urlscan.io logo urlscan.io
SecurityTrails logo

activator-windows.ru Open in urlscan Pro
2a03:c980:b957:c570:185:87:197:112  Public Scan

Go To Rescan Add Verdict Report
URL: https://activator-windows.ru/
Submission Tags: @phishunt_io
Submission: On October 19 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2a03:c980:b957:c570:185:87:197:112, located in Russian Federation and belongs to IHCRU Internet-Hosting Ltd, Moscow, Russia, RU. The main domain is activator-windows.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 19th 2020. Valid for: 3 months.
This is the only time activator-windows.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2a03:c980:b95... 203226 (IHCRU Int...)
1 92.38.252.165 12695 (DINET-AS)
2 178.128.141.43 14061 (DIGITALOC...)
1 78.46.111.246 24940 (HETZNER-AS)
1 6 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.204 39134 (UNITEDNET)
32 10
17    2a03:c980:b957:c570:185:87:197:112 (Russian Federation)

ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU)
activator-windows.ru
1    92.38.252.165 (Russian Federation)

ASN12695 (DINET-AS, RU)
allstat-pp.ru
2    178.128.141.43 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
watchnews7.com
1    78.46.111.246 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
jquerylibd.ru
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
Domain Requested by
17 activator-windows.ru activator-windows.ru
6 mc.yandex.ru 1 redirects activator-windows.ru
mc.yandex.ru
3 fonts.gstatic.com fonts.googleapis.com
2 counter.yadro.ru 1 redirects
2 fonts.googleapis.com activator-windows.ru
2 watchnews7.com activator-windows.ru
watchnews7.com
1 jquerylibd.ru activator-windows.ru
1 allstat-pp.ru activator-windows.ru
32 8

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
activator-windows.ru
Let's Encrypt Authority X3		 2020-10-19 -
2021-01-17		 3 months crt.sh
allstat-pp.ru
Let's Encrypt Authority X3		 2020-09-11 -
2020-12-10		 3 months crt.sh
pushmoder.com
Let's Encrypt Authority X3		 2020-09-19 -
2020-12-18		 3 months crt.sh
jquerylibd.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-08-02 -
2021-08-02		 a year crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://activator-windows.ru/
Frame ID: FC4F85DB600B3814E29DC0B6CB29EACE
Requests: 30 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
Frame ID: 512173ADBEA87737CDA8A15E54D020EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

32
Requests

100 %
HTTPS

60 %
IPv6

8
Domains

8
Subdomains

10
IPs

3
Countries

565 kB
Transfer

1176 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://mc.yandex.ru/watch/55792930?wmode=7&page-url=https%3A%2F%2Factivator-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603122278342%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201019174439%3Aet%3A1603122279%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1202101201736%3Arqn%3A1%3Arn%3A780693700%3Ahid%3A824946484%3Ads%3A97%2C86%2C43%2C40%2C0%2C0%2C0%2C205%2C149%2C%2C%2C%2C491%3Afp%3A676%3Awn%3A52789%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603122279%3Au%3A1603122279685718030%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows%2010%2C%208.1%2C%207%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE HTTP 302
  • https://mc.yandex.ru/watch/55792930/1?wmode=7&page-url=https%3A%2F%2Factivator-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603122278342%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201019174439%3Aet%3A1603122279%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1202101201736%3Arqn%3A1%3Arn%3A780693700%3Ahid%3A824946484%3Ads%3A97%2C86%2C43%2C40%2C0%2C0%2C0%2C205%2C149%2C%2C%2C%2C491%3Afp%3A676%3Awn%3A52789%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603122279%3Au%3A1603122279685718030%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows%2010%2C%208.1%2C%207%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE
Request Chain 25
  • https://counter.yadro.ru/hit?t16.14;r;s1600*1200*24;uhttps%3A//activator-windows.ru/;h%u0410%u043A%u0442%u0438%u0432%u0430%u0442%u043E%u0440%u044B%20Windows%2010%2C%208.1%2C%207%20%u0441%u043A%u0430%u0447%u0430%u0442%u044C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E;0.9795587512174417 HTTP 302
  • https://counter.yadro.ru/hit?q;t16.14;r;s1600*1200*24;uhttps%3A//activator-windows.ru/;h%u0410%u043A%u0442%u0438%u0432%u0430%u0442%u043E%u0440%u044B%20Windows%2010%2C%208.1%2C%207%20%u0441%u043A%u0430%u0447%u0430%u0442%u044C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E;0.9795587512174417

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
activator-windows.ru/ 		59 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed / PHP/7.3.23
Resource Hash
810e816987c037ffe21c7ed6f3e167eb6d8f97e92057ffe532a9b460468562d9

Request headers

:method
GET
:authority
activator-windows.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-powered-by
PHP/7.3.23
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Mon, 19 Oct 2020 15:44:38 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
20f20b.css
activator-windows.ru/s/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/s/20f20b.css
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3333185b54b1e8b7767ed5731d3e7b1035580b00f937e263baf7283b959f5f19

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
content-encoding
br
last-modified
Tue, 15 Oct 2019 15:07:20 GMT
server
LiteSpeed
etag
"1bdcf-5da5e0a8-dbcdde16d28b613e;br"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
20459
8665ee.css
activator-windows.ru/s/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/s/8665ee.css
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
41b80e5215874403704a3665b231b8462e9573598d8e2e7b96c46edc55fbf58f

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
content-encoding
br
last-modified
Tue, 15 Oct 2019 15:07:20 GMT
server
LiteSpeed
etag
"872c-5da5e0a8-56653470247ed414;br"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
7163
e3c54c535d4b765251eadcb73fbc572d1baf1c54.js
allstat-pp.ru/528/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allstat-pp.ru/528/e3c54c535d4b765251eadcb73fbc572d1baf1c54.js
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.38.252.165 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3194456f7b08b16730eac14fcdd9e0232bb502953df5291df2255fae7ff99cef

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
content-encoding
gzip
last-modified
Fri, 09 Oct 2020 07:48:57 GMT
server
nginx/1.16.1
etag
W/"5f8015e9-32f6"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
watchnews7.com/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://watchnews7.com/?pu=gbtdsmrwgu5ha3ddf42dimbr
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b8f45ea87a19c5e2aa99e482a206fcf4e24975657fa30b4fe343ab7820e99f59
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 19 Oct 2020 15:44:38 GMT
server
nginx
access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
jquery-1.7.5.js
jquerylibd.ru/libs157/ 		0
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jquerylibd.ru/libs157/jquery-1.7.5.js
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.46.111.246 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/5.6.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:38 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.27
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
KMSAuto-Lite-Portable.jpg
activator-windows.ru/wp-content/uploads/2018/10/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/10/KMSAuto-Lite-Portable.jpg
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
47650124fb1dc15b39e8dae79cb1700430b3636b3da0b6aa1c30ec3358fab3eb

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:48 GMT
server
LiteSpeed
etag
"6dde-5da5e0c4-e2176d9768249256;;;"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
28126
Windows-8.1-Activated-Reloader-3.png
activator-windows.ru/wp-content/uploads/2018/09/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/Windows-8.1-Activated-Reloader-3.png
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f094bf61dd3616a941acba3f0d4819f1779a0a3e41e560e659bb169bf8eb9dc6

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:41 GMT
server
LiteSpeed
etag
"4932-5da5e0bd-61f6533f4c7e6ed7;;;"
content-type
image/png
status
200
accept-ranges
bytes
content-length
18738
w7lxe.png
activator-windows.ru/wp-content/uploads/2018/09/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/w7lxe.png
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
00db7c350df8acabf9b66c39ca09ab6ae9e9bfa697749d53c05d5bfc8bb27b78

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:37 GMT
server
LiteSpeed
etag
"60e2-5da5e0b9-2cfab8cc6ad3df13;;;"
content-type
image/png
status
200
accept-ranges
bytes
content-length
24802
1449216661_chew7.jpg
activator-windows.ru/wp-content/uploads/2018/09/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/1449216661_chew7.jpg
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8f763c439ae2aafc1131e544c31c2488e9ad28bc600b1b794acb809ddf00e5ce

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:29 GMT
server
LiteSpeed
etag
"d537-5da5e0b1-866852544e6c4233;;;"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
54583
HoF3dT7NykY.jpg
activator-windows.ru/wp-content/uploads/2018/09/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/HoF3dT7NykY.jpg
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
608e783a472722d2a90943ac14137a5badd3997e818985037d9a7c927df1f867

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:29 GMT
server
LiteSpeed
etag
"30e1-5da5e0b1-e6192feb2a5b6c2f;;;"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
12513
wga.jpg
activator-windows.ru/wp-content/uploads/2018/09/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/wga.jpg
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c2472fcd84a862144c45096033c0f3d83a6e74c2622841d2d29e305e3cc058db

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:38 GMT
server
LiteSpeed
etag
"6dcc-5da5e0ba-8c5c7d9086514389;;;"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
28108
a61809e5e5b5a03f90cfa54d94db946c.jpg
activator-windows.ru/wp-content/uploads/2018/09/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/a61809e5e5b5a03f90cfa54d94db946c.jpg
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ba7fcad8a3bab82e4c2b4a8649d4dcfd22b62c16c1fb9074d861c8647c70ce2f

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:29 GMT
server
LiteSpeed
etag
"302d-5da5e0b1-8fdc4947a8577736;;;"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
12333
1397322676_vindous-loader-bay-daz.jpg
activator-windows.ru/wp-content/uploads/2018/09/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/1397322676_vindous-loader-bay-daz.jpg
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b4f96415509824ac0038b490b1d828c502d61dc6d2467ae6b33645f3aeabd2a1

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:29 GMT
server
LiteSpeed
etag
"63a6-5da5e0b1-d480fd93756bea8f;;;"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
25510
Kmspico-logo.png
activator-windows.ru/wp-content/uploads/2018/09/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/uploads/2018/09/Kmspico-logo.png
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
991f74d9f5b2064be229270e625557cfccd4df6d769f705fdb8cb68397d31ea9

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:38 GMT
last-modified
Tue, 15 Oct 2019 15:07:30 GMT
server
LiteSpeed
etag
"52dd-5da5e0b2-1577474a53552601;;;"
content-type
image/png
status
200
accept-ranges
bytes
content-length
21213
tag.js
mc.yandex.ru/metrika/ 		368 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 19 Oct 2020 15:44:38 GMT
Content-Encoding
br
Last-Modified
Tue, 06 Oct 2020 13:44:27 GMT
ETag
"5f75f273-175fc"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Content-Length
95740
Expires
Mon, 19 Oct 2020 16:44:38 GMT
fa-solid-900.woff2
activator-windows.ru/wp-content/themes/hueman/assets/front/webfonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/s/8665ee.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0c1398670a1fabd16ce06d8e7e4f4c113a5e6bb1e89fcbab5cd8ded8cdb95f8d

Request headers

Origin
https://activator-windows.ru
Referer
https://activator-windows.ru/s/8665ee.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:39 GMT
last-modified
Tue, 15 Oct 2019 15:07:54 GMT
server
LiteSpeed
etag
"8fa4-5da5e0ca-c704ae1b2c4d599a;;;"
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
36772
css
fonts.googleapis.com/ Frame 5121 		6 KB
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1abd1afaff1aa9eef863840ffa8fa733c21a8cab8d2eaa4c1443c9cf4da1834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Oct 2020 15:44:38 GMT
server
ESF
date
Mon, 19 Oct 2020 15:44:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Oct 2020 15:44:38 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ Frame 5121 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://activator-windows.ru
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:33:54 GMT
server
sffe
age
15846
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30940
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:33 GMT
/
watchnews7.com/ 		10 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://watchnews7.com/?pus=gbtdsmrwgu5ha3ddf42dimbr&sub1=&sub2=&sub3=&sub4=&gmt=2
Requested by
Host: watchnews7.com
URL: https://watchnews7.com/?pu=gbtdsmrwgu5ha3ddf42dimbr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 19 Oct 2020 15:44:39 GMT
server
nginx
access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1abd1afaff1aa9eef863840ffa8fa733c21a8cab8d2eaa4c1443c9cf4da1834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Oct 2020 15:44:39 GMT
server
ESF
date
Mon, 19 Oct 2020 15:44:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Oct 2020 15:44:39 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://activator-windows.ru
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:33:54 GMT
server
sffe
age
15846
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30940
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:33 GMT
BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0c3b5c5a386f4a1b168734be9f5f2d3c73b90aae1f797d88e90f8209018c156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://activator-windows.ru
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300italic,300,400italic,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 13:43:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:31:44 GMT
server
sffe
age
7253
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20876
x-xss-protection
0
expires
Tue, 19 Oct 2021 13:43:46 GMT
1
mc.yandex.ru/watch/55792930/
Redirect Chain
  • https://mc.yandex.ru/watch/55792930?wmode=7&page-url=https%3A%2F%2Factivator-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603122278342%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166...
  • https://mc.yandex.ru/watch/55792930/1?wmode=7&page-url=https%3A%2F%2Factivator-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603122278342%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21...
186 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55792930/1?wmode=7&page-url=https%3A%2F%2Factivator-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603122278342%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201019174439%3Aet%3A1603122279%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1202101201736%3Arqn%3A1%3Arn%3A780693700%3Ahid%3A824946484%3Ads%3A97%2C86%2C43%2C40%2C0%2C0%2C0%2C205%2C149%2C%2C%2C%2C491%3Afp%3A676%3Awn%3A52789%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603122279%3Au%3A1603122279685718030%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows%2010%2C%208.1%2C%207%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
aa2b494656051342ecaa00337efb0f4a47a59a3d8f252ba0dc4fc5eca98f2e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19-Oct-2020 15:44:39 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://activator-windows.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Mon, 19-Oct-2020 15:44:39 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:39 GMT
Last-Modified
Mon, 19-Oct-2020 15:44:39 GMT
Access-Control-Allow-Origin
https://activator-windows.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/55792930/1?wmode=7&page-url=https%3A%2F%2Factivator-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603122278342%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201019174439%3Aet%3A1603122279%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1202101201736%3Arqn%3A1%3Arn%3A780693700%3Ahid%3A824946484%3Ads%3A97%2C86%2C43%2C40%2C0%2C0%2C0%2C205%2C149%2C%2C%2C%2C491%3Afp%3A676%3Awn%3A52789%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603122279%3Au%3A1603122279685718030%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows%2010%2C%208.1%2C%207%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 19-Oct-2020 15:44:39 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 19 Oct 2020 15:44:39 GMT
Last-Modified
Thu, 15 Oct 2020 15:05:59 GMT
ETag
"5f88606d-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 19 Oct 2020 16:44:39 GMT
59d2e5.js
activator-windows.ru/s/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/s/59d2e5.js
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8edaba0bafcce494e8f1973ae90b7cff521d521466ad45c66923c8c6ad5136a1

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:39 GMT
content-encoding
br
last-modified
Tue, 15 Oct 2019 15:07:20 GMT
server
LiteSpeed
etag
"1fad4-5da5e0a8-ab863b8517b1010c;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
42217
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t16.14;r;s1600*1200*24;uhttps%3A//activator-windows.ru/;h%u0410%u043A%u0442%u0438%u0432%u0430%u0442%u043E%u0440%u044B%20Windows%2010%2C%208.1%2C%207%20%u0441%u043A%u043...
  • https://counter.yadro.ru/hit?q;t16.14;r;s1600*1200*24;uhttps%3A//activator-windows.ru/;h%u0410%u043A%u0442%u0438%u0432%u0430%u0442%u043E%u0440%u044B%20Windows%2010%2C%208.1%2C%207%20%u0441%u043A%u0...
175 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t16.14;r;s1600*1200*24;uhttps%3A//activator-windows.ru/;h%u0410%u043A%u0442%u0438%u0432%u0430%u0442%u043E%u0440%u044B%20Windows%2010%2C%208.1%2C%207%20%u0441%u043A%u0430%u0447%u0430%u0442%u044C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E;0.9795587512174417
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
1f8588d3c62bb38d6a7ed3604279793810de9cb55dababe7b06bc144435ac6f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:39 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
175
Expires
Sat, 19 Oct 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:39 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t16.14;r;s1600*1200*24;uhttps%3A//activator-windows.ru/;h%u0410%u043A%u0442%u0438%u0432%u0430%u0442%u043E%u0440%u044B%20Windows%2010%2C%208.1%2C%207%20%u0441%u043A%u0430%u0447%u0430%u0442%u044C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E;0.9795587512174417
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 19 Oct 2019 21:00:00 GMT
rating_over.gif
activator-windows.ru/wp-content/plugins/wp-postratings/images/stars/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activator-windows.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed / PHP/7.3.23
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Mon, 19 Oct 2020 15:44:39 GMT
server
LiteSpeed
x-powered-by
PHP/7.3.23
content-length
0
content-type
text/html; charset=UTF-8
25e1eb.js
activator-windows.ru/s/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/s/25e1eb.js
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad2c95df0c36befe42ac98bfaf3667153985be41543777deba86226b912f70

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:39 GMT
content-encoding
br
last-modified
Tue, 15 Oct 2019 15:07:20 GMT
server
LiteSpeed
etag
"4c69-5da5e0a8-89f009baffd58290;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
6218
920fc5.js
activator-windows.ru/s/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activator-windows.ru/s/920fc5.js
Requested by
Host: activator-windows.ru
URL: https://activator-windows.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a03:c980:b957:c570:185:87:197:112 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a765dcc98da4b2e156386c5f58141f7bf5a9e9300de56c6ad5e6295c9a94d129

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:44:39 GMT
content-encoding
br
last-modified
Tue, 15 Oct 2019 15:07:20 GMT
server
LiteSpeed
etag
"15146-5da5e0a8-d2a622158762215b;br"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
24507
55792930
mc.yandex.ru/webvisor/ 		43 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/55792930?wmode=0&rn=434657922&page-url=https%3A%2F%2Factivator-windows.ru%2F&wv-type=3&wv-hit=824946484&wv-part=1&browser-info=ti%3A8%3Aet%3A1603122280%3Aw%3A1600x1200%3Av%3A1964%3Az%3A120%3Ai%3A20201019174439%3Abt%3A1%3Ast%3A1603122282%3Au%3A1603122279685718030
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:41 GMT
Last-Modified
Mon, 19-Oct-2020 15:44:41 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://activator-windows.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 19-Oct-2020 15:44:41 GMT
55792930
mc.yandex.ru/webvisor/ 		43 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/55792930?wmode=0&rn=454979915&page-url=https%3A%2F%2Factivator-windows.ru%2F&wv-type=3&wv-hit=824946484&wv-part=1&browser-info=ti%3A8%3Aet%3A1603122280%3Aw%3A1600x1200%3Av%3A1964%3Az%3A120%3Ai%3A20201019174439%3Ast%3A1603122282%3Au%3A1603122279685718030
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://activator-windows.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Oct 2020 15:44:41 GMT
Last-Modified
Mon, 19-Oct-2020 15:44:41 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://activator-windows.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 19-Oct-2020 15:44:41 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| ress_loadGooglefont function| ress_loadFont function| ym function| a2GshMVRvY2xCIhEE object| if4be0 object| Ya object| yaCounter55792930 undefined| $ function| jQuery object| jQuery112403303138169490081 object| title object| ratingsL10n object| ratings_mouseover_image number| post_id number| post_rating boolean| is_being_rated function| current_rating function| ratings_off function| set_is_being_rated function| rate_post_success function| rate_post function| _ object| HUParams function| smoothScroll function| tcOutline object| czrapp function| Waypoint function| Vivus object| $_to_center_with_delay object| wp

2 Cookies

Domain/Path Name / Value
.activator-windows.ru/ Name: _ym_d
Value: 1603122279
.activator-windows.ru/ Name: _ym_uid
Value: 1603122279685718030

1 Console Messages

Source Level URL
Text
console-api log URL: https://activator-windows.ru/s/59d2e5.js(Line 4)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activator-windows.ru
allstat-pp.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
jquerylibd.ru
mc.yandex.ru
watchnews7.com
178.128.141.43
2a00:1450:4001:801::200a
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:81f::2003
2a02:6b8::1:119
2a03:c980:b957:c570:185:87:197:112
78.46.111.246
88.212.201.204
92.38.252.165
00db7c350df8acabf9b66c39ca09ab6ae9e9bfa697749d53c05d5bfc8bb27b78
0c1398670a1fabd16ce06d8e7e4f4c113a5e6bb1e89fcbab5cd8ded8cdb95f8d
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
1f8588d3c62bb38d6a7ed3604279793810de9cb55dababe7b06bc144435ac6f9
3194456f7b08b16730eac14fcdd9e0232bb502953df5291df2255fae7ff99cef
3333185b54b1e8b7767ed5731d3e7b1035580b00f937e263baf7283b959f5f19
41b80e5215874403704a3665b231b8462e9573598d8e2e7b96c46edc55fbf58f
47650124fb1dc15b39e8dae79cb1700430b3636b3da0b6aa1c30ec3358fab3eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aad2c95df0c36befe42ac98bfaf3667153985be41543777deba86226b912f70
608e783a472722d2a90943ac14137a5badd3997e818985037d9a7c927df1f867
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
810e816987c037ffe21c7ed6f3e167eb6d8f97e92057ffe532a9b460468562d9
8edaba0bafcce494e8f1973ae90b7cff521d521466ad45c66923c8c6ad5136a1
8f763c439ae2aafc1131e544c31c2488e9ad28bc600b1b794acb809ddf00e5ce
991f74d9f5b2064be229270e625557cfccd4df6d769f705fdb8cb68397d31ea9
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a765dcc98da4b2e156386c5f58141f7bf5a9e9300de56c6ad5e6295c9a94d129
aa2b494656051342ecaa00337efb0f4a47a59a3d8f252ba0dc4fc5eca98f2e26
b1abd1afaff1aa9eef863840ffa8fa733c21a8cab8d2eaa4c1443c9cf4da1834
b4f96415509824ac0038b490b1d828c502d61dc6d2467ae6b33645f3aeabd2a1
b8f45ea87a19c5e2aa99e482a206fcf4e24975657fa30b4fe343ab7820e99f59
ba7fcad8a3bab82e4c2b4a8649d4dcfd22b62c16c1fb9074d861c8647c70ce2f
c2472fcd84a862144c45096033c0f3d83a6e74c2622841d2d29e305e3cc058db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f094bf61dd3616a941acba3f0d4819f1779a0a3e41e560e659bb169bf8eb9dc6
f0c3b5c5a386f4a1b168734be9f5f2d3c73b90aae1f797d88e90f8209018c156