urlscan.io logo urlscan.io
SecurityTrails logo

www.windowsobserver.com Open in urlscan Pro
45.132.244.92  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.windowsobserver.com/
Submission Tags: @phishunt_io
Submission: On November 12 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 63 HTTP transactions. The main IP is 45.132.244.92, located in Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is www.windowsobserver.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 11th 2020. Valid for: 3 months.
This is the only time www.windowsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

34    45.132.244.92 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202008124861124469.goodsrv.de
www.windowsobserver.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
4    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
6    2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
34 www.windowsobserver.com www.windowsobserver.com
6 www.clarity.ms www.windowsobserver.com
www.clarity.ms
4 maps.googleapis.com www.windowsobserver.com
maps.googleapis.com
4 pagead2.googlesyndication.com www.windowsobserver.com
pagead2.googlesyndication.com
3 fonts.gstatic.com www.windowsobserver.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.windowsobserver.com
1 cdnjs.cloudflare.com www.windowsobserver.com
63 14

This site contains links to these domains. Also see Links.

Domain
srtn.us
www.wordpress.org
Subject Issuer Validity Valid
www.windowsobserver.com
Let's Encrypt Authority X3		 2020-11-11 -
2021-02-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
www.clarity.ms
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-09-03		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.windowsobserver.com/
Frame ID: B3FEB67C06CD95CB4B595C9588C262BC
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201110/r20190131/zrt_lookup.html
Frame ID: 554187081B34A72D8163CD6FF1B8CBCA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3490558503143165&output=html&adk=1812271804&adf=3025194257&lmt=1605183069&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.windowsobserver.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605183069163&bpp=11&bdt=202&idt=98&shv=r20201110&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2543461874009&frm=20&pv=2&ga_vid=2086763237.1605183069&ga_sid=1605183069&ga_hid=265153216&ga_fc=0&iag=0&icsg=2364715007&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3166330945339678&pem=23&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=119
Frame ID: A8E0749368FB771788A6049B4CF5E5FA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C399C7F1929644E008683E256FF685F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

63
Requests

100 %
HTTPS

86 %
IPv6

13
Domains

14
Subdomains

15
IPs

2
Countries

1320 kB
Transfer

3623 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.windowsobserver.com/ 		176 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed / PHP/7.4.12
Resource Hash
58308b1db0ac4d15ebfcfd52cf2ab639be18cdd33648c068b3ca945cc0937b7c

Request headers

:method
GET
:authority
www.windowsobserver.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.12
link
<https://www.windowsobserver.com/wp-json/>; rel="https://api.w.org/", <https://srtn.us/122a>; rel=shortlink, </wp-content/litespeed/cssjs/c01bb.css?8b7e3>; rel=preload; as=style,</wp-content/litespeed/cssjs/285bb.js?d1482>; rel=preload; as=script,</wp-content/litespeed/cssjs/6827a.js?3a79e>; rel=preload; as=script,</wp-content/litespeed/cssjs/175e7.js?9e883>; rel=preload; as=script,</wp-content/litespeed/cssjs/3cb72.js?c19de>; rel=preload; as=script,</wp-content/litespeed/cssjs/6c96b.js?81481>; rel=preload; as=script,</wp-content/litespeed/cssjs/fefe1.js?52da4>; rel=preload; as=script,</wp-content/litespeed/cssjs/00585.js?4098c>; rel=preload; as=script,</wp-content/litespeed/cssjs/c839d.js?c3e5e>; rel=preload; as=script,</wp-content/litespeed/cssjs/8dd37.js?8510a>; rel=preload; as=script,</wp-content/litespeed/cssjs/45803.js?d16eb>; rel=preload; as=script,</wp-content/litespeed/cssjs/ac7f1.js?83a33>; rel=preload; as=script
etag
"895158-1605176610;gz"
x-qc-cache
hit
content-encoding
gzip
vary
Accept-Encoding
content-length
25782
date
Thu, 12 Nov 2020 12:11:08 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-28=":443"; ma=2592000, h3-29=":443"; ma=2592000
c01bb.css
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		1 MB
151 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
bde727620681755b5c5198388780769c525a0079fac74d8b52bb471b457a2e52

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:11 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
expires
Thu, 19 Nov 2020 12:11:09 GMT
285bb.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/285bb.js?d1482
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
fe1878845661a3c5dee6e58f59377f134a8d53d03938f0c7d67819a4eb7d7774

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:54 GMT
server
LiteSpeed
etag
"906776-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
2713
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
6827a.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		833 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/6827a.js?3a79e
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
edfa6a3e64896b953252b6f540c43170ff720ffad066d7357f5c087ca5e53f75

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:54 GMT
server
LiteSpeed
etag
"906779-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
362
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
175e7.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		3 KB
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/175e7.js?9e883
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
2ff362e562f5dc4ba5367961cadd82a155ef2b2fb53d0745fdd81485b2312fc8

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:54 GMT
server
LiteSpeed
etag
"906774-1605182968;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
626
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
3cb72.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/3cb72.js?c19de
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
f81a4a9211214d226d5a01b81b8956b91089eb622ab70572dcf54e6b707521a8

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:54 GMT
server
LiteSpeed
etag
"906775-1605182968;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
7810
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
6c96b.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		518 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/6c96b.js?81481
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
fe09fd7ad767f6f6b0c7e517d363946d988143e44705f29c623ce8efa03c51d2

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
etag
"906780-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
152765
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
fefe1.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		914 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/fefe1.js?52da4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
aca4deebc5c475c9c90c7884f4c9d5db919b6c0fa18e2db8dfe2b444fd555c17

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
etag
"906777-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
414
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
00585.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		1 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/00585.js?4098c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
010e692af2ed738681a0c3782a8e15e1e1c01de5b93f3000d6eebdf5cfb2a2ac

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
etag
"906781-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
716
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
c839d.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		157 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c839d.js?c3e5e
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
430d5d59157ab0cbffcda296811cd33e21ded3bb342d749489bc5c5a93970d95

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:10 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
expires
Thu, 19 Nov 2020 12:11:09 GMT
8dd37.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		1 KB
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/8dd37.js?8510a
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
9d459ae244f8c4c36a9b1d6682a47711033204a3322b07171402af901d30f8ed

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:11 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
expires
Thu, 19 Nov 2020 12:11:09 GMT
45803.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		909 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/45803.js?d16eb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
0dafe41811a02ec41cf949a4f6df396d36a6b6f3f576bbdc32c296ff45e647bc

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:11 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
expires
Thu, 19 Nov 2020 12:11:09 GMT
ac7f1.js
www.windowsobserver.com/wp-content/litespeed/cssjs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/litespeed/cssjs/ac7f1.js?83a33
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
aefc4c20a5b7c02c881634341f6e1dcceb24cdbe63da122876f2dd783d3cfd62

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 18:44:55 GMT
server
LiteSpeed
etag
"906783-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
2280
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:28 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
728867
x-via
cfworker/kv
status
200
content-length
30360
cf-request-id
063285510c000005c8c4003000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FoqClQxCIrdB%2B2vIj2zpAgmZjCFqaH24wXK7z1%2BFiLUlKHxNwiZVJXWyAqCC7mMyaa0ETeqqKyl3nJi0MRdU%2BadVSN3P5ziEXairVpBfhRtAk6AillkMuqmMIsGnkLa2Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f1027652e33c2c7-FRA
expires
Tue, 02 Nov 2021 12:11:08 GMT
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117605461-1
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
531a7fad64292dd7eefd738f081bc22a09540487fb3b9dd93262eb74e6b3ff7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38324
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Nov 2020 12:11:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc66320adb9b1a19a4a8408a2a27e99df9849cb79cd496b3c000eb149123b25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45507
x-xss-protection
0
server
cafe
etag
12263823122649076092
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Nov 2020 12:11:09 GMT
WindowsObserverLogo400x200Feb2019.png
www.windowsobserver.com/wp-content/uploads/2019/02/ 		1 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/02/WindowsObserverLogo400x200Feb2019.png
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
415
date
Thu, 12 Nov 2020 12:11:09 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
content-length
1
x-qc-cache
hit
content-type
image/png
wp-emoji-release.min.js
www.windowsobserver.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
br
last-modified
Wed, 12 Aug 2020 16:07:39 GMT
server
LiteSpeed
etag
"906784-1605182969;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
4603
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:29 GMT
js
maps.googleapis.com/maps/api/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3&key&ver=4.6.6
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
9e84c7521ed0feab807b1f9556ff0ddf20763b2703e6eb20909d6fac106f7eb0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=11
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40279
x-xss-protection
0
expires
Thu, 12 Nov 2020 12:41:09 GMT
3v77lsdjrc
www.clarity.ms/tag/ 		382 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/3v77lsdjrc
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99edb461920133162adf7cdf6b31becdf8d702924b2b9b4d97d69db421ccca54

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:08 GMT
content-encoding
gzip
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache, no-store
x-azure-ref
0XSatXwAAAADD18YuIWreSZ6IlX4zq337RlJBRURHRTEwMDkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
expires
-1
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/ 		231 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
252555acdfff588cc5362679cb32d1c18fa0c576968fc73ce8c9458d11666fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88609
x-xss-protection
0
server
cafe
etag
13545726671071964201
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Nov 2020 12:11:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201110/r20190131/ Frame 5541 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201110/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.windowsobserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.windowsobserver.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 11 Nov 2020 22:12:43 GMT
expires
Wed, 25 Nov 2020 22:12:43 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
50306
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117605461-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3321
date
Thu, 12 Nov 2020 11:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 12 Nov 2020 13:15:48 GMT
clarity.js
www.clarity.ms/cus/s/0.6.0-b21/ 		43 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/s/0.6.0-b21/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3v77lsdjrc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
837a4d4007d27b46d30559f0f82675c139ea9dfc568947a98f874ab80a732c16

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:08 GMT
content-encoding
br
etag
"1d6b7a3404702f2"
last-modified
Tue, 10 Nov 2020 20:51:24 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public,max-age=86400
x-azure-ref
0XSatXwAAAAB3OuqWE6MGR6yXW/8I4H6+RlJBRURHRTEwMDkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
collect
www.google-analytics.com/j/ 		1 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=265153216&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowsobserver.com%2F&ul=en-us&de=UTF-8&dt=WindowsObserver.com%20%7C%20Keeping%20an%20eye%20on%20Windows%20and%20other%20things%20tech.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1358313349&gjid=1519471883&cid=2086763237.1605183069&tid=UA-117605461-1&_gid=329614101.1605183069&_r=1&did=dZTNiMT&gtm=2ouas1&z=677746139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Nov 2020 12:11:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.windowsobserver.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		209 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.windowsobserver.com&callback=_gfp_s_&client=ca-pub-3490558503143165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
b16492bdf70a805c430de93e13fb7dd4d3b765acc9c678c1a42cc558d97163a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.windowsobserver.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.windowsobserver.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A8E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3490558503143165&output=html&adk=1812271804&adf=3025194257&lmt=1605183069&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.windowsobserver.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605183069163&bpp=11&bdt=202&idt=98&shv=r20201110&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2543461874009&frm=20&pv=2&ga_vid=2086763237.1605183069&ga_sid=1605183069&ga_hid=265153216&ga_fc=0&iag=0&icsg=2364715007&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3166330945339678&pem=23&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3490558503143165&output=html&adk=1812271804&adf=3025194257&lmt=1605183069&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.windowsobserver.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605183069163&bpp=11&bdt=202&idt=98&shv=r20201110&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2543461874009&frm=20&pv=2&ga_vid=2086763237.1605183069&ga_sid=1605183069&ga_hid=265153216&ga_fc=0&iag=0&icsg=2364715007&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3166330945339678&pem=23&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.windowsobserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.windowsobserver.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 12 Nov 2020 12:11:09 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 12-Nov-2020 12:26:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Thu, 12 Nov 2020 12:11:09 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28195
x-xss-protection
0
expires
Thu, 12 Nov 2020 12:11:09 GMT
collect
www.clarity.ms/cus/ 		7 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.0-b21/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Thu, 12 Nov 2020 12:11:12 GMT
access-control-allow-origin
*
x-powered-by
ASP.NET
x-azure-ref
0YCatXwAAAADKi6kzpz4nRJtJ4+zv51RERlJBRURHRTEwMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
WindowsObserverLogo400x200Feb2019.png
www.windowsobserver.com/wp-content/uploads/2019/02/ 		1 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/02/WindowsObserverLogo400x200Feb2019.png
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
415
date
Thu, 12 Nov 2020 12:11:13 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
content-length
1
x-qc-cache
hit
content-type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f65fd6ffebae96f470b4effcf5127a69bfe7d41027e1407134231c94db729329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Nov 2020 12:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6547
x-xss-protection
0
surface-book-3-product-shots-1-440x264.jpg
www.windowsobserver.com/wp-content/uploads/2020/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/10/surface-book-3-product-shots-1-440x264.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
70b003c946998e79b99e0a3713a2018567e5b23cc273f701b4df5568624c2046

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Sat, 31 Oct 2020 19:34:39 GMT
server
LiteSpeed
etag
"907006-1605183074;;;"
content-type
image/jpeg
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
21183
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
wip-sixth-anniversary-wallpaper-440x264.jpg
www.windowsobserver.com/wp-content/uploads/2020/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/10/wip-sixth-anniversary-wallpaper-440x264.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
345425cf1476f761ab7a1ac97e7b548fa5a9f74ff2e1a2daed24197d41a21731

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Sat, 31 Oct 2020 14:09:37 GMT
server
LiteSpeed
etag
"907007-1605183074;;;"
content-type
image/jpeg
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
12589
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
windows-10-start-menu-and-desktop-440x264.png
www.windowsobserver.com/wp-content/uploads/2020/09/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/09/windows-10-start-menu-and-desktop-440x264.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
89ed21a0eb183800ef04d161dcec2782b2ce4892029fa21ecd8b3617a9fae69b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Mon, 28 Sep 2020 01:37:41 GMT
server
LiteSpeed
etag
"907008-1605183074;;;"
content-type
image/png
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
105804
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
MSI-Modern-Series-440x264.jpg
www.windowsobserver.com/wp-content/uploads/2020/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/09/MSI-Modern-Series-440x264.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
9d1e30fe674fca0aaf6976877cf5d1f3e45f408adb587856af7705e2581d1de2

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Mon, 07 Sep 2020 15:48:34 GMT
server
LiteSpeed
etag
"907009-1605183074;;;"
content-type
image/jpeg
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
16547
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
ssd-drives-stacked-together-440x264.jpg
www.windowsobserver.com/wp-content/uploads/2020/08/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/08/ssd-drives-stacked-together-440x264.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
c35af20b87c57b76997db85e9384c7afc7fbd1115081f57edaa12879af27a0d4

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Fri, 28 Aug 2020 19:14:27 GMT
server
LiteSpeed
etag
"907010-1605183074;;;"
content-type
image/jpeg
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
14720
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
windows-insider-channel-updates-august-2020-1-440x264.png
www.windowsobserver.com/wp-content/uploads/2020/08/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/08/windows-insider-channel-updates-august-2020-1-440x264.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
b6e8f4542e14e9f91c73b6a050ed33ca57a38ce466243df127e4466e2181aadc

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Fri, 28 Aug 2020 00:34:36 GMT
server
LiteSpeed
etag
"907012-1605183074;;;"
content-type
image/png
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
75712
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
IMG_20200823_104136-440x264.jpg
www.windowsobserver.com/wp-content/uploads/2020/08/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/08/IMG_20200823_104136-440x264.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
78a33f9654f70ce8892044039202d119f2cf56b6481973315828b0efe5f4b87e

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Sun, 23 Aug 2020 14:47:27 GMT
server
LiteSpeed
etag
"907011-1605183074;;;"
content-type
image/jpeg
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
23739
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
microsoft-edge-add-ons-site-hero-440x264.png
www.windowsobserver.com/wp-content/uploads/2020/08/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/08/microsoft-edge-add-ons-site-hero-440x264.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
a674247856390175f40a9bafbc72128ca54d3f128647ed7de69cff3cfdaf9b07

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:15 GMT
last-modified
Sat, 15 Aug 2020 17:56:30 GMT
server
LiteSpeed
etag
"907014-1605183075;;;"
content-type
image/png
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
17070
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
windows-10-update-highlights-oobe-1-440x264.png
www.windowsobserver.com/wp-content/uploads/2020/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/08/windows-10-update-highlights-oobe-1-440x264.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
12c9ed3fe7d742984fc81cd3bdea696106961b050c2289abfff6dd9496640997

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:14 GMT
last-modified
Fri, 14 Aug 2020 14:55:32 GMT
server
LiteSpeed
etag
"907013-1605183074;;;"
content-type
image/png
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
6541
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
pc-build-project-aug-2020-6-440x264.jpg
www.windowsobserver.com/wp-content/uploads/2020/08/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2020/08/pc-build-project-aug-2020-6-440x264.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
2b4cae5829650d023ac38617035e6184a77c2bd57b13de74c44e25877acc8f3b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:15 GMT
last-modified
Wed, 12 Aug 2020 22:48:53 GMT
server
LiteSpeed
etag
"907015-1605183075;;;"
content-type
image/jpeg
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
33128
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:13 GMT
WindowsObserverLogo400x200Feb2019.png
www.windowsobserver.com/wp-content/uploads/2019/02/ 		1 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/02/WindowsObserverLogo400x200Feb2019.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
415
date
Thu, 12 Nov 2020 12:11:13 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
content-length
1
x-qc-cache
hit
content-type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Thu, 12 Nov 2020 12:11:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C399 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.windowsobserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.windowsobserver.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Thu, 12 Nov 2020 11:20:31 GMT
expires
Fri, 12 Nov 2021 11:20:31 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3042
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201110&jk=3166330945339678&bg=!wcKlwuLNAAVxZqjhcViDK-yMiMa5iQIAAABCUgAAAApoAQcKAWV2Q5oMUuB2eEDBw9NN59LzPstAsc8tuEsV03U0L-GWta21e3BGFX6DhJkr8HxQnGlXqhp3F_edWWVY9sS5Rw-HeiG83rbg9KF5N13gAo8j9YY9kpC25r470O6vL1b0rGTOUUMwJ0ODWdXs2ZWETnbk6f7ihocVgfliPBP1f1-W1mhQ7Txcc-gLmRVjGhn25EsxYi2ebRpUwL_BCKdrtLKB7W24JmigX8QkShuuAbDMGRBndFIcVWcSe5x85jx7zWYj5vioKJEPgBY9pDKwturnnFWY2sPsSHRgiD0Z06Q5MdWcJbfns0aw2bGb9TncpM8YMu9ZybvGVS3PuLca1eyWzOpmDUtcaxCgjjNeM2Fgn6D0gzjElxuxpUAkOmwG3bVlWmTEnFPnmaQflJs255iKpejREO_8vC-Cqi5Sj1jacoqRY2y9e6OJuCv1V274BhsLWi18RgsYeKxwfqMrn5IMp1hg5-2ZAcCeCeX2F1Nk_vZnh9AzHOwWuyM2M4aPAhJg5k2qhfijj_qRNxoNHWg4YE0rNKuOHhqcey42spIa7HtjQiy7sAzMpJVAlOvGhYy7F2CGollBXS1GpLjkjkpJLn1i7676Euync2Jo__rAqUukrGxThwN6vAj3KqKjSoYw6zQO4t4giGRYNflDxv3gYxT6ZI2gqhrcdbgWzxbh3_xzROAjs7WAQvmrh9_55FHF9CkFmgqPTpYXzmUaJDIPG3kFBkHgJdkRvG880J0lLZOKMQQ0QElAaoiW0iyoNxwQL53-g_XfPoHCKVmEd027v2plI80JuKs-eIdZuSff6pwxbwmulOcEwA0TtBYbHZ8leanIb1kaII6CuotndmLLFJTrznoSyC-n7BZ-MqHmkezfhgoGsP91HOWK2Izze4a42TQ5IM36MykvD56IHYbn0Ytq3jHprQqlR7qTPWAlXDcUMqq6kfOMKzjIQNpbSEeoCKh2KyBmL3XqPashXNWF2WsKW53FYl3ec0JcvVXtpr1UOK_aG8kTia1AwO3-vZX_iPapgkLvPtIdc3-kNFEU9vDs6_UDbCTSPV4Xl1vv5NuJ0OstNgDB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Nov 2020 12:11:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
204
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.clarity.ms/cus/ 		7 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.0-b21/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Thu, 12 Nov 2020 12:11:15 GMT
access-control-allow-origin
*
x-powered-by
ASP.NET
x-azure-ref
0YyatXwAAAAA6maX4ktEBTIG50X4ybZW6RlJBRURHRTEwMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
common.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/41/8/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key&ver=4.6.6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d61f511a1bdc441e3b0e1ce33ead66e051aa0f6e39f6c2e428468a1de6d5496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 21:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139647
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29287
x-xss-protection
0
last-modified
Wed, 29 Jul 2020 06:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 21:23:51 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ 		144 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/41/8/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key&ver=4.6.6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee55f1d6a13bb89ad87b393b9a3b335ef580e75d08b50e9efb21699da4fe857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290669
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54471
x-xss-protection
0
last-modified
Wed, 29 Jul 2020 06:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 03:26:49 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.windowsobserver.com%2F&5shttps%3A%2F%2Fwww.windowsobserver.com%2F&callback=_xdc_._wzwthd&token=91960
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/41/8/common.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
41fd2a95041af68fe11a9931b90ca7fb57e4ca45c21ce63c778403da16c262ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Nov 2020 12:11:18 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=2
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.clarity.ms/cus/ 		7 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.0-b21/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Thu, 12 Nov 2020 12:11:18 GMT
access-control-allow-origin
*
x-powered-by
ASP.NET
x-azure-ref
0ZiatXwAAAAC/68nTxh+tQbP2XW5dhDRSRlJBRURHRTEwMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
ET-Extra.woff
www.windowsobserver.com/wp-content/themes/Extra/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/themes/Extra/fonts/ET-Extra.woff
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
faf92f241d22c776418da17d96c9f418a932b323bbfd9a472081f6ae19bfe352

Request headers

Origin
https://www.windowsobserver.com
Referer
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:19 GMT
last-modified
Mon, 19 Oct 2020 01:37:29 GMT
server
LiteSpeed
etag
"906798-1605182972;;;"
content-type
font/woff
status
200
cache-control
max-age=604800
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
14428
x-qc-cache
hit
expires
Thu, 19 Nov 2020 12:09:32 GMT
mem5YaGs126MiZpBA-UNirkOUuhs.ttf
fonts.gstatic.com/s/opensans/v18/ 		27 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhs.ttf
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.windowsobserver.com
Referer
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 08:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447025
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18834
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:46 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Nov 2021 08:00:54 GMT
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v18/ 		26 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0e.ttf
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.windowsobserver.com
Referer
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 17:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
584765
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Nov 2021 17:45:14 GMT
mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
fonts.gstatic.com/s/opensans/v18/ 		28 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.windowsobserver.com
Referer
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 08:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100473
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19068
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:59 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Nov 2021 08:16:46 GMT
modules.ttf
www.windowsobserver.com/wp-content/themes/Extra/core/admin/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.windowsobserver.com/wp-content/themes/Extra/core/admin/fonts/modules.ttf
Requested by
Host: www.windowsobserver.com
URL: https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Origin
https://www.windowsobserver.com
Referer
https://www.windowsobserver.com/wp-content/litespeed/cssjs/c01bb.css?8b7e3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:19 GMT
last-modified
Mon, 19 Oct 2020 01:37:31 GMT
server
LiteSpeed
etag
"907026-1605183079;;;"
content-type
font/ttf
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
92400
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:19 GMT
WindowsObserverLogo400x200Feb2019.png
www.windowsobserver.com/wp-content/uploads/2019/02/ 		1 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/02/WindowsObserverLogo400x200Feb2019.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
415
date
Thu, 12 Nov 2020 12:11:19 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
content-length
1
x-qc-cache
hit
content-type
image/png
FaithTechSpaceCroppedBanner-440x244.png
www.windowsobserver.com/wp-content/uploads/2019/11/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/11/FaithTechSpaceCroppedBanner-440x244.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
7c585158a954562b91a9759e92b9c0ad4b51b299d3c80cf9655f45bd1b720753

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:20 GMT
last-modified
Sun, 17 Nov 2019 10:53:59 GMT
server
LiteSpeed
etag
"907027-1605183080;;;"
content-type
image/png
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
39280
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:19 GMT
FaithTechSpaceCroppedBanner-150x150.png
www.windowsobserver.com/wp-content/uploads/2019/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/11/FaithTechSpaceCroppedBanner-150x150.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
f8d76af3ba547ca4c3761168a270b81c5be51897c231fefd1a2e8df37c880e82

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 12:11:20 GMT
last-modified
Sun, 17 Nov 2019 10:53:59 GMT
server
LiteSpeed
etag
"907028-1605183080;;;"
content-type
image/png
status
200
cache-control
max-age=604800
x-litespeed-tag
8bd_
accept-ranges
bytes
x-qc-pop
EU-DE-FKB-67
content-length
7677
x-qc-cache
miss
expires
Thu, 19 Nov 2020 12:11:19 GMT
WindowsObserverLogo400x200Feb2019.png
www.windowsobserver.com/wp-content/uploads/2019/02/ 		1 B
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/02/WindowsObserverLogo400x200Feb2019.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
415
date
Thu, 12 Nov 2020 12:11:19 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
content-length
1
x-qc-cache
hit
content-type
image/png
WindowsObserverLogo400x200Feb2019.png
www.windowsobserver.com/wp-content/uploads/2019/02/ 		1 B
30 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windowsobserver.com/wp-content/uploads/2019/02/WindowsObserverLogo400x200Feb2019.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202008124861124469.goodsrv.de
Software
LiteSpeed /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
415
date
Thu, 12 Nov 2020 12:11:20 GMT
server
LiteSpeed
x-qc-pop
EU-DE-FKB-67
content-length
1
x-qc-cache
hit
content-type
image/png
collect
www.clarity.ms/cus/ 		7 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.0-b21/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.windowsobserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Thu, 12 Nov 2020 12:11:22 GMT
access-control-allow-origin
*
x-powered-by
ASP.NET
x-azure-ref
0aiatXwAAAACptcGCn9+JQpYC9F0C19q4RlJBRURHRTEwMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| loadCSS string| et_site_url string| et_post_id function| et_core_page_resource_fallback object| _wpemojiSettings function| $ function| jQuery function| ES6Promise object| et_core_api_spam_recaptcha object| etCore function| gtag object| dataLayer function| powerpress_pinw function| clarity object| pollsL10n function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| EXTRA object| et_shortcodes_strings object| et_pb_custom object| et_builder_utils_params object| et_frontend_scripts object| EXTRA_TAX_QUERY object| et_pb_box_shadow_elements object| et_pb_motion_elements object| et_pb_sticky_elements object| twemoji object| wp object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| et_shortcodes_init function| Waypoint object| salvattore function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns object| jQuery112405949824838319471 object| ET_Builder object| ET_FE boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars string| et_hash_module_seperator string| et_hash_module_param_seperator function| et_set_hash boolean| et_setting_hash object| ET_App boolean| et_pb_extra_load_event_fired object| mejsL10n object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| _extends function| _typeof function| LazyLoad object| $et_tooltip object| $et_learn_more function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class string| et_location_hash object| $element string| waypointContextKey object| GoogleGcLKhOms object| google_image_requests object| _xdc_

6 Cookies

Domain/Path Name / Value
.windowsobserver.com/ Name: _gat_gtag_UA_117605461_1
Value: 1
.windowsobserver.com/ Name: _gid
Value: GA1.2.329614101.1605183069
.windowsobserver.com/ Name: __gads
Value: ID=4ec4b926c3d27d1f-22972e442fb900d8:T=1605183069:RT=1605183069:S=ALNI_MZ1SoSKILDLjr7uRxn-DybEHc6PFA
www.windowsobserver.com/ Name: _clck
Value: e8oayx
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.windowsobserver.com/ Name: _ga
Value: GA1.2.2086763237.1605183069

2 Console Messages

Source Level URL
Text
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/41/8/util.js(Line 228)
Message:
Google Maps JavaScript API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/41/8/util.js(Line 228)
Message:
Google Maps JavaScript API warning: InvalidKey https://developers.google.com/maps/documentation/javascript/error-messages#invalid-key

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
fonts.gstatic.com
googleads.g.doubleclick.net
maps.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.windowsobserver.com
216.58.207.66
2606:4700::6810:125e
2620:1ec:bdf::10
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:820::2002
45.132.244.92
010e692af2ed738681a0c3782a8e15e1e1c01de5b93f3000d6eebdf5cfb2a2ac
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0dafe41811a02ec41cf949a4f6df396d36a6b6f3f576bbdc32c296ff45e647bc
12c9ed3fe7d742984fc81cd3bdea696106961b050c2289abfff6dd9496640997
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
252555acdfff588cc5362679cb32d1c18fa0c576968fc73ce8c9458d11666fc8
2b4cae5829650d023ac38617035e6184a77c2bd57b13de74c44e25877acc8f3b
2ff362e562f5dc4ba5367961cadd82a155ef2b2fb53d0745fdd81485b2312fc8
345425cf1476f761ab7a1ac97e7b548fa5a9f74ff2e1a2daed24197d41a21731
3d61f511a1bdc441e3b0e1ce33ead66e051aa0f6e39f6c2e428468a1de6d5496
41fd2a95041af68fe11a9931b90ca7fb57e4ca45c21ce63c778403da16c262ab
430d5d59157ab0cbffcda296811cd33e21ded3bb342d749489bc5c5a93970d95
531a7fad64292dd7eefd738f081bc22a09540487fb3b9dd93262eb74e6b3ff7c
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
58308b1db0ac4d15ebfcfd52cf2ab639be18cdd33648c068b3ca945cc0937b7c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70b003c946998e79b99e0a3713a2018567e5b23cc273f701b4df5568624c2046
78a33f9654f70ce8892044039202d119f2cf56b6481973315828b0efe5f4b87e
7c585158a954562b91a9759e92b9c0ad4b51b299d3c80cf9655f45bd1b720753
837a4d4007d27b46d30559f0f82675c139ea9dfc568947a98f874ab80a732c16
89ed21a0eb183800ef04d161dcec2782b2ce4892029fa21ecd8b3617a9fae69b
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
99edb461920133162adf7cdf6b31becdf8d702924b2b9b4d97d69db421ccca54
9d1e30fe674fca0aaf6976877cf5d1f3e45f408adb587856af7705e2581d1de2
9d459ae244f8c4c36a9b1d6682a47711033204a3322b07171402af901d30f8ed
9e84c7521ed0feab807b1f9556ff0ddf20763b2703e6eb20909d6fac106f7eb0
a674247856390175f40a9bafbc72128ca54d3f128647ed7de69cff3cfdaf9b07
aca4deebc5c475c9c90c7884f4c9d5db919b6c0fa18e2db8dfe2b444fd555c17
aee55f1d6a13bb89ad87b393b9a3b335ef580e75d08b50e9efb21699da4fe857
aefc4c20a5b7c02c881634341f6e1dcceb24cdbe63da122876f2dd783d3cfd62
b16492bdf70a805c430de93e13fb7dd4d3b765acc9c678c1a42cc558d97163a3
b6e8f4542e14e9f91c73b6a050ed33ca57a38ce466243df127e4466e2181aadc
bde727620681755b5c5198388780769c525a0079fac74d8b52bb471b457a2e52
c35af20b87c57b76997db85e9384c7afc7fbd1115081f57edaa12879af27a0d4
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
dc66320adb9b1a19a4a8408a2a27e99df9849cb79cd496b3c000eb149123b25f
e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
edfa6a3e64896b953252b6f540c43170ff720ffad066d7357f5c087ca5e53f75
f65fd6ffebae96f470b4effcf5127a69bfe7d41027e1407134231c94db729329
f81a4a9211214d226d5a01b81b8956b91089eb622ab70572dcf54e6b707521a8
f8d76af3ba547ca4c3761168a270b81c5be51897c231fefd1a2e8df37c880e82
faf92f241d22c776418da17d96c9f418a932b323bbfd9a472081f6ae19bfe352
fe09fd7ad767f6f6b0c7e517d363946d988143e44705f29c623ce8efa03c51d2
fe1878845661a3c5dee6e58f59377f134a8d53d03938f0c7d67819a4eb7d7774