windows-activ.com Open in urlscan Pro
81.177.139.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windows-activ.com/
Submission Tags: @phishunt_io
Submission: On August 30 via api (August 30th 2020, 12:56:34 pm UTC) from ES

Summary HTTP 54 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 54 HTTP transactions. The main IP is 81.177.139.17, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is windows-activ.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 30th 2020. Valid for: 3 months.

This is the only time windows-activ.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	81.177.139.17 81.177.139.17	8342 (RTCOMM-AS) (RTCOMM-AS)
5	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
8	95.163.114.203 95.163.114.203	12695 (DINET-AS) (DINET-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 7	148.251.41.166 148.251.41.166	24940 (HETZNER-AS) (HETZNER-AS)
1	78.24.221.88 78.24.221.88	29182 (THEFIRST-AS) (THEFIRST-AS)
1 1	92.123.228.54 92.123.228.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.0.47.176 23.0.47.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.217.17.244 95.217.17.244	24940 (HETZNER-AS) (HETZNER-AS)
54	11

28 81.177.139.17 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

windows-activ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.163.114.203 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 148.251.41.166 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.166.41.251.148.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.24.221.88 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta15.ru

utl-utils.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.228.54 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-228-54.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.47.176 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-47-176.deploy.static.akamaitechnologies.com

best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.17.244 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.17.217.95.clients.your-server.de

sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	windows-activ.com windows-activ.com	272 KB
8	uptolike.com w.uptolike.com	63 KB
6	google.com apis.google.com accounts.google.com	104 KB
4	semantiqo.com 1 redirects sonar.semantiqo.com	32 KB
4	yandex.ru 1 redirects mc.yandex.ru	45 KB
3	caltat.com 1 redirects cdn3.caltat.com	958 B
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
2	aliexpress.com 1 redirects s.click.aliexpress.com best.aliexpress.com	1 KB
1	magnitent.com sync.magnitent.com	593 B
1	utl-utils.ru utl-utils.ru	10 KB
54	10

	Domain	Requested by
28	windows-activ.com	windows-activ.com
8	w.uptolike.com	windows-activ.com w.uptolike.com
5	apis.google.com	windows-activ.com apis.google.com
4	sonar.semantiqo.com	1 redirects w.uptolike.com sonar.semantiqo.com
4	mc.yandex.ru	1 redirects w.uptolike.com
3	cdn3.caltat.com	1 redirects sonar.semantiqo.com
3	counter.yadro.ru	2 redirects windows-activ.com
1	sync.magnitent.com
1	best.aliexpress.com	utl-utils.ru
1	s.click.aliexpress.com	1 redirects
1	utl-utils.ru	w.uptolike.com
1	accounts.google.com	apis.google.com
54	12

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
www.anipots.com
uptolike.ru
promopult.ru

Subject Issuer	Validity	Valid
windows-activ.com Let's Encrypt Authority X3	`2020-08-30` - `2020-11-28`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
uptolike.com Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
sonar.semantiqo.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-12` - `2021-11-11`	2 years	crt.sh
utl-utils.ru Let's Encrypt Authority X3	`2020-06-29` - `2020-09-27`	3 months	crt.sh
ru.aliexpress.com DigiCert Secure Site ECC CA-1	`2020-06-09` - `2021-06-21`	a year	crt.sh
cdn3.caltat.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-12` - `2021-11-11`	2 years	crt.sh
sync.magnitent.com Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://windows-activ.com/
Frame ID: 06E3E324DCEA9B5422976F612B933801
Requests: 48 HTTP requests in this frame

Frame: https://apis.google.com/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwindows-activ.com%2F&width=580&first_party_property=BLOGGER&view_type=FILTERED_POSTMOD&origin=https%3A%2F%2Fwindows-activ.com&search=&hash=&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 50849325A98BB8F5A222631171D0BDDD
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwindows-activ.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 63F045F6B64B74987C95F6EB679704AB
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?77067b93bc6214cddd2d7375412c98fe
Frame ID: E035346FB987F52E3395FE8E9E7B34A9
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?77067b93bc6214cddd2d7375412c98fe
Frame ID: 892AE8F4A7FFC8F7857AC817856994AE
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_d6cGmnO&aff_trace_key=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO&terminal_id=f872672a77bf4bfa801541b0983cbcea&aff_request_id=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO
Frame ID: 5B8F33CF27EFCE0FBDD8E829FC0923CE
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: D6853587C361534137FA17A008A16279
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: 3A72A11D3853D7A805FA4038435DDBC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

54
Requests

100 %
HTTPS

27 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

526 kB
Transfer

1181 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://www.anipots.com/
Title: Anipots

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=
Title: Uptolike

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=pl

Search URL Search Domain Scan URL

URL: https://promopult.ru/ref/9c0d1fe44f8f79c7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://counter.yadro.ru/hit?t29.5;r;s1600*1200*24;uhttps%3A//windows-activ.com/;0.7193650473045017 HTTP 302
https://counter.yadro.ru/hit?q;t29.5;r;s1600*1200*24;uhttps%3A//windows-activ.com/;0.7193650473045017

Request Chain 45

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fwindows-activ.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598792175546%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830145618%3Aet%3A1598792178%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A432750092271%3Arqn%3A1%3Arn%3A338923337%3Ahid%3A276553149%3Ads%3A66%2C155%2C68%2C2%2C0%2C0%2C0%2C340%2C39%2C1926%2C1928%2C1%2C635%3Afp%3A577%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598792178%3Au%3A1598792178611397708%3At%3AAktywatory%20dla%20Windows%20-%20Pobierz%20aktywatory%20dla%20Windows! HTTP 302
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwindows-activ.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598792175546%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830145618%3Aet%3A1598792178%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A432750092271%3Arqn%3A1%3Arn%3A338923337%3Ahid%3A276553149%3Ads%3A66%2C155%2C68%2C2%2C0%2C0%2C0%2C340%2C39%2C1926%2C1928%2C1%2C635%3Afp%3A577%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598792178%3Au%3A1598792178611397708%3At%3AAktywatory%20dla%20Windows%20-%20Pobierz%20aktywatory%20dla%20Windows%21

Request Chain 47

https://s.click.aliexpress.com/e/_d6cGmnO HTTP 302
https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_d6cGmnO&aff_trace_key=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO&terminal_id=f872672a77bf4bfa801541b0983cbcea&aff_request_id=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO

Request Chain 53

https://counter.yadro.ru/id127/reff-id.gif?sid=1379f98a5409473dab3d855ac6945fb9 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=3B8D0B72982E8425&sid=1379f98a5409473dab3d855ac6945fb9 HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=1379f98a5409473dab3d855ac6945fb9&spid=3B8D0B72982E8425 HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=9801ac9e84b74bf7a042865ce348c3d0&sonar=1379f98a5409473dab3d855ac6945fb9&spid=3B8D0B72982E8425

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
windows-activ.com/ 42 KB
9 KB 291ms
69ms Document
text/html 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 / PHP/5.6.23
Resource Hash: 6448bb755464a189e7543ed74787e14fc367ec69fb66ff9b8559330b4f573aa4

Request headers

Host: windows-activ.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
X-Powered-By: PHP/5.6.23
Last-Modified: Sun, 30 Aug 2020 09:20:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Sun, 30 Aug 2020 12:56:15 GMT
Content-Length: 9172
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
windows-activ.com/wp-content/themes/windipolska/ 59 KB
9 KB 56ms
53ms Stylesheet
text/css 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: cb43b46d9cc21b062e67437565a3c408858273871844edb70202135163038df2

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:58:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9186
Expires: Mon, 30 Aug 2021 12:56:15 GMT

GET
H/1.1 200
OK polls-css-2.69.css
windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/wp-polls/ 3 KB
1 KB 109ms
52ms Stylesheet
text/css 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/wp-polls/polls-css-2.69.css
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Feb 2020 05:32:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 723
Expires: Mon, 30 Aug 2021 12:56:15 GMT

GET
H/1.1 200
OK frontend.css
windows-activ.com/wp-content/plugins/download-monitor/assets/css/ 5 KB
2 KB 145ms
48ms Stylesheet
text/css 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/plugins/download-monitor/assets/css/frontend.css
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 425a00fc56a9a37e7bc309b400db941ca9bd5506dd560ad3c846c7f6913d7677

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 10:00:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1173
Expires: Mon, 30 Aug 2021 12:56:15 GMT

GET
H/1.1 200
OK jquery.fancybox.min-1.3.24.css
windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/css/ 4 KB
2 KB 161ms
51ms Stylesheet
text/css 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min-1.3.24.css
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: a6ca355701f9041f5b32854c410d35bfa65e7e7d940ac20198264fc927fab330

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Feb 2020 05:32:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1131
Expires: Mon, 30 Aug 2021 12:56:15 GMT

GET
H/1.1 200
OK style.responsive.css
windows-activ.com/wp-content/themes/windipolska/ 6 KB
2 KB 166ms
56ms Stylesheet
text/css 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/themes/windipolska/style.responsive.css
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: eb4cfdb18c1799ec619c5d85cb6ca8c2e2ae65e079a468d384fd16857aa85a83

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:58:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1442
Expires: Mon, 30 Aug 2021 12:56:15 GMT

GET
H/1.1 200
OK jquery.js Show response
windows-activ.com/wp-content/themes/windipolska/ 90 KB
32 KB 180ms
63ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/themes/windipolska/jquery.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:58:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32775
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK jquery-migrate-1.1.1.js Show response
windows-activ.com/wp-content/themes/windipolska/ 16 KB
6 KB 194ms
65ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/themes/windipolska/jquery-migrate-1.1.1.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: fd23ab8ce969cdbc761e041f63d763e11a5864a5428e61d006042f5a49464334

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:58:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5630
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK script.js Show response
windows-activ.com/wp-content/themes/windipolska/ 38 KB
9 KB 205ms
70ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/themes/windipolska/script.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 2f2bccb378bd1985c7b4df6580e458520ebf8ee27239123c63b0e27077af410a

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:58:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9072
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK script.responsive.js Show response
windows-activ.com/wp-content/themes/windipolska/ 15 KB
3 KB 192ms
48ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/themes/windipolska/script.responsive.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 6b9e7d0b567fa48457a37c3304c1deaad4a3bc4a309033bb09e18bad24b29911

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:58:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2863
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK windowsik.jpg
windows-activ.com/ 14 KB
14 KB 54ms
52ms Image
image/jpeg 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/windowsik.jpg
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: fd053186fa2969dd5a1e3c0d6dd04e782155ec2d9cfa71343988ac3ba65062ec

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:54:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 14055
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
20 KB 51ms
30ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: windows-activ.com
URL: https://windows-activ.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dJGkiHpVBhz1+BT+vscdDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 12:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9d5cd1be658ea5e8c43387860482a354"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-dJGkiHpVBhz1+BT+vscdDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 30 Aug 2020 12:56:16 GMT

GET
H/1.1 200
OK loading.gif
windows-activ.com/wp-content/plugins/wp-polls/images/ 771 B
1 KB 68ms
68ms Image
image/gif 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/plugins/wp-polls/images/loading.gif
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 771
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
windows-activ.com/wp-includes/js/ 757 B
849 B 58ms
58ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-includes/js/comment-reply.min.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 09:54:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 406
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK polls-js-2.69.js Show response
windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/wp-polls/ 3 KB
1 KB 70ms
67ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/wp-polls/polls-js-2.69.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Feb 2020 05:32:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 700
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK jquery.fancybox.min-1.3.24.js Show response
windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/js/ 19 KB
7 KB 66ms
64ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min-1.3.24.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Feb 2020 05:32:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6330
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK jquery.easing.min-1.4.1.js Show response
windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/js/ 2 KB
1 KB 52ms
49ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/js/jquery.easing.min-1.4.1.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Feb 2020 05:32:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 767
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK jquery.mousewheel.min-3.1.13.js Show response
windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/js/ 3 KB
2 KB 59ms
57ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/cache/busting/1/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min-3.1.13.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Feb 2020 05:32:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1145
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H/1.1 200
OK page.jpeg
windows-activ.com/wp-content/themes/windipolska/images/ 102 KB
102 KB 92ms
58ms Image
image/jpeg 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/themes/windipolska/images/page.jpeg
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 30a1565146d94ba46395b4c9d174f0a87a27844a8f3e3382a91132841a4ccb5b

Request headers

Referer: https://windows-activ.com/wp-content/themes/windipolska/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 104499
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK menuseparator.png
windows-activ.com/wp-content/themes/windipolska/images/ 99 B
488 B 91ms
48ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/themes/windipolska/images/menuseparator.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 381c8bffac5e27c63665934283eebd493bebb157c576d1415701db195850f372

Request headers

Referer: https://windows-activ.com/wp-content/themes/windipolska/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 99
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK vmenublockheadericon.png
windows-activ.com/wp-content/themes/windipolska/images/ 313 B
703 B 99ms
51ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/themes/windipolska/images/vmenublockheadericon.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: f9fec3c68e65a656d2d8b193989cb4ff044856df358cca2119f2f423c86075b3

Request headers

Referer: https://windows-activ.com/wp-content/themes/windipolska/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 313
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t29.5;r;s1600*1200*24;uhttps%3A//windows-activ.com/;0.7193650473045017
https://counter.yadro.ru/hit?q;t29.5;r;s1600*1200*24;uhttps%3A//windows-activ.com/;0.7193650473045017

618 B
1 KB

51ms
51ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t29.5;r;s1600*1200*24;uhttps%3A//windows-activ.com/;0.7193650473045017

Requested by

Host: windows-activ.com
URL: https://windows-activ.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

1ef827a3ccc4beb64d7e649b0d692cd2cf55698c37f8d84dac53adf04b0e3ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Aug 2020 12:56:16 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 618
Expires: Fri, 30 Aug 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Aug 2020 12:56:16 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t29.5;r;s1600*1200*24;uhttps%3A//windows-activ.com/;0.7193650473045017
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 30 Aug 2019 21:00:00 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK postbullets.png
windows-activ.com/wp-content/themes/windipolska/images/ 342 B
732 B 68ms
55ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/themes/windipolska/images/postbullets.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: e8a8c3df02c4c65835100b90442f250c7662069a929071f1e67e4e65920fc674

Request headers

Referer: https://windows-activ.com/wp-content/themes/windipolska/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 342
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK postquote.png
windows-activ.com/wp-content/themes/windipolska/images/ 371 B
761 B 84ms
64ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/themes/windipolska/images/postquote.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: f5cb8ca1c6d320d7240bcded14fd9dc6f312163899e41e48cc82313acf82b6cf

Request headers

Referer: https://windows-activ.com/wp-content/themes/windipolska/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 371
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 140 KB
49 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 503520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50000
x-xss-protection: 0
expires: Tue, 24 Aug 2021 17:04:16 GMT

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 1231ms
75ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f35ed4a80d12c9fb20f2bd61885150f1d84554324ece2a00d2fc7828c65b37a9

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Sun, 30 Aug 2020 13:26:17 GMT

GET
H/1.1 200
OK blockbullets.png
windows-activ.com/wp-content/themes/windipolska/images/ 134 B
524 B 75ms
47ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/themes/windipolska/images/blockbullets.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/wp-content/themes/windipolska/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 6e4fbffab3283edbc525fdafad217adeb6003083f5c5d89bf6b4e1437ed755b5

Request headers

Referer: https://windows-activ.com/wp-content/themes/windipolska/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 134
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK lazyload-10.5.2.min.js Show response
windows-activ.com/wp-content/plugins/wp-rocket/inc/front/js/ 4 KB
2 KB 52ms
51ms Script
application/javascript 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-activ.com/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.5.2.min.js
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 974b373aafebb2098c590c7ec80e9538cdd824d365234f7df5a101e47a98003c

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 10:01:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1498
Expires: Mon, 30 Aug 2021 12:56:16 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=comments/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=comments/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc2adc907a546740b187952cd831a89ad0aa33aff42acf1d462fa1b3e6882af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 19:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 496071
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5837
x-xss-protection: 0
expires: Tue, 24 Aug 2021 19:08:25 GMT

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=comments,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 85 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=comments,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0d9f34bdb1eb24cd939e164cb4aa440943a5b699c60ad3fa419a36bf65994d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 489647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29963
x-xss-protection: 0
expires: Tue, 24 Aug 2021 20:55:29 GMT

GET
H3-Q050 404 comments
apis.google.com/_/widget/render/ Frame 5084 0
0 25ms
24ms Document
text/html 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwindows-activ.com%2F&width=580&first_party_property=BLOGGER&view_type=FILTERED_POSTMOD&origin=https%3A%2F%2Fwindows-activ.com&search=&hash=&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-11zMXLUuXxHpub13XxuSEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwindows-activ.com%2F&width=580&first_party_property=BLOGGER&view_type=FILTERED_POSTMOD&origin=https%3A%2F%2Fwindows-activ.com&search=&hash=&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-activ.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=QqbfepSgqicObZfjgVdO-6V9o-odQvR1PVxhgd7ePoWlyW9c_rSyLcnhHyJod5qqBMN9Fd0fy5l_9D4wDAh9O8WcZyM4fgaZ5ADtILYw6cpSiVBYQQ70t3CImRRa9nO5G7VgvA6U1Uwoe-HyXF6ZmPsZEv2PbWHF6hUf5_PcDj8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Aug 2020 12:56:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-11zMXLUuXxHpub13XxuSEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 63F0 0
0 39ms
18ms Document
text/html 2a00:1450:4001:81c::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwindows-activ.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=comments,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+st9UAy6w8sR/VLHKst7Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwindows-activ.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-activ.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=QqbfepSgqicObZfjgVdO-6V9o-odQvR1PVxhgd7ePoWlyW9c_rSyLcnhHyJod5qqBMN9Fd0fy5l_9D4wDAh9O8WcZyM4fgaZ5ADtILYw6cpSiVBYQQ70t3CImRRa9nO5G7VgvA6U1Uwoe-HyXF6ZmPsZEv2PbWHF6hUf5_PcDj8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Aug 2020 12:56:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-+st9UAy6w8sR/VLHKst7Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK chwwga-150x150.png
windows-activ.com/wp-content/uploads/2015/07/ 29 KB
30 KB 54ms
51ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/uploads/2015/07/chwwga-150x150.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 98a058af373d8edcc25a35ec6f611c0befd28ff80584763b7787c03e74d955b2

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 30137
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK download.png
windows-activ.com/ 4 KB
4 KB 61ms
58ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/download.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 060f97b64d50c51ee80ee3f8a29dbff0daedc48fc9c50a932907d0e7fc8b0c4e

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:54:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3848
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK microsoft-toolkit-150x150.png
windows-activ.com/wp-content/uploads/2015/07/ 11 KB
11 KB 50ms
47ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/uploads/2015/07/microsoft-toolkit-150x150.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: b7309caba84b4fff7bc4c8e9afa0c5481b6b7c182ab4de3d20f4e2f5a0b6a8df

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 11091
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK KMSGUI-150x150.png
windows-activ.com/wp-content/uploads/2015/07/ 17 KB
17 KB 79ms
77ms Image
image/png 81.177.139.17
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-activ.com/wp-content/uploads/2015/07/KMSGUI-150x150.png
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.177.139.17 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23 /
Resource Hash: 1dca3f865ccf1dc5321b7ab917e20f3293bd310f55be6a0b9c328cf895d3bb75

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:16 GMT
Last-Modified: Tue, 25 Feb 2020 09:59:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.23
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17297
Expires: Tue, 29 Sep 2020 12:56:16 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 69 B
798 B 79ms
79ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_159879217739011
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: bbf8a9cb57b69ed7bc5107f6f3073193378f76b27a38f027b0f8cc42ab1c3e7b

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 12 Dec 2019 09:17:59 GMT

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 171 KB
42 KB 72ms
72ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fb7b1f0cb8558f3bbdeae4c37d17566745b92c3ab1601a34989cd3ac4e52393d

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 30 Aug 2020 13:26:17 GMT

GET
H/1.1 200
OK share-counter.html
w.uptolike.com/widgets/v1/ Frame E035 0
0 67ms
67ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?77067b93bc6214cddd2d7375412c98fe
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://windows-activ.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

Server: nginx
Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Sun, 30 Aug 2020 13:26:17 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK impression.html
w.uptolike.com/widgets/v1/ Frame 892A 0
0 131ms
64ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?77067b93bc6214cddd2d7375412c98fe
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://windows-activ.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

Server: nginx
Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Sun, 30 Aug 2020 13:26:17 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 526ms
399ms Font
application/font-woff 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: windows-activ.com
URL: https://windows-activ.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Origin: https://windows-activ.com
Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:18 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Sun, 30 Aug 2020 13:07:46 GMT

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 125ms
125ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.16396110000166808
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cc7f992f8f355e85cbb95f852184db23bae0e3e2855b46ab163fb9c32a10b834

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 12 Dec 2019 09:17:59 GMT

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 141 KB
42 KB 179ms
88ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

49a98c4f3121f63a65a5683efdb14a264c3d968d4ae89244eea38979b5c5fe41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:17 GMT
Content-Encoding: br
Last-Modified: Wed, 26 Aug 2020 09:15:52 GMT
Server: nginx/1.14.2
ETag: "5f462848-a651"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 42577
Expires: Sun, 30 Aug 2020 13:56:17 GMT

GET
H2 200 checking.js Show response
sonar.semantiqo.com/c82up/ 31 KB
31 KB 48ms
16ms Script
application/javascript 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/c82up/checking.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.16396110000166808

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

3b40fad0b23bb0274f8057580d8e1fbd38775c37a075df0f189707e4985cd931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 12:56:17 GMT
mode: no-cors
last-modified: Fri, 21 Aug 2020 15:36:05 GMT
server: nginx/1.16.1
status: 200
etag: "5f3fe9e5-7b4a"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 31562

GET
H/1.1 200
OK / Show response
utl-utils.ru/check/ 26 KB
10 KB 182ms
81ms Script
application/javascript 78.24.221.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://utl-utils.ru/check/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.16396110000166808

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

78.24.221.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta15.ru

Software

nginx/1.13.12 /

Resource Hash

ff2c947729a5228edd13b877a145df2e0cea0421b6fe2dfdde2fdc0de817c749

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sunday, 30-Aug-2020 12:56:18 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/23414332/
Redirect Chain

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fwindows-activ.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598792175546%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136...
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwindows-activ.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598792175546%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661...

167 B
720 B

85ms
42ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwindows-activ.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598792175546%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830145618%3Aet%3A1598792178%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A432750092271%3Arqn%3A1%3Arn%3A338923337%3Ahid%3A276553149%3Ads%3A66%2C155%2C68%2C2%2C0%2C0%2C0%2C340%2C39%2C1926%2C1928%2C1%2C635%3Afp%3A577%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598792178%3Au%3A1598792178611397708%3At%3AAktywatory%20dla%20Windows%20-%20Pobierz%20aktywatory%20dla%20Windows%21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

8826f93048721eca395cdbf0a4639b0a2a8fdb71bf7b1e43265b4a55b1e55975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Aug 2020 12:56:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30-Aug-2020 12:56:18 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://windows-activ.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Expires: Sun, 30-Aug-2020 12:56:18 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Aug 2020 12:56:18 GMT
Last-Modified: Sun, 30-Aug-2020 12:56:18 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://windows-activ.com
Strict-Transport-Security: max-age=31536000
Location: /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwindows-activ.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598792175546%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830145618%3Aet%3A1598792178%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A432750092271%3Arqn%3A1%3Arn%3A338923337%3Ahid%3A276553149%3Ads%3A66%2C155%2C68%2C2%2C0%2C0%2C0%2C340%2C39%2C1926%2C1928%2C1%2C635%3Afp%3A577%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598792178%3Au%3A1598792178611397708%3At%3AAktywatory%20dla%20Windows%20-%20Pobierz%20aktywatory%20dla%20Windows%21
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 30-Aug-2020 12:56:18 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 87ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 30 Aug 2020 12:56:18 GMT
Last-Modified: Mon, 06 Jul 2020 15:32:05 GMT
Server: nginx/1.14.2
ETag: "5f0343f5-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 30 Aug 2020 13:56:18 GMT

GET
H2

200

ru.htm
best.aliexpress.com/ Frame 5B8F
Redirect Chain

https://s.click.aliexpress.com/e/_d6cGmnO
https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_d6cGmnO&aff_trace_key=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO&terminal_id=f872672a77bf4bfa801541b0983cbce...

0
0

546ms
544ms

Document
text/html

23.0.47.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_d6cGmnO&aff_trace_key=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO&terminal_id=f872672a77bf4bfa801541b0983cbcea&aff_request_id=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO

Requested by

Host: utl-utils.ru
URL: https://utl-utils.ru/check/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.0.47.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-0-47-176.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: best.aliexpress.com
:scheme: https
:path: /ru.htm?aff_platform=portals-promotion&sk=_d6cGmnO&aff_trace_key=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO&terminal_id=f872672a77bf4bfa801541b0983cbcea&aff_request_id=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-activ.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%2271efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO%22%2C%22affiliateKey%22%3A%22_d6cGmnO%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222367584605%22%2C%22tagtime%22%3A1598792178422%7D&acs_rt=f872672a77bf4bfa801541b0983cbcea; acs_usuc_t=x_csrf=okz49v6_b5mq&acs_rt=f872672a77bf4bfa801541b0983cbcea; aeu_cid=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO; xman_t=FD8kRHqKH5XRDb2E177a4/9Silr7LrWjUCoAUU5qxdTMkTYF8zGsa/847dEd0BvX; xman_f=UEV8lxcdBV1QSsHT71vSa0ZxQZSZvv/OmO4qQJDMh2myYxwPaQ/nxX/ykrEpXfNLQPNOBGlHNH7Gb7SZ3AnPGtKhSy/C6AozEpefMGI4lp0272j6Mv+Hzg==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

status: 200
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-traffic-affiliateweb-f:prod,de:7001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-language: ru-RU
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0b0a01f815987921785388498e61c3
timing-allow-origin: *
date: Sun, 30 Aug 2020 12:56:19 GMT
content-length: 16549
set-cookie: ali_apache_id=11.10.1.248.1598792178536.360084.8; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_locale=ru_RU&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%2271efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO%22%2C%22affiliateKey%22%3A%22_d6cGmnO%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222367584605%22%2C%22tagtime%22%3A1598792178422%7D&acs_rt=f872672a77bf4bfa801541b0983cbcea; Domain=.aliexpress.com; Expires=Fri, 17-Sep-2088 16:10:25 GMT; Path=/; Secure; SameSite=None intl_locale=ru_RU; Domain=.aliexpress.com; Path=/ aep_usuc_f=site=rus&c_tp=USD&region=US&b_locale=en_US; Domain=.aliexpress.com; Expires=Fri, 17-Sep-2088 16:10:25 GMT; Path=/; Secure; SameSite=None intl_common_forever=Ak5SZ3Q2nqs6atnY0TkiWhqyt/qgFAzLLaaSb2Acm22++K74brNtbg==; Domain=.aliexpress.com; Expires=Fri, 17-Sep-2088 16:10:25 GMT; Path=/; HttpOnly e_id=pt30; Expires=Wed, 28 Aug 2030 12:56:18 GMT; Path=/; Domain=.aliexpress.com
x-akamai-fwd-auth-sha: 5CA5658C7B6ECEC5C931A4295FEDB26A1BAB7E2FE653ABBB60494F98822DA8D8
x-akamai-fwd-auth-data: 1024339375, 2.20.143.92, 1598792179, 89.249.64.203
x-akamai-fwd-auth-sign: OdmvNdx7TDIlANUghGNsCWeEF4Yyerm4IS1OcC7eZAgZJO7HxzuuThvOZNou3P2iYKY+YYtSZedttxtvoEF9OEE+p7SbrSswdXMGaPKfhRo=

Redirect headers

status: 302
content-length: 0
x-application-context: affiliateclick:prod,us:7001
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=0
location: https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_d6cGmnO&aff_trace_key=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO&terminal_id=f872672a77bf4bfa801541b0983cbcea&aff_request_id=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 0ab50f0815987921784171150ebb6b
timing-allow-origin: *
date: Sun, 30 Aug 2020 12:56:18 GMT
set-cookie: ali_apache_id=10.181.15.8.1598792178418.553960.3; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%2271efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO%22%2C%22affiliateKey%22%3A%22_d6cGmnO%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222367584605%22%2C%22tagtime%22%3A1598792178422%7D&acs_rt=f872672a77bf4bfa801541b0983cbcea; Domain=.aliexpress.com; Expires=Fri, 17-Sep-2088 16:10:25 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=okz49v6_b5mq&acs_rt=f872672a77bf4bfa801541b0983cbcea; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=71efbb0f12794af799705a30b2e0a2db-1598792178422-07958-_d6cGmnO; Domain=.aliexpress.com; Expires=Fri, 17-Sep-2088 16:10:25 GMT; Path=/; Secure; SameSite=None xman_t=FD8kRHqKH5XRDb2E177a4/9Silr7LrWjUCoAUU5qxdTMkTYF8zGsa/847dEd0BvX; Domain=.aliexpress.com; Path=/; Secure; SameSite=None; HttpOnly xman_f=UEV8lxcdBV1QSsHT71vSa0ZxQZSZvv/OmO4qQJDMh2myYxwPaQ/nxX/ykrEpXfNLQPNOBGlHNH7Gb7SZ3AnPGtKhSy/C6AozEpefMGI4lp0272j6Mv+Hzg==; Domain=.aliexpress.com; Expires=Fri, 17-Sep-2088 16:10:25 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D;Max-Age=2147483647;domain=aliexpress.com;path=/

GET
H/1.1 200
OK support.html
w.uptolike.com/widgets/v1/zp/ Frame D685 0
0 63ms
61ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://windows-activ.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

Server: nginx
Date: Sun, 30 Aug 2020 12:56:18 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Sun, 30 Aug 2020 13:26:18 GMT
Content-Encoding: gzip

GET
H2 200 /
sonar.semantiqo.com/i/ Frame 3A72 0
0 14ms
14ms Document
text/html 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/i/

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: sonar.semantiqo.com
:scheme: https
:path: /i/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-activ.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-activ.com/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 30 Aug 2020 12:56:19 GMT
content-type: text/html
last-modified: Tue, 10 Mar 2020 08:47:05 GMT
etag: W/"5e675409-a6"
content-encoding: gzip
strict-transport-security: max-age=15768000
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache

GET
H2 200 sls_new.php Show response
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 3 B
402 B 240ms
214ms Script
application/javascript 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 12:56:19 GMT
mode: no-cors
server: nginx/1.16.1
status: 200
strict-transport-security: max-age=15768000
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 ces.php Show response
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 0
179 B 38ms
12ms Script
application/javascript 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=1379f98a5409473dab3d855ac6945fb9

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 12:56:19 GMT
mode: no-cors
referrer-policy: no-referrer
server: nginx/1.16.1
status: 200
strict-transport-security: max-age=15768000
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache

POST
H2 200 analize.js
sonar.semantiqo.com/c82up/ 0
0 40ms
16ms Fetch
text/html 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/c82up/analize.js

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://windows-activ.com/no-referrer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Aug 2020 12:56:19 GMT
content-encoding: gzip
status: 200
server: nginx/1.16.1
mode: no-cors
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

ct_sync.php
sync.magnitent.com/fbfli/
Redirect Chain

https://counter.yadro.ru/id127/reff-id.gif?sid=1379f98a5409473dab3d855ac6945fb9
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=3B8D0B72982E8425&sid=1379f98a5409473dab3d855ac6945fb9
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=1379f98a5409473dab3d855ac6945fb9&spid=3B8D0B72982E8425
https://sync.magnitent.com/fbfli/ct_sync.php?ct=9801ac9e84b74bf7a042865ce348c3d0&sonar=1379f98a5409473dab3d855ac6945fb9&spid=3B8D0B72982E8425

0
593 B

116ms
41ms

Image
text/html

95.217.17.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.magnitent.com/fbfli/ct_sync.php?ct=9801ac9e84b74bf7a042865ce348c3d0&sonar=1379f98a5409473dab3d855ac6945fb9&spid=3B8D0B72982E8425

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.217.17.244 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.17.217.95.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://windows-activ.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 12:56:19 GMT
mode: no-cors, no-cors
server: nginx/1.16.1
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=UTF-8
access-control-allow-origin: *, *
cache-control: no-cache, no-cache
content-encoding: gzip

Redirect headers

date: Sun, 30 Aug 2020 12:56:19 GMT
mode: no-cors
server: nginx/1.16.1
status: 302
location: //sync.magnitent.com/fbfli/ct_sync.php?ct=9801ac9e84b74bf7a042865ce348c3d0&sonar=1379f98a5409473dab3d855ac6945fb9&spid=3B8D0B72982E8425
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15768000

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 16:30:03	Name: NID Value: 204=QqbfepSgqicObZfjgVdO-6V9o-odQvR1PVxhgd7ePoWlyW9c_rSyLcnhHyJod5qqBMN9Fd0fy5l_9D4wDAh9O8WcZyM4fgaZ5ADtILYw6cpSiVBYQQ70t3CImRRa9nO5G7VgvA6U1Uwoe-HyXF6ZmPsZEv2PbWHF6hUf5_PcDj8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://windows-activ.com/wp-content/themes/windipolska/jquery-migrate-1.1.1.js(Line 21) Message: JQMIGRATE: Logging is active

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
best.aliexpress.com
cdn3.caltat.com
counter.yadro.ru
mc.yandex.ru
s.click.aliexpress.com
sonar.semantiqo.com
sync.magnitent.com
utl-utils.ru
w.uptolike.com
windows-activ.com
148.251.41.166
23.0.47.176
2a00:1450:4001:81c::200d
2a00:1450:4001:824::200e
2a02:6b8::1:119
78.24.221.88
81.177.139.17
88.212.201.216
92.123.228.54
95.163.114.203
95.217.17.244
060f97b64d50c51ee80ee3f8a29dbff0daedc48fc9c50a932907d0e7fc8b0c4e
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
1dca3f865ccf1dc5321b7ab917e20f3293bd310f55be6a0b9c328cf895d3bb75
1ef827a3ccc4beb64d7e649b0d692cd2cf55698c37f8d84dac53adf04b0e3ab2
224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67
2f2bccb378bd1985c7b4df6580e458520ebf8ee27239123c63b0e27077af410a
30a1565146d94ba46395b4c9d174f0a87a27844a8f3e3382a91132841a4ccb5b
381c8bffac5e27c63665934283eebd493bebb157c576d1415701db195850f372
3b40fad0b23bb0274f8057580d8e1fbd38775c37a075df0f189707e4985cd931
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
425a00fc56a9a37e7bc309b400db941ca9bd5506dd560ad3c846c7f6913d7677
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
49a98c4f3121f63a65a5683efdb14a264c3d968d4ae89244eea38979b5c5fe41
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6448bb755464a189e7543ed74787e14fc367ec69fb66ff9b8559330b4f573aa4
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6b9e7d0b567fa48457a37c3304c1deaad4a3bc4a309033bb09e18bad24b29911
6e4fbffab3283edbc525fdafad217adeb6003083f5c5d89bf6b4e1437ed755b5
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8826f93048721eca395cdbf0a4639b0a2a8fdb71bf7b1e43265b4a55b1e55975
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
974b373aafebb2098c590c7ec80e9538cdd824d365234f7df5a101e47a98003c
98a058af373d8edcc25a35ec6f611c0befd28ff80584763b7787c03e74d955b2
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a6ca355701f9041f5b32854c410d35bfa65e7e7d940ac20198264fc927fab330
aa0d9f34bdb1eb24cd939e164cb4aa440943a5b699c60ad3fa419a36bf65994d
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b7309caba84b4fff7bc4c8e9afa0c5481b6b7c182ab4de3d20f4e2f5a0b6a8df
bbf8a9cb57b69ed7bc5107f6f3073193378f76b27a38f027b0f8cc42ab1c3e7b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cb43b46d9cc21b062e67437565a3c408858273871844edb70202135163038df2
cc7f992f8f355e85cbb95f852184db23bae0e3e2855b46ab163fb9c32a10b834
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a8c3df02c4c65835100b90442f250c7662069a929071f1e67e4e65920fc674
eb4cfdb18c1799ec619c5d85cb6ca8c2e2ae65e079a468d384fd16857aa85a83
f35ed4a80d12c9fb20f2bd61885150f1d84554324ece2a00d2fc7828c65b37a9
f5cb8ca1c6d320d7240bcded14fd9dc6f312163899e41e48cc82313acf82b6cf
f9fec3c68e65a656d2d8b193989cb4ff044856df358cca2119f2f423c86075b3
fb7b1f0cb8558f3bbdeae4c37d17566745b92c3ab1601a34989cd3ac4e52393d
fc2adc907a546740b187952cd831a89ad0aa33aff42acf1d462fa1b3e6882af1
fd053186fa2969dd5a1e3c0d6dd04e782155ec2d9cfa71343988ac3ba65062ec
fd23ab8ce969cdbc761e041f63d763e11a5864a5428e61d006042f5a49464334
ff2c947729a5228edd13b877a145df2e0cea0421b6fe2dfdde2fdc0de817c749

windows-activ.com Open in urlscan Pro 81.177.139.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

27 %IPv6

10 Domains

12 Subdomains

11 IPs

5 Countries

526 kBTransfer

1181 kBSize

1 Cookies

5 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windows-activ.com Open in urlscan Pro
81.177.139.17 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

27 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

526 kB
Transfer

1181 kB
Size

1
Cookies

54 HTTP transactions
1 data transactions