-wallpaper-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 0505769243be467407942bcdee97e1129d2f73e25df1d9267c2f049dd3abbfd1

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Thu, 04 Apr 2019 01:35:25 GMT
server: Apache
accept-ranges: bytes
etag: "607a-585aa6260d140"
content-length: 24698
content-type: image/jpeg

GET
H2 200 zenistu-inosuke-nezuko-tanjiro-wallpaper-520x245.jpg
www.windowsmode.com/wp-content/uploads/2019/12/ 54 KB
54 KB 213ms
211ms Image
image/jpeg 170.39.76.14
ASN-DIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowsmode.com/wp-content/uploads/2019/12/zenistu-inosuke-nezuko-tanjiro-wallpaper-520x245.jpg
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.39.76.14 -, , ASN393398 (ASN-DIS, US),
Reverse DNS: vps.oxavi.com
Software: Apache /
Resource Hash: 444f5c977b8ef8735aeeb883ae7928dea8413c2166f14a38228db0323b55b5c7

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
last-modified: Thu, 05 Dec 2019 21:52:12 GMT
server: Apache
accept-ranges: bytes
etag: "d7cc-598fbf1162d73"
content-length: 55244
content-type: image/jpeg

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/ 224 KB
84 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4128bfe983e73d0fbad16a05c02fcf439348ef96badf21b713266dc7eb8cf82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85991
x-xss-protection: 0
server: cafe
etag: 3758934263289044183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jan 2021 04:55:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/ Frame 5EEC 0
0 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210121/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Jan 2021 05:55:04 GMT
expires: Tue, 09 Feb 2021 05:55:04 GMT
content-type: text/html; charset=UTF-8
etag: 1252425945412704235
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 82830
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK count.js Show response
windowsmode.disqus.com/ 1 KB
2 KB 97ms
25ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsmode.disqus.com/count.js

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.19

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 04:55:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1321832
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 08 Jan 2021 01:56:33 GMT
Server: nginx
ETag: "5ff7bbd1-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: O70auFTO4xj8Ki2t6Qc9G9ep4fHtfIpxtF9FeE5lVC5lVrLocvcYRQ==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 26ms
25ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.3&blog=97407220&post=0&tz=0&srv=www.windowsmode.com&host=www.windowsmode.com&ref=&fcp=2507&rand=0.48107104244555776
Requested by: Host: www.windowsmode.com
URL: https://www.windowsmode.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
643 B 110ms
56ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.windowsmode.com&callback=_gfp_s_&client=ca-pub-3242787921940977

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

d2e3922dc7b2f990e3c7d615a32ca1fe9ec8caa9da29f1fa0d7b18b67078b17c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 46ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windowsmode.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 46ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowsmode.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
52 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.windowsmode.com%2F&tn=NAV&id=nav-topbar&cls=nav-container%20group%20desktop-menu%20desktop-sticky%20&ign=false

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 56C1 0
0 342ms
342ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&adk=1812271804&adf=3025194257&lmt=1611723334&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.windowsmode.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611723334117&bpp=13&bdt=502&idt=120&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2789504772838&frm=20&pv=2&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&adk=1812271804&adf=3025194257&lmt=1611723334&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.windowsmode.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611723334117&bpp=13&bdt=502&idt=120&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2789504772838&frm=20&pv=2&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 04:55:34 GMT
server: cafe
content-length: 38795
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 27-Jan-2021 05:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 04:55:34 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Wed, 27 Jan 2021 04:55:34 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A8E3 0
0 319ms
319ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=90&slotname=2343468968&adk=2760205972&adf=3243898966&pi=t.ma~as.2343468968&w=728&lmt=1611723334&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&wgl=1&dt=1611723334130&bpp=4&bdt=515&idt=130&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=743&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hh5R6tz3e5&p=https%3A//www.windowsmode.com&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1402861170764722458/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1402861170764722458/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_kw6apu-4CFaW37QodqxoLdQ&gqi=RvIQYKv0ENvZtwf8qr2wCQ&layout=/sadbundle/%24csp%253Der3%24/1402861170764722458/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=90&slotname=2343468968&adk=2760205972&adf=3243898966&pi=t.ma~as.2343468968&w=728&lmt=1611723334&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&wgl=1&dt=1611723334130&bpp=4&bdt=515&idt=130&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=743&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hh5R6tz3e5&p=https%3A//www.windowsmode.com&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1402861170764722458/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1402861170764722458/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_kw6apu-4CFaW37QodqxoLdQ&gqi=RvIQYKv0ENvZtwf8qr2wCQ&layout=/sadbundle/%24csp%253Der3%24/1402861170764722458/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 04:55:34 GMT
server: cafe
content-length: 30851
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 27-Jan-2021 05:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 04:55:34 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A17C 0
0 302ms
302ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=250&slotname=1285538161&adk=1737950153&adf=886586737&pi=t.ma~as.1285538161&w=300&lmt=1611723334&psa=0&format=300x250&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&wgl=1&dt=1611723334134&bpp=1&bdt=519&idt=135&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1151&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TJ5tniBhVb&p=https%3A//www.windowsmode.com&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5583752985320111665/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5583752985320111665/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN-dxKapu-4CFZam7QodexwE5A&gqi=RvIQYNuuEY2KtweDnZ_gAg&layout=/sadbundle/%24csp%253Der3%24/5583752985320111665/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=250&slotname=1285538161&adk=1737950153&adf=886586737&pi=t.ma~as.1285538161&w=300&lmt=1611723334&psa=0&format=300x250&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&wgl=1&dt=1611723334134&bpp=1&bdt=519&idt=135&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1151&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TJ5tniBhVb&p=https%3A//www.windowsmode.com&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5583752985320111665/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5583752985320111665/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN-dxKapu-4CFZam7QodexwE5A&gqi=RvIQYNuuEY2KtweDnZ_gAg&layout=/sadbundle/%24csp%253Der3%24/5583752985320111665/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 04:55:34 GMT
server: cafe
content-length: 30990
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 27-Jan-2021 05:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 04:55:34 GMT
cache-control: private

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/ 141 KB
51 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82070fcfbfa0cc912ca4f3c7b4fd4097413f6bfdfa47aee051d836afb54eecd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52016
x-xss-protection: 0
server: cafe
etag: 10954603458131147106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jan 2021 04:55:34 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
86 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-3242787921940977

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-3242787921940977&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210119_200449&sat=1611478787587&afm=0&as_count=2&d_count=0&ng_count=0&am_count=3&atf_count=2&mdns=0.081&alldns=0.281&allp=50&fd=(0%2C30%2C9)%2C(1%2C3%2C1)%2C(2%2C0%2C0)&pgh=4201&su=www.windowsmode.com&r=0.1

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1ED8 0
0 542ms
542ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=719996608&adf=1576955139&pi=t.aa~a.3539104017~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=340x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=2&bdt=1050&idt=-M&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1131&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ZSIufbPlPY&p=https%3A//www.windowsmode.com&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLOu3aapu-4CFdHj7QodQkwOLA&gqi=RvIQYMe-KoL8tgeXwZv4Bg&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=719996608&adf=1576955139&pi=t.aa~a.3539104017~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=340x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=2&bdt=1050&idt=-M&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1131&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ZSIufbPlPY&p=https%3A//www.windowsmode.com&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm8QjTh2vk5jixFnaHw227ANvrzw32PNIsX06XbBGYEiUxVHPoD20lfRASL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLOu3aapu-4CFdHj7QodQkwOLA&gqi=RvIQYMe-KoL8tgeXwZv4Bg&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 04:55:35 GMT
server: cafe
content-length: 38340
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6A6D 0
0 887ms
886ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.3883520190~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=340x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=1&bdt=1050&idt=-M&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250%2C340x280&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1131&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S0vO1mVCC8&p=https%3A//www.windowsmode.com&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzQ3aapu-4CFeWB7Qodh6EAQQ&gqi=RvIQYJXnKsrJtwejy7qoBQ&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.3883520190~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=340x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=1&bdt=1050&idt=-M&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250%2C340x280&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1131&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S0vO1mVCC8&p=https%3A//www.windowsmode.com&dtd=23
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm8QjTh2vk5jixFnaHw227ANvrzw32PNIsX06XbBGYEiUxVHPoD20lfRASL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzQ3aapu-4CFeWB7Qodh6EAQQ&gqi=RvIQYJXnKsrJtwejy7qoBQ&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 04:55:35 GMT
server: cafe
content-length: 38540
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 426B 0
0 334ms
334ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=1679740226&adf=243410441&pi=t.aa~a.3436676765~rp.1&w=941&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=941x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=1&bdt=1050&idt=1&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250%2C340x280%2C340x280&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=160&ady=3217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=n6o48QkYTD&p=https%3A//www.windowsmode.com&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLL03aapu-4CFQmD7QodtSUFPQ&gqi=RvIQYLGFK42DtgePiYr4BA&layout=/sadbundle/%24csp%253Der3%24/2991101413295838963/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3242787921940977&output=html&h=280&adk=1679740226&adf=243410441&pi=t.aa~a.3436676765~rp.1&w=941&fwrn=4&fwrnh=100&lmt=1611723334&rafmt=1&to=qs&pwprc=8724689075&psa=0&format=941x280&url=https%3A%2F%2Fwww.windowsmode.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611723334665&bpp=1&bdt=1050&idt=1&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dafd15dfd66e752b2-22d87606ceb90098%3AT%3D1611723334%3ART%3D1611723334%3AS%3DALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg&prev_fmts=0x0%2C728x90%2C300x250%2C340x280%2C340x280&nras=1&correlator=2789504772838&frm=20&pv=1&ga_vid=685032580.1611723334&ga_sid=1611723334&ga_hid=1216246168&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=160&ady=3217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068083%2C21068769%2C21068945&oid=3&pvsid=389962021017857&pem=879&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=n6o48QkYTD&p=https%3A//www.windowsmode.com&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm8QjTh2vk5jixFnaHw227ANvrzw32PNIsX06XbBGYEiUxVHPoD20lfRASL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2991101413295838963/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLL03aapu-4CFQmD7QodtSUFPQ&gqi=RvIQYLGFK42DtgePiYr4BA&layout=/sadbundle/%24csp%253Der3%24/2991101413295838963/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 04:55:35 GMT
server: cafe
content-length: 38622
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-3242787921940977

Requested by

Host: www.windowsmode.com
URL: https://www.windowsmode.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/ Frame 69B9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210121/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm8QjTh2vk5jixFnaHw227ANvrzw32PNIsX06XbBGYEiUxVHPoD20lfRASL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Jan 2021 10:11:31 GMT
expires: Tue, 09 Feb 2021 10:11:31 GMT
content-type: text/html; charset=UTF-8
etag: 1252425945412704235
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
age: 67443
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 33ms
32ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210121&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15ca20f598bfe2fbd3e711338fe9f5f969123c871e2f73d8f4914e6d8a703ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6606
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 27 Jan 2021 04:55:35 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DB38 0
0 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowsmode.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.windowsmode.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 26 Jan 2021 22:32:53 GMT
expires: Wed, 26 Jan 2022 22:32:53 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22962
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
620 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210121&jk=389962021017857&bg=!rK-lr-zNAAXyQKAs8jsAKQB2-DxaRpzjimQdDeoElsWpmUPdjmiTUDE7e6kdH6qBvqO9haFqFmt0AgAAAKZSAAAAHGgBBwoA7GS8ivG6txWMnwBbQFYttBLYxejU09QWEd6_O9biqtnsuOd-9_iM_YyrA_6C-WnlUy_C8NPsbrjyFGJvkc_ciZFRnhixwoXwdS7Y_LDpNQjDIVy4RvoLQNQxmRDtSY9VvF5hF5bnPFHfbIIC9_uxN5TgOb0J66rvOZyCrpKzMoOnwg7gFgWIWPFgaDxmytEfPviSdnw426rVPuabI7yJ41DCzLh7IsT4M-IKwHTWsHh6IW1lcklbaosCD3RsqQWUuq2PhF8qztQUeUvXGasV3i51TaRu4CdsuwCeO1Qd3C5IL-gnbrpJC8nrTXMxmQHtClTGKYMB6hkN8m-60Gs9hnqgKc3GRtMGVyq8vzzGfCmBDu-2dKFec4fz0Jw91pN1G0kdmMMHUQrIwWUB_AfNfrCwnxGl8peP4iROv5j0J1NqgxNyfm8z6brMQaO0svr1FYf4SvYdZrWAx6IlD9uZmXfFsLg-e5zX7b08XiFcKhqC7U_ANgnzZ6rUKWb-4APHAh-E_0xLGE7CMLqHfNSwYaFiBfxCSRMu3ckN66gi4w-LrIYKlPU_J3hcikFDKYuNJ2R1LSniNy87mlZV1vQ4jm3OQ_emP3YTm9U1v-8rB-s1sBzkPPy507hVCZ6aUc6Smqn5E3dy-QGgRcSGNOxq_xq99d4_XUTK9Vv31L9T6e_oD9p4P-qm1GiqzMRo1NPcnIvzHqHCJkfc29RwjzjwaTyYNlVTEX7F5Cy9DITMQp_P2cZWmETCiapTvdcVcXN27Rl1JWgN_oK-UNKSG7sbSIqkLUrcoTQgvu7q5xL0n9-wcJE0gFDW8Up7ndaHCCTvRaJ1GKwKgITDp9llFU_AB164IC6APFgx0G_3fO6wS0Y9fddXoI100VhUFPVcyBU8kEUA_8AHgllNPAGsS0wjJyoI-wHmjIOJZSyQ7C3eeZk1Hbgb14DeQPOzfj3_AROeiIq9_RnpFmRi0K9bKA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowsmode.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 04:55:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 15:42:06	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:03:39	Name: IDE Value: AHWqTUm8QjTh2vk5jixFnaHw227ANvrzw32PNIsX06XbBGYEiUxVHPoD20lfRASL
.windowsmode.com/	1970-01-20 01:03:39	Name: __gads Value: ID=afd15dfd66e752b2-22d87606ceb90098:T=1611723334:RT=1611723334:S=ALNI_MZ8TQO-ZVdfO5gxoQhMXOp1f51Mvg
www.windowsmode.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 76kgdjke7recf7bqsla2b82kd7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.windowsmode.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.windowsmode.com/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.3.27(Line 23) Message: %c NOK => browserDetect::addBrowserClassToBody => TypeError: Cannot read property 'chrome' of undefined background:#ffd5a0;color:#000;display: block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
stats.wp.com
tpc.googlesyndication.com
windowsmode.disqus.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.windowsmode.com
170.39.76.14
192.0.76.3
199.232.196.134
216.58.207.34
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0505769243be467407942bcdee97e1129d2f73e25df1d9267c2f049dd3abbfd1
0c1398670a1fabd16ce06d8e7e4f4c113a5e6bb1e89fcbab5cd8ded8cdb95f8d
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
14d7867c7e0fed79c3999717e6a76680b4300308799e9112d7e8f3678d6844ab
15ca20f598bfe2fbd3e711338fe9f5f969123c871e2f73d8f4914e6d8a703ba9
1a1fd809a3211ae316520a0ce853b6fa8f0e514c80d899e83cf58299a7935b40
23ed07077f8430713c4c140dff7d699662be1c8de3b51bdff12a6c45c302758e
2a0e42e063d3b351d6c8beecae21d9719ead9236f783a78ab27b588a4096c5c0
2d1c5da0cd4dbc6a56890901030fc6bd8ce4af94051b5abfb77a22cc922b3251
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35092a461e961725094b664c50c07b45f0fac091b58d34e51850edbb83f375ee
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3c127c1fc5b202035d76080803503d0394bae67d5a58ec01ac2e8935bbe54bfa
3d619bcbf3deea7c452f5d9320ada17dcdb180a31e74d4aded9afd140b10a3a4
40f2c05a4d74b6c58aafb9e284547a0f075eef29427f9c92a287f08c163e2f72
4128bfe983e73d0fbad16a05c02fcf439348ef96badf21b713266dc7eb8cf82a
444f5c977b8ef8735aeeb883ae7928dea8413c2166f14a38228db0323b55b5c7
45b2191a8ef574f08110bec87e1ef635966e1e0287668e706fb39295b0a3acb3
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b
50f4843fe0035522ac71c3e115a2903dc5d7ea4e40cc53d0564d6368e3497341
51e0f9b2e19ab2869e5109fcebd1a81cbeb736c7541a4b8d935126f428f13c58
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5eb5d18a866cbdfafe6a30c30e835a79125f605aaaf655e455bc69694878dc2c
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66a800c12ce57eaa0df89dce6a76a8b4ea36b655341cdc3ae358890585a4fda5
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
78d349f03b01441656f2797cfcdb87718e8926978faa77eaf7ea52619d0f5038
7a7ec0db7baee08a9e1ff1876c01894ec262f535ef7816a1aafcb230516380d8
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7f1f520dbdcadcb7baa679aed47569033a2a25a678b8c19a76f7aa1203365cb1
82070fcfbfa0cc912ca4f3c7b4fd4097413f6bfdfa47aee051d836afb54eecd6
8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
980cc3f12dc71c2d7edf62a3693a14479627ee7ec8fb4fee26ba51fcbe9244c2
990e85d03cb4106a736f23fd9a195eed0fd212725204ad251689868e93e612c1
a37959359388868db92fa93b44605b9a0d63db5d1f2d7a352992c7f536020d39
a68699364c36af13d23520ceecc099e959688adb088d592da920ae963bb30f9e
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
c2d6c2dcce648ab361eaa02acd5bc339283855978c42255c481456a3e89593ec
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
d2e3922dc7b2f990e3c7d615a32ca1fe9ec8caa9da29f1fa0d7b18b67078b17c
d8faea6e218910bf83cd1e7fe9775b3b75195df3c16a3f4eea74b75f9b881dce
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5a9b160acc67c2e902040254722cb0d500bc129dda72ebb0a5743893a9c6b
e410a40fc31979257a3fd481cce8e163bda4c86759f02170e18450cc37bca021
e5124be9d33d058bab6388a40569f746a47d2569752dcc28c68e979d15a15e78
e80770517ccc4f80563fbf11a0a8ace35fd89a2e276dc090c23b73b16e157fa8
ed12b8f75afb8edd258e8bcbd195c0a2e75ba94b4d87608ab3952e9e03cd0a5b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

www.windowsmode.com Open in urlscan Pro 170.39.76.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

56 %IPv6

10 Domains

13 Subdomains

9 IPs

3 Countries

1106 kBTransfer

1914 kBSize

4 Cookies

2 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.windowsmode.com Open in urlscan Pro
170.39.76.14 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

56 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

1106 kB
Transfer

1914 kB
Size

4
Cookies

69 HTTP transactions
0 data transactions