www.intowindows.com Open in urlscan Pro
2606:4700:3108::ac42:28b0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://intowindows.com.admin-mcas-gov.us/
Effective URL:
https://www.intowindows.com/
Submission: On March 17 via automatic, source rescanner (March 17th 2022, 4:11:47 pm UTC) — Scanned from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 14 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3108::ac42:28b0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.intowindows.com. The Cisco Umbrella rank of the primary domain is 362434.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2021. Valid for: a year.

This is the only time www.intowindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.72.27.220 13.72.27.220	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:825a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 16	2606:4700:310... 2606:4700:3108::ac42:28b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1 1	35.232.130.91 35.232.130.91	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2006	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
66	17

1 13.72.27.220 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

intowindows.com.admin-mcas-gov.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:825a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3108::ac42:28b0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

intowindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.intowindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.232.130.91 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 91.130.232.35.bc.googleusercontent.com

mk0intowindows84fvao.kinstacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:820::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2006 (Queens, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2004 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	358 KB
16	intowindows.com 1 redirects intowindows.com — Cisco Umbrella Rank: 359541 www.intowindows.com — Cisco Umbrella Rank: 362434	228 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	76 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 51333	44 KB
2	gstatic.com p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	72 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	63 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	36 KB
1	kinstacdn.com 1 redirects mk0intowindows84fvao.kinstacdn.com — Cisco Umbrella Rank: 735088	161 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	admin-mcas-gov.us intowindows.com.admin-mcas-gov.us	856 B
66	14

	Domain	Requested by
15	www.intowindows.com	www.intowindows.com
14	tpc.googlesyndication.com	intowindows.com.admin-mcas-gov.us googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com intowindows.com.admin-mcas-gov.us googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.intowindows.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	mcasproxy.azureedge.net	intowindows.com.admin-mcas-gov.us mcasproxy.azureedge.net
2	p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.intowindows.com
1	mk0intowindows84fvao.kinstacdn.com	1 redirects
1	fonts.googleapis.com	www.intowindows.com
1	intowindows.com	1 redirects
1	intowindows.com.admin-mcas-gov.us
66	18

This site contains no links.

Subject Issuer	Validity	Valid
MCAS Mcas Root CA	`2021-12-23` - `2021-12-24`	21 hours	crt.sh
*.azureedge.net Microsoft RSA TLS CA 01	`2021-10-28` - `2022-10-28`	a year	crt.sh
intowindows.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.intowindows.com/
Frame ID: 81ACFC65B8ED63FC159A69DB12A7C243
Requests: 39 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
Frame ID: 945F8AD6E6C3018BA3D4CC1414CFB837
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220315/r20190131/zrt_lookup.html
Frame ID: E7A53F3B906F10C81889867B70B76842
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=5022977766&adk=2898438081&adf=1346783958&pi=t.ma~as.5022977766&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503445&bpp=7&bdt=280&idt=177&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=1862852567493&frm=20&pv=2&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PXZTYzTn4f&p=https%3A//www.intowindows.com&dtd=197
Frame ID: 2DEDDD1798F983CFEF47CCADDF26837C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=4335780698&adk=1638990907&adf=46507410&pi=t.ma~as.4335780698&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503452&bpp=2&bdt=287&idt=210&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=1640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cr3JKnjGX5&p=https%3A//www.intowindows.com&dtd=213
Frame ID: 0DA5196094B4811619E1F5CBCA281846
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&adk=1812271804&adf=3025194257&lmt=1647533503&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.intowindows.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503470&bpp=1&bdt=305&idt=199&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600%2C250x600&nras=1&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=205
Frame ID: F43BACB3F1D7358E5BE6F07E7D1F914E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html
Frame ID: 41B73EBE8E95E93F31008C2DDE129D44
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=ClZrBv10zYrO2K-mAogbaroeYDvWAtc9li4bl_ZkOoZXAtIwJEAEghfD8EGDJ7o6LwKSMEKAB7JON4APIAQmoAwHIA0iqBOABT9BhYCm8fNw6nse2LqDZ5eGYMachhqbxRXy_wWRQlp9-s4zIeyxpH5rVRWZWlzZb3Cd-8YBxUbZtCQ-FXhi-Mq-lcPdSz-rREPfWeCS-E76gMcx0JEw8Mhxbv4IyDIbycS8cccSwh0SWuFDlw0neFRTEt9UuihU6OzAsQ9Pk0KmE6Mjynb9wXM3PTxmASznG9XH6jr0o7rl_6iQvLMwnROn4QdlEeqSlpkgUZawBIunTexbI006PwZGdLgtzPmxiDNcSW6W-My-1pdAZnkAENYiMJmeIT-WRfyeqxsy6rpHABLrmk6XLApIFBAgEGAGSBQQIBRgEoAYugAf86_IfqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8adj0ggHCIBhEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNTYzMjQ2NDUzMTQ1OTE3GAA&sigh=5wmQsUeaVLM&uach_m=[UACH]&template_id=419
Frame ID: CF0F88B0453667E84A40B2FE3DAFC7D0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C0B748C9DAA75EF66B396A4E4961B6F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7A8D28BD221EB114EA916E03FE588F46
Requests: 2 HTTP requests in this frame

Frame: https://p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 23DDA66146B5650483987600450A3BF4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Frame ID: D382C6E5A625E69F2DE69C626B1B9027
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2A88F281C1AF6ABB3756AD970C521BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 73AC24F7F8D58665985AB95DAB6EC53D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Into Windows

Page URL History Show full URLs

https://intowindows.com.admin-mcas-gov.us/ Page URL
https://intowindows.com/ HTTP 301
https://www.intowindows.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

66
Requests

97 %
HTTPS

76 %
IPv6

14
Domains

18
Subdomains

17
IPs

1
Countries

904 kB
Transfer

2164 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://intowindows.com.admin-mcas-gov.us/ Page URL
https://intowindows.com/ HTTP 301
https://www.intowindows.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://mk0intowindows84fvao.kinstacdn.com/wp-content/themes/eleven40-pro/images/texture.png HTTP 301
https://www.intowindows.com/wp-content/themes/eleven40-pro/images/texture.png

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

66 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
intowindows.com.admin-mcas-gov.us/ 1 KB
856 B 788ms
32ms Document
text/html 13.72.27.220
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://intowindows.com.admin-mcas-gov.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.72.27.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

71ac09cbf027116391e1632766f2a1b89d941febd0b7cf61102d5ca28bd2c4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Thu, 17 Mar 2022 16:11:42 GMT
x-mcas-request-id: c667151fe8cc8eca0a4d26916f243917
strict-transport-security: max-age=31536000
pragma: no-cache
expires: Mon, 01-Jan-1990 00:00:00 GMT
cache-control: max-age=0, no-cache, no-store
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.11.33/js/ 5 KB
6 KB 88ms
27ms Script
application/javascript 2600:141b:13::17d7:825a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/js/session-context-store-helper.min.js
Requested by: Host: intowindows.com.admin-mcas-gov.us
URL: https://intowindows.com.admin-mcas-gov.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 769e376a16fa420b6ea5802aef3f2e2aaa37b7898eda4d9f5745eea336176c2e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://intowindows.com.admin-mcas-gov.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 16:11:42 GMT
last-modified: Thu, 03 Feb 2022 12:00:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: VbIsdsRwQ4Bhve/8+YswXw==
etag: 0x8D9E70CC446914E
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33a8b6b0-e01e-0006-169b-2c3853000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30052648
x-ms-version: 2009-09-19
content-length: 5356

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.11.33/html/ Frame 945F 281 B
730 B 24ms
24ms Document
text/html 2600:141b:13::17d7:825a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://intowindows.com.admin-mcas-gov.us/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Thu, 03 Feb 2022 12:00:25 GMT
etag: 0x8D9E70CC3B532E9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8decfede-f01e-0012-415f-1afb37000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=28047376
date: Thu, 17 Mar 2022 16:11:42 GMT

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.11.33/js/ Frame 945F 37 KB
38 KB 22ms
22ms Script
application/javascript 2600:141b:13::17d7:825a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 16:11:42 GMT
last-modified: Thu, 03 Feb 2022 12:00:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 8Oe/SXRVi/PhDQo93/MvWQ==
etag: 0x8D9E70CC46031A8
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 828382df-301e-0062-7629-1c88f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=28244075
x-ms-version: 2009-09-19
content-length: 38378

GET
H2

200

Primary Request / Show response
www.intowindows.com/
Redirect Chain

https://intowindows.com/?
https://www.intowindows.com/

85 KB
20 KB

329ms
316ms

Document
text/html

2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8783955b4786284e93711bd71d46e87098fa9583fa980072407ca8d2e0414b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://intowindows.com.admin-mcas-gov.us/

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6ed70188dcb4d157-BUF
link: <https://www.intowindows.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=17.1
ki-edge-o2o: yes
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxUpLiekdHuIe7XTDo%2F3gfcdMucIRQ3Vm0HbOB0x8dGNAG7KsaX%2BJDTyRk4c3F2ZVJunHhtWQCqnIRrnOD8wIQi2scwarSv%2BoBSi0kfPvYdKwraX7lWNorOXcEfzD2SttXqLbQP6h33j%2BSlnEuWb2nE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

Redirect headers

date: Thu, 17 Mar 2022 16:11:42 GMT
content-type: text/html; charset=UTF-8
location: https://www.intowindows.com/
cf-ray: 6ed7018578bed157-BUF
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=17.1
ki-edge-o2o: yes
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT
x-redirect-by: WordPress
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Jtlz1s8dnoi1BuFM0MiXek6luO7L8NddMHVY3uD85JbfyvmNjv6sQ4PX0n4yZawCpXbrEfsXCyVtV6mFgfhT9AGhndKlX48a8vqIUqhWYVUnhKUlRx9plelF%2FttWbgALbboZ1Wh51JkJimrYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 106ms
36ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%3A400%2C700%7COswald%3A400&display=swap

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

998f85a23a439b61247ef0a4a7ad4fe3ece6885980facf0a9c9ea87ede6113d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:02:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 16:11:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 16:11:43 GMT

GET
H2 200 style.css
www.intowindows.com/wp-content/cache/min/1/wp-content/themes/eleven40-pro/ 22 KB
5 KB 25ms
25ms Stylesheet
text/css 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intowindows.com/wp-content/cache/min/1/wp-content/themes/eleven40-pro/style.css?ver=1636629752

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9255566eefb614ddeb295060967cde9591a598d8850cfe6004fe8fa7fa99a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=16.8
age: 2834923
cf-polished: origSize=22739
vary: Accept-Encoding
ki-edge-o2o: yes
last-modified: Thu, 11 Nov 2021 11:22:32 GMT
server: cloudflare
etag: W/"618cfcf8-12b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8ta5u46rfTyDVA%2BchIPm9SXfUkNLtV9ncS9YYJNbVirsUrgirsDH65fwOq%2FueDdm97wjCzuidQl5uO7fR13glfIE4B6j6c9TN9E5JRehYZ%2BCQefiIgQbzkEOSvbDoBgGG9JjO5k4BghKc7vyVD3CNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-ray: 6ed7018aeeffd157-BUF
x-edge-location-klb: 1
cf-bgj: minify

GET
H2 200 style.min.css
www.intowindows.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 26ms
26ms Stylesheet
text/css 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intowindows.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=17.0
age: 393990
vary: Accept-Encoding
ki-edge-o2o: yes
last-modified: Tue, 22 Feb 2022 21:07:44 GMT
server: cloudflare
etag: W/"621550a0-145a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Bansu%2Bs%2FZFkxsJrkKCXYq4fSurMyk%2FkGppQ0ZCQQwwrAdyw7ienDBPMGVaQjdXLXm9MCb%2BZ%2FRIShzGrSR%2BVwKh0FYPjSYjfxmjUiV2MtsvUErxI1lG3WJbF2iCGDk3tOlk7Eger9S6hjmfaaAnUohA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 6ed7018aef00d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5e34633a1ecef7871a146661397f997dba86221175bd9bc99411a34196ced1d

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fbedbd9d5ce89478d751a141998376c2260235a595292e31eb54f57ab61b288

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80eb1072739ff1d1c7d335cb494d6491f9adea2ea0e831f8dec55b0f4129e708

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baf528f9742664fd5300faade8542d0275378479cbccf56ee2ca06dba25d12c6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf92d26228c4365e6f551e87ce1bcbe3ff4f2b0d7d7d3c2096726c1fc571fee8

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0674fe9e76b8e3383bf64e45f641c0ed930148df3eb850e617a9977e7ee34324

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4437ce173dc24d2724fe909c27f283807dd58ccd729d93dc11598b3fc2e71bca

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72bbecba7e1a5f24b84715c7fe8ec66ff6467d8cda8f2adde5a1ce553bf04306

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66f2e4487799f1261d20a0f5f3fc638905b1c061614190b4e27a24485ea068e6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

texture.png
www.intowindows.com/wp-content/themes/eleven40-pro/images/
Redirect Chain

https://mk0intowindows84fvao.kinstacdn.com/wp-content/themes/eleven40-pro/images/texture.png
https://www.intowindows.com/wp-content/themes/eleven40-pro/images/texture.png

13 KB
13 KB

27ms
27ms

Image
image/png

2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/themes/eleven40-pro/images/texture.png

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

137fe3f2a5bf8d30d874b11a6be25970cbd72d74ab58a08cbc4dbd74f011cf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=17.0
age: 176275
vary: Accept-Encoding
content-length: 13066
ki-edge-o2o: yes
last-modified: Sat, 25 Jul 2020 15:30:40 GMT
server: cloudflare
etag: "5f1c5020-330a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkbAowkn4Apwvxl8bHPt8n%2BocgSuPFcmJCSabhHbQu2dJeVyqaAJ5f512JclqjFhrfRPV3eU0QfOg8Y3NKoHLiJUYq0Rc5R%2Bj1eByzWvOKXq3xsc4FwaRNsb3M863Gzk4ZRPt9gzz9xQFN6Oq1jWYWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018c48d1d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://www.intowindows.com/wp-content/themes/eleven40-pro/images/texture.png
date: Thu, 17 Mar 2022 16:11:43 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
www.intowindows.com/fonts.gstatic.com/s/oswald/v47/ 10 KB
10 KB 52ms
52ms Font
font/woff2 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intowindows.com/fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by: Host: www.intowindows.com
URL: https://www.intowindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607

Request headers

Referer: https://www.intowindows.com/
Origin: https://www.intowindows.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1604637
content-length: 9828
last-modified: Thu, 24 Feb 2022 18:03:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XB98Gswbb35gdPcYUkW1ki2hq4P2%2F9HBdipbB%2FtDnFKbPba%2B5meH5QUbBTxXG3dDIKHaHWPAIfhHBisETsrv2fxd64z00i04PWjuQ6ELUhYDbWoDaJw0I7NNFxeMDDrifyX4k%2BKRJiILMncfZRRzwJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 6ed7018b0f24d157-BUF
expires: Fri, 24 Feb 2023 23:41:36 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
www.intowindows.com/fonts.gstatic.com/s/lora/v23/ 35 KB
35 KB 47ms
47ms Font
font/woff2 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intowindows.com/fonts.gstatic.com/s/lora/v23/0QIvMX1D_JOuMwr7Iw.woff2
Requested by: Host: www.intowindows.com
URL: https://www.intowindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd

Request headers

Referer: https://www.intowindows.com/
Origin: https://www.intowindows.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Feb 2022 00:43:55 GMT
server: cloudflare
age: 835138
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKAjEduVv6HTCQ9%2Bx%2FiT4S3JdVJwc7%2FGHpoqwUfmZSJtZoVrA7Rbp%2BpGmfTztWQNXK4J6CTHDekOSJSwIH0HVBJjzsixStVqZUOXiA4bDQG5OCkqw%2BiUmLbGkDy1vqNYv6XYTdaxXXAE5%2F6NaPqR95s%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 6ed7018b0f26d157-BUF
content-length: 35440

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 148ms
95ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d885345d3512bdcb004194c36fbb56e2876d8c557b4510f0bc35506b28318e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54540
x-xss-protection: 0
server: cafe
etag: 10470870898309797960
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 16:11:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 92ms
41ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5201210-2

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bab19ff5b376982c26f785ff96f7f3ca0ec5d9d4f302cf75b9acd7dc615af781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36792
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 16:11:43 GMT

GET
H2 200 lazyload.min.js Show response
www.intowindows.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 25ms
25ms Script
application/javascript 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intowindows.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=17.0
age: 278555
vary: Accept-Encoding
ki-edge-o2o: yes
last-modified: Mon, 14 Mar 2022 06:39:16 GMT
server: cloudflare
etag: W/"622ee314-2063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvsNOhAjy8Kc2Kbs2OL5rpeGg4GotGkmxzVaidqKRXl%2FjmjDrAISBzaV43Hg6mYFNPJGUvi%2BeCzz3viKFxR2U5hXFGCSP2E2abFL56zqDwz0nKc2x8hOH3KeZxIRa3aYoyn8yxrLGW6by5wB%2F%2Bp%2BD1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 6ed7018b3f58d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 texture.png
www.intowindows.com/wp-content/themes/eleven40-pro/images/ 13 KB
13 KB 24ms
23ms Image
image/png 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/themes/eleven40-pro/images/texture.png

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/wp-content/cache/min/1/wp-content/themes/eleven40-pro/style.css?ver=1636629752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

137fe3f2a5bf8d30d874b11a6be25970cbd72d74ab58a08cbc4dbd74f011cf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/wp-content/cache/min/1/wp-content/themes/eleven40-pro/style.css?ver=1636629752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=17.0
age: 176275
vary: Accept-Encoding
content-length: 13066
ki-edge-o2o: yes
last-modified: Sat, 25 Jul 2020 15:30:40 GMT
server: cloudflare
etag: "5f1c5020-330a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB%2FtXCgUjs6JzUBAFM2rHYU5tH9u%2B16mGzZerThMyBZzZq3uIjsHFDp%2FWxLGFuinZ01I8MBoYxKuXH8qQ3H7LFg0jQG8%2Fza3oPlUJlhavGgwllAc6q9gSiYMY1VZOvdK1BqFfJ84tOvLQRU4w1e81QA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018b5f79d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close-widgets-in-Windows-11.jpg.webp
www.intowindows.com/wp-content/uploads/2022/03/ 26 KB
26 KB 219ms
218ms Image
image/webp 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/uploads/2022/03/close-widgets-in-Windows-11.jpg.webp

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1aecefece1cfc7a7702f1b4193edbe342156c3a3697207fdda25c897d0127bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=17.1
vary: Accept-Encoding
content-length: 26432
ki-cf-cache-status: BYPASS
ki-edge-o2o: yes
last-modified: Wed, 16 Mar 2022 07:32:39 GMT
server: cloudflare
etag: "62319297-6740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJPJiE7X38%2BdH3S5K7ZHSMBb5t8%2FVK5tG6FmfimMQVAzUAeDyXvslKtOAq0LjzpW2s%2FXQ5%2FJRPjgCe1n6COtH8pYmm8VZH%2BHpoqvrWL2DIJxK6HuCRoPL4uLFZQ%2FVuJmgUCWdPpH2YMi8D%2FsmuLrS8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018bbfd5d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 remove-weather-from-Windows-11-taskbar-pic01-270x100.jpg.webp
www.intowindows.com/wp-content/uploads/2022/03/ 1 KB
2 KB 198ms
197ms Image
image/webp 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/uploads/2022/03/remove-weather-from-Windows-11-taskbar-pic01-270x100.jpg.webp

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29311d6bde7a502830e4dacbdbf6cd3bcd3c425efb2d01100f8da2d6ccffe20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=17.1
vary: Accept-Encoding
content-length: 1134
ki-cf-cache-status: BYPASS
ki-edge-o2o: yes
last-modified: Tue, 15 Mar 2022 12:55:42 GMT
server: cloudflare
etag: "62308cce-46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Nx1KFP%2BJyU6BMcv2OsMqOsE%2BWs1HnJwbsRjby79dCiSUlKCDZGbkzAoBYucVmI5V5lcZFU3is47MrQ9mkoK5ScJZDK9Fj%2FuziPeNzHpugd4x%2BSNi5kIWzRNWoqHJ7erNN0Z4QNOggNkiwLjtLbL1hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018bbfd6d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 disable-text-prediction-in-Office-Word-pic3.png.webp
www.intowindows.com/wp-content/uploads/2022/03/ 16 KB
16 KB 222ms
221ms Image
image/webp 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/uploads/2022/03/disable-text-prediction-in-Office-Word-pic3.png.webp

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb3ed64ca1841baf22b79eafce9dce75a3dfd02962ddcd4d40b6fe72fa9661b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=17.1
vary: Accept-Encoding
content-length: 15998
ki-cf-cache-status: BYPASS
ki-edge-o2o: yes
last-modified: Fri, 11 Mar 2022 15:01:42 GMT
server: cloudflare
etag: "622b6456-3e7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtJ%2FPuqcrTn%2B%2FLHCSQbePCem52bwdDOzjdfGGr8yPhGxDPyLs7MAElJt1SQ4ooA7wz1nnW6uSm3avS3QAOUmlF7VuF44YhPCo6P3dJVqvHyq4nWwPha%2BNsEwd8LtNokXSg9Gqjh8E7D5Qf2aLZZuGeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018bbfd8d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 this-pc-cannot-run-Windows-11-error-in-virtualbox.png.webp
www.intowindows.com/wp-content/uploads/2022/03/ 9 KB
10 KB 240ms
240ms Image
image/webp 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/uploads/2022/03/this-pc-cannot-run-Windows-11-error-in-virtualbox.png.webp

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbf41cf7865370d91d7a1c6a5667e2bb1035a54b888cfbb39e0b7bb1cf400bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=17.1
vary: Accept-Encoding
content-length: 9494
ki-cf-cache-status: BYPASS
ki-edge-o2o: yes
last-modified: Thu, 10 Mar 2022 13:40:30 GMT
server: cloudflare
etag: "6229ffce-2516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STm7AANgGGmBq7rk578uOr6UmxC2b48jtigjinL1oHO2O0jJ53iQA4vFs%2B4UOAOH1WmKvqRLo1kUsxcWB6SXBZaQpe1GGXKQT%2BMPV1uYODqF61O4Fze3C0iOx1nZK9WoMolD7OHfzcjDCPs9S1mWlJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018bbfd9d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 create-windows-11-bootable-USB-with-Rufus-pic001.png.webp
www.intowindows.com/wp-content/uploads/2022/03/ 26 KB
27 KB 239ms
238ms Image
image/webp 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intowindows.com/wp-content/uploads/2022/03/create-windows-11-bootable-USB-with-Rufus-pic001.png.webp

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f01b724c89e87b14b4e28d15f7699e21f98a0896277713fcf2c5ea6ffbb02220

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=17.1
vary: Accept-Encoding
content-length: 26952
ki-cf-cache-status: BYPASS
ki-edge-o2o: yes
last-modified: Tue, 08 Mar 2022 14:04:58 GMT
server: cloudflare
etag: "6227628a-6948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2K9JgjFQxuRI%2ByTZ4rFxb%2B%2Bi1W9GBlVLuVPRWJ3aQEnGVlxt%2FnOIjtUnNSiVlJJxQ0xtNDq6TaP852ymEwZxcouqrgA8CaCIbUtMj1ebq53lJkG0DtOegWq%2BInOFt6jlrBZkKKxjGpuv7TbmKpVZrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
cf-ray: 6ed7018bbfdbd157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
22ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5201210-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5267
date: Thu, 17 Mar 2022 14:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 16:43:56 GMT

GET
H2 200 jquery.min.js Show response
www.intowindows.com/wp-includes/js/jquery/ 87 KB
32 KB 24ms
24ms Script
application/javascript 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intowindows.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=16.8
age: 2834923
vary: Accept-Encoding
ki-edge-o2o: yes
last-modified: Thu, 12 Aug 2021 05:41:46 GMT
server: cloudflare
etag: W/"6114b49a-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFibawbeAWdiEjJCuEjNrDF1FF%2B3Nl66RpVnHfSEd8cHu%2Bny%2FgNitdoJnjM9Y9Au%2B4a8YlRVAzDvIwgiZDh7jRFgwwmMVkGfsCyCYE%2FQDvlPoLnWUsYeyID2PntVosEGO5yWXL8BuZ1cHJMOm%2FluToY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6ed7018c38b8d157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.intowindows.com/wp-includes/js/jquery/ 11 KB
5 KB 25ms
25ms Script
application/javascript 2606:4700:3108::ac42:28b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intowindows.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=5.9.2

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=17.0
age: 176274
vary: Accept-Encoding
ki-edge-o2o: yes
last-modified: Mon, 25 Jan 2021 06:34:13 GMT
server: cloudflare
etag: W/"600e6665-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFIwneVCGv2S0RHjjZn%2BoudstrTzEmBTAeTbQv6GVsZKYWZG9r8DlaADJU7pHvDNcO0TdcV9DXvb49FJ3rdxrB5vMcTK4LXWKFvD%2Fd0I1Coue3fiRbol6Z1Wve%2BGYMuL1fH3wxiFIsTIoOnS4RLrIxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
cf-ray: 6ed7018c78ebd157-BUF
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 294 KB
106 KB 97ms
97ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21e3cd6b4909a41afeb4fcc45bb4c7c7ae271b020af91da3f6a5e2b23cf133c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108567
x-xss-protection: 0
server: cafe
etag: 7343328282239096764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 16:11:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220315/r20190131/ Frame E7A5 10 KB
5 KB 72ms
20ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 22:28:55 GMT
expires: Wed, 30 Mar 2022 22:28:55 GMT
cache-control: public, max-age=1209600
age: 63768
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
34ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2016958492&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intowindows.com%2F&dr=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&ul=en-us&de=UTF-8&dt=Into%20Windows&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1274808231&gjid=1047278619&cid=488410495.1647533503&tid=UA-5201210-2&_gid=1806281718.1647533503&_r=1&gtm=2ou3e0&z=14889933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intowindows.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.intowindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 90ms
35ms XHR
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5201210-2&cid=488410495.1647533503&jid=1274808231&gjid=1047278619&_gid=1806281718.1647533503&_u=YEBAAUAAAAAAAC~&z=1045399191

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intowindows.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 16:11:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.intowindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 132ms
72ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.intowindows.com&callback=_gfp_s_&client=ca-pub-1563246453145917

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

8ea05afe7011ec5dbd2e453ff5f8f401222a0841a726186eff7b60baf473d68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 110ms
40ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.intowindows.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 16:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DED 125 KB
40 KB 985ms
957ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=5022977766&adk=2898438081&adf=1346783958&pi=t.ma~as.5022977766&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503445&bpp=7&bdt=280&idt=177&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=1862852567493&frm=20&pv=2&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PXZTYzTn4f&p=https%3A//www.intowindows.com&dtd=197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a65e9bf3c8851b339c7e58b801471f984894d67193e1a2050f9c45428e7f1369

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPOR-snEzfYCFWmAyAodWtcB4w&gqi=v10zYuGcKsiJxAPL2pN4&layout=/sadbundle/%24csp%253Der3%24/12013538744814064560/300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPOR-snEzfYCFWmAyAodWtcB4w&gqi=v10zYuGcKsiJxAPL2pN4&layout=/sadbundle/%24csp%253Der3%24/12013538744814064560/300x600.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Mar 2022 16:11:44 GMT
server: cafe
content-length: 41120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 16:11:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DA5 82 KB
31 KB 1013ms
1008ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=4335780698&adk=1638990907&adf=46507410&pi=t.ma~as.4335780698&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503452&bpp=2&bdt=287&idt=210&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=1640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cr3JKnjGX5&p=https%3A//www.intowindows.com&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98b2972cf5290c87aed75cfc8980cccd597a8b1d62a7042aa03dbb6d3b809591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Mar 2022 16:11:44 GMT
server: cafe
content-length: 31242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 16:11:44 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 112ms
111ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.intowindows.com%2F&tn=HEADER&cls=site-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.intowindows.com
URL: https://www.intowindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 16:11:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F43B 0
19 B 90ms
89ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&adk=1812271804&adf=3025194257&lmt=1647533503&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.intowindows.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503470&bpp=1&bdt=305&idt=199&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600%2C250x600&nras=1&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Mar 2022 16:11:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 16:11:43 GMT
cache-control: private

GET
H2 200 300x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/ Frame 41B7 37 KB
12 KB 100ms
50ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html

Requested by

Host: intowindows.com.admin-mcas-gov.us
URL: https://intowindows.com.admin-mcas-gov.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51ff875b78e7083fa4850dcdca83cd6152c7d439897d7eccf555b6ae000ccdc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 11191
date: Thu, 17 Mar 2022 05:42:29 GMT
expires: Fri, 17 Mar 2023 05:42:29 GMT
cache-control: public, max-age=31536000
age: 37755
last-modified: Wed, 16 Jun 2021 21:00:41 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF0F 0
0 51ms
51ms Fetch
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClZrBv10zYrO2K-mAogbaroeYDvWAtc9li4bl_ZkOoZXAtIwJEAEghfD8EGDJ7o6LwKSMEKAB7JON4APIAQmoAwHIA0iqBOABT9BhYCm8fNw6nse2LqDZ5eGYMachhqbxRXy_wWRQlp9-s4zIeyxpH5rVRWZWlzZb3Cd-8YBxUbZtCQ-FXhi-Mq-lcPdSz-rREPfWeCS-E76gMcx0JEw8Mhxbv4IyDIbycS8cccSwh0SWuFDlw0neFRTEt9UuihU6OzAsQ9Pk0KmE6Mjynb9wXM3PTxmASznG9XH6jr0o7rl_6iQvLMwnROn4QdlEeqSlpkgUZawBIunTexbI006PwZGdLgtzPmxiDNcSW6W-My-1pdAZnkAENYiMJmeIT-WRfyeqxsy6rpHABLrmk6XLApIFBAgEGAGSBQQIBRgEoAYugAf86_IfqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8adj0ggHCIBhEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNTYzMjQ2NDUzMTQ1OTE3GAA&sigh=5wmQsUeaVLM&uach_m=[UACH]&template_id=419

Requested by

Host: intowindows.com.admin-mcas-gov.us
URL: https://intowindows.com.admin-mcas-gov.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=5022977766&adk=2898438081&adf=1346783958&pi=t.ma~as.5022977766&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503445&bpp=7&bdt=280&idt=177&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=1862852567493&frm=20&pv=2&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PXZTYzTn4f&p=https%3A//www.intowindows.com&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 17 Mar 2022 16:11:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Mar 2022 16:11:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/ Frame CF0F 19 KB
8 KB 70ms
24ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=5022977766&adk=2898438081&adf=1346783958&pi=t.ma~as.5022977766&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503445&bpp=7&bdt=280&idt=177&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=1862852567493&frm=20&pv=2&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PXZTYzTn4f&p=https%3A//www.intowindows.com&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 16:05:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame CF0F 2 KB
1 KB 91ms
44ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 16:08:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF0F 117 KB
36 KB 89ms
37ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 16:11:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame CF0F 15 KB
7 KB 67ms
21ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 16:04:13 GMT

GET
H2 200 16456601432930473145
tpc.googlesyndication.com/simgad/ Frame 0DA5 67 KB
67 KB 77ms
55ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16456601432930473145?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlnpEHIntbJ5dexXVKm8rTecVFPXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=4335780698&adk=1638990907&adf=46507410&pi=t.ma~as.4335780698&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503452&bpp=2&bdt=287&idt=210&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=1640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cr3JKnjGX5&p=https%3A//www.intowindows.com&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a55a3bb97660d11437e2cf7fca3cb7fae11ab5f93a771959909edc3e679ee6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 15:22:55 GMT
x-content-type-options: nosniff
age: 175729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68144
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 21:21:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 15:22:55 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/ Frame 0DA5 19 KB
8 KB 49ms
27ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 16:05:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame 0DA5 2 KB
1 KB 91ms
76ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 16:08:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DA5 117 KB
36 KB 88ms
66ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 16:11:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame 0DA5 15 KB
6 KB 56ms
41ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 16:04:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame 0DA5 28 KB
12 KB 60ms
45ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8bb34e7773640e6852d778e5f792867b6a291a405243f7bd6c55142d2336328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 23:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11771
x-xss-protection: 0
server: cafe
etag: 15823111227481032857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 23:02:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DA5 0
0 54ms
53ms Fetch
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjI-Rv10zYuu1K8-syQOV-KPgA7Su94ppls7RtdcOqubS4LIBEAEghfD8EGDJ7o6LwKSMEKABw4W0_wPIAQKoAwHIA8kEqgTxAU_Qd9ey-VxgC0TrUbxZoS9ldBGLXIcFiFb2ILuRVogRWa1foZoMpPVSraCcLmpTR7fqKkxDQXWEVE_H7xI3v8nwuX3Y1x-o79gUp21zRpWUe1HpA3Fw9SvkeQ5XdCr8s9SEM9nBCiUx9vUfCCUh2wisNM7wOcEfKWHuaxy1C7Ft3XX9HBh1J-7hPxerp2uPgt3HBOMx5GHRdwd24ACfLlnqccb6MSNM2SbLE3SKSCkPwagYRgvhUZ0VWHrpX9Ik3Cfrwx-29weKXnnPKEKC7QKgl1r_MWZhSyydpvAZxCyuclAVKct1YrjRlqvUcV7eqe3ABPuzwcTdA5IFBAgEGAGSBQQIBRgEoAYCgAel-kuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCe1iDSCAcIgGEQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTE1NjMyNDY0NTMxNDU5MTcYAA&sigh=rQcMAkda6gk&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=4335780698&adk=1638990907&adf=46507410&pi=t.ma~as.4335780698&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503452&bpp=2&bdt=287&idt=210&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=1640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cr3JKnjGX5&p=https%3A//www.intowindows.com&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 17 Mar 2022 16:11:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Mar 2022 16:11:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C0B 143 B
163 B 22ms
21ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=5022977766&adk=2898438081&adf=1346783958&pi=t.ma~as.5022977766&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503445&bpp=7&bdt=280&idt=177&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=1862852567493&frm=20&pv=2&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PXZTYzTn4f&p=https%3A//www.intowindows.com&dtd=197

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 17 Mar 2022 15:18:26 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7A8D 143 B
163 B 41ms
20ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1563246453145917&output=html&h=600&slotname=4335780698&adk=1638990907&adf=46507410&pi=t.ma~as.4335780698&w=250&fwrn=4&fwrnh=100&lmt=1647533503&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fwww.intowindows.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647533503452&bpp=2&bdt=287&idt=210&shv=r20220315&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&correlator=1862852567493&frm=20&pv=1&ga_vid=488410495.1647533503&ga_sid=1647533504&ga_hid=2016958492&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=1640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531398%2C44750773%2C44752536%2C182982100%2C182982300%2C31065470%2C31065544%2C31062931&oid=2&pvsid=2340654185096036&pem=678&tmod=238283917&uas=0&nvt=1&ref=https%3A%2F%2Fintowindows.com.admin-mcas-gov.us%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cr3JKnjGX5&p=https%3A//www.intowindows.com&dtd=213

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 17 Mar 2022 15:18:26 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 23DD 247 B
960 B 128ms
43ms Document
text/html 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

9e03332dab560d84d6dc56056b89f26035303a8219b7352d7b3a373cca9865ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce--eizjnu1o0NcZ5SiC6LQ8w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 203
date: Thu, 17 Mar 2022 16:11:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CF0F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d593b781ad27c9d117bab6958745ded1895286b929b349baea958633f24b23

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 41B7 9 KB
3 KB 51ms
21ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 18 Mar 2022 09:20:01 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 41B7 26 KB
10 KB 52ms
22ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:05:56 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 41B7 236 KB
63 KB 137ms
35ms Script
text/javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12013538744814064560/300x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 16:11:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C0B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

41ms
41ms

Document
text/html

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Mar 2022 16:11:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 16:11:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Mar 2022 16:11:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0DA5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9057202ccb5fa00e111b8972905b3fff5ed8ed63417d8739e92cfc41689a41

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7A8D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
43ms

Document
text/html

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Mar 2022 16:11:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 16:11:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Mar 2022 16:11:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 23DD 4 KB
2 KB 72ms
43ms Document
text/html 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

a90e9003ea651ad7108bbec423cee5fc63f084d8d45ed95b0ab9e4775aa943b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-fvr2TqMfzpejTbgINULsaw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1858
date: Thu, 17 Mar 2022 16:11:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 73ms
42ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220315&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c330211f3a976a4c7e84086cbec07528fff05242a047f85a42132ef94b5008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 16:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10605
x-xss-protection: 0

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D382 35 KB
14 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 15:43:27 GMT

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 41B7 35 KB
14 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 15:43:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 16:11:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2A8 13 KB
5 KB 21ms
21ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 16:07:39 GMT
expires: Fri, 17 Mar 2023 16:07:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 73AC 783 B
535 B 70ms
41ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5089101103842a997decd441538026cb19662fa025574d6778b06212f7dc566

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tnkG01dxEmVfL5JS1i4BtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 17 Mar 2022 16:11:45 GMT
date: Thu, 17 Mar 2022 16:11:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tnkG01dxEmVfL5JS1i4BtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C2A8 35 KB
14 KB 54ms
53ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 15:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 15:43:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 73AC 0
0 121ms
121ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220315&jk=2340654185096036&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C2A8 0
9 B 21ms
20ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AnrVbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:11:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF0F 42 B
64 B 102ms
101ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKgD9ugfm8DyBczOJSrurN8FWp8AnuwjeOb0z9Q9saZVPPFPnRr8X87NDrrHXPn88jtGiRlEyUmvp8Z-PVZlgXYWVT5vIp8cFKBdWmiacMNcIJZXI&sai=AMfl-YQYMv4YzglrMSo3FygHkbz38q6JeFsBl9GHc-s6UrimWB_WmPOWergvJ07IjUNfKo7tl2lut3Iu98mZ&sig=Cg0ArKJSzCBClkj09SyeEAE&id=lidar2&mcvt=1000&p=0,0,500,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2898438081&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647533504648&rpt=207&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 16:11:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 98ms
98ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220315&jk=2340654185096036&bg=!HxylHFjNAAba2mK92to7ACkAdvg8WsdHQjDrWlUt8NyH4FOt1OgZ6eoiZjJwBoxb3CtHSaXg6Rb5mwIAAABzUgAAAAJoAQeZAtgl_BfPBfAQxAMGd0HFn_SJ0PiBDUrC3_Yg7jBTUePD0k-v0VoC6vuqcO30IsEY-3wr8JetTczqHQOAhxkuHD9zYo4Z3hAYQVxuERm-CDe5ReuTSU6ESPy9B6UP9sIiF7Mkj9NSSY8ra0N7Srcsi_dV9tP2BU7MWQID_jvIMx5RKbp5_6Sm4ScESZvkEQXGCcCXiMbQnazkLNvNeWYhu7AD2FJknQr82eCZilhECHuFUFk_fVJxalsQPrvg2BOQnzk9dfzuNNcBkgMB3WLL2elFhDdXYNao7a02-SV4k5nsZKf1Yovc2rBqmhzIOdoEd8Geaeuxd7u83bOHwzGMgjsPS4pGInjY4w6OVdZahiJi61ObKT9xlmD6MvpZh-5_TpYkgcRI-hZwL5aUPGKDdadeZbQVADLctNP2rzNbBOxMebDH1XNyuyMmyieMZ1ew8HbO5Obp2SDPBZulR-wDXyfvzgtgaEKaTh7DNk5buSIFO5tnpPHIkJ8JaRbsAJj1-HShv3cey95mS13Wgim-mn7JRa43-xPvkOnj4Me5E82SdaObIwKwT83OhQ2mWF6oFmjJjr-7bvYEMyHnk5uzFkl_MWvCsI-23XVsD59zkKY9td_X0PMrCeM8wn76T9KPWo7NPEWSS3ce6Gj5zsAyLw1yLNYhxwW4SNEmHkf9AqW71ZfzvH3Y1_4pmXdhpVllzrr39tEyWx6Lg3rVPJBM6k7ZK1JP6k0pq-3TRund6Xw9N1_dvPZWZD9AuH0Yf5JxBqo-o_6nZdWhcKHEdCyoz3-rHIALrbPnZx3-LroqWravEtkb_0CyXQMzHVtDSV3jv6evbUR7bJh0lvxwxozH9fKvfK97JRBvOQWesnTC6f5VxqL9dCgQ3mnBKas8g2yWt1uwC-A9QW6MxlFjxEw43mTYuIGhK9RLWOAleJeCp3HX4Ws1kKR3GFTsfD-SHVa81ZV2xNmRhip9Tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.intowindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 16:11:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.intowindows.com/	1970-01-20 19:10:05	Name: _ga Value: GA1.2.488410495.1647533503
.intowindows.com/	1970-01-20 01:40:19	Name: _gid Value: GA1.2.1806281718.1647533503
.intowindows.com/	1970-01-20 01:38:53	Name: _gat_gtag_UA_5201210_2 Value: 1
.intowindows.com/	1970-01-20 11:00:29	Name: __gads Value: ID=04af6b567c1ccd3d-229604e3d6d100bf:T=1647533503:RT=1647533503:S=ALNI_MbfQnQOspGD06YIKz7M539uJcvUIg
.doubleclick.net/	1970-01-20 19:10:05	Name: IDE Value: AHWqTUl4FIKYhWccqOsSVoA0-PXnh0jUcgv2MOkWd6i2BIMDKo3DtoOoBNC9NaCuh2k
.doubleclick.net/	1970-01-20 01:38:57	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
googleads.g.doubleclick.net
intowindows.com
intowindows.com.admin-mcas-gov.us
mcasproxy.azureedge.net
mk0intowindows84fvao.kinstacdn.com
p4-cuijatqquh342-cx4xo4gtifyg52ns-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.intowindows.com
13.72.27.220
142.250.64.66
142.250.65.195
2600:141b:13::17d7:825a
2606:4700:3108::ac42:28b0
2607:f8b0:4004:c08::9c
2607:f8b0:4006:80b::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2006
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2008
35.232.130.91
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0674fe9e76b8e3383bf64e45f641c0ed930148df3eb850e617a9977e7ee34324
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
137fe3f2a5bf8d30d874b11a6be25970cbd72d74ab58a08cbc4dbd74f011cf62
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9057202ccb5fa00e111b8972905b3fff5ed8ed63417d8739e92cfc41689a41
2eb3ed64ca1841baf22b79eafce9dce75a3dfd02962ddcd4d40b6fe72fa9661b
41d593b781ad27c9d117bab6958745ded1895286b929b349baea958633f24b23
4437ce173dc24d2724fe909c27f283807dd58ccd729d93dc11598b3fc2e71bca
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
51ff875b78e7083fa4850dcdca83cd6152c7d439897d7eccf555b6ae000ccdc5
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54c330211f3a976a4c7e84086cbec07528fff05242a047f85a42132ef94b5008
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66f2e4487799f1261d20a0f5f3fc638905b1c061614190b4e27a24485ea068e6
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a8783955b4786284e93711bd71d46e87098fa9583fa980072407ca8d2e0414b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ac09cbf027116391e1632766f2a1b89d941febd0b7cf61102d5ca28bd2c4bf
72bbecba7e1a5f24b84715c7fe8ec66ff6467d8cda8f2adde5a1ce553bf04306
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
769e376a16fa420b6ea5802aef3f2e2aaa37b7898eda4d9f5745eea336176c2e
7fbedbd9d5ce89478d751a141998376c2260235a595292e31eb54f57ab61b288
80eb1072739ff1d1c7d335cb494d6491f9adea2ea0e831f8dec55b0f4129e708
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8ea05afe7011ec5dbd2e453ff5f8f401222a0841a726186eff7b60baf473d68a
98b2972cf5290c87aed75cfc8980cccd597a8b1d62a7042aa03dbb6d3b809591
998f85a23a439b61247ef0a4a7ad4fe3ece6885980facf0a9c9ea87ede6113d5
9d885345d3512bdcb004194c36fbb56e2876d8c557b4510f0bc35506b28318e7
9e03332dab560d84d6dc56056b89f26035303a8219b7352d7b3a373cca9865ae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55a3bb97660d11437e2cf7fca3cb7fae11ab5f93a771959909edc3e679ee6f7
a65e9bf3c8851b339c7e58b801471f984894d67193e1a2050f9c45428e7f1369
a8bb34e7773640e6852d778e5f792867b6a291a405243f7bd6c55142d2336328
a90e9003ea651ad7108bbec423cee5fc63f084d8d45ed95b0ab9e4775aa943b7
bab19ff5b376982c26f785ff96f7f3ca0ec5d9d4f302cf75b9acd7dc615af781
baf528f9742664fd5300faade8542d0275378479cbccf56ee2ca06dba25d12c6
bbf41cf7865370d91d7a1c6a5667e2bb1035a54b888cfbb39e0b7bb1cf400bd3
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1aecefece1cfc7a7702f1b4193edbe342156c3a3697207fdda25c897d0127bd
cf92d26228c4365e6f551e87ce1bcbe3ff4f2b0d7d7d3c2096726c1fc571fee8
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d29311d6bde7a502830e4dacbdbf6cd3bcd3c425efb2d01100f8da2d6ccffe20
d5089101103842a997decd441538026cb19662fa025574d6778b06212f7dc566
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d5e34633a1ecef7871a146661397f997dba86221175bd9bc99411a34196ced1d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9255566eefb614ddeb295060967cde9591a598d8850cfe6004fe8fa7fa99a16
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e21e3cd6b4909a41afeb4fcc45bb4c7c7ae271b020af91da3f6a5e2b23cf133c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
f01b724c89e87b14b4e28d15f7699e21f98a0896277713fcf2c5ea6ffbb02220

www.intowindows.com Open in urlscan Pro 2606:4700:3108::ac42:28b0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

97 %HTTPS

76 %IPv6

14 Domains

18 Subdomains

17 IPs

1 Countries

904 kBTransfer

2164 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.intowindows.com Open in urlscan Pro
2606:4700:3108::ac42:28b0 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

97 %
HTTPS

76 %
IPv6

14
Domains

18
Subdomains

17
IPs

1
Countries

904 kB
Transfer

2164 kB
Size

6
Cookies

66 HTTP transactions
11 data transactions