windows-loader.ru Open in urlscan Pro
85.119.149.127 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windows-loader.ru/
Submission Tags: @phishunt_io
Submission: On October 07 via api (October 7th 2020, 12:37:45 pm UTC) from ES

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 12 domains to perform 43 HTTP transactions. The main IP is 85.119.149.127, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is windows-loader.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 6th 2020. Valid for: 3 months.

This is the only time windows-loader.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	85.119.149.127 85.119.149.127	50340 (SELECTEL-MSK) (SELECTEL-MSK)
10	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
5	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
2	88.208.46.47 88.208.46.47	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
43	9

14 85.119.149.127 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: isp1.ru.fastfox.pro

windows-loader.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.208.46.47 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pushiti.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	windows-loader.ru windows-loader.ru	420 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	199 KB
5	doubleclick.net googleads.g.doubleclick.net
5	vk.com vk.com	48 KB
4	yandex.ru 1 redirects mc.yandex.ru	46 KB
2	pushiti.info pushiti.info	18 KB
1	youtube.com www.youtube.com
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	320 B
1	google.de adservice.google.de	168 B
0	yastatic.net Failed yastatic.net Failed
0	googleapis.com Failed fonts.googleapis.com Failed
43	12

	Domain	Requested by
14	windows-loader.ru	windows-loader.ru
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	vk.com	windows-loader.ru vk.com
5	pagead2.googlesyndication.com	windows-loader.ru pagead2.googlesyndication.com
4	mc.yandex.ru	1 redirects windows-loader.ru
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	pushiti.info	windows-loader.ru pushiti.info
1	www.youtube.com	windows-loader.ru
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
0	yastatic.net Failed	windows-loader.ru
0	fonts.googleapis.com Failed	windows-loader.ru
43	13

This site contains links to these domains. Also see Links.

Domain
click.1k3web.net

Subject Issuer	Validity	Valid
windows-loader.ru Let's Encrypt Authority X3	`2020-10-06` - `2021-01-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
pushiti.info Let's Encrypt Authority X3	`2020-09-29` - `2020-12-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh

This page contains 10 frames:

Primary Page: https://windows-loader.ru/
Frame ID: 25D5CC759029865182A91CE2D8346667
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/zrt_lookup.html
Frame ID: 17582FD0104C1F0429926CEB74BD468A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&adk=1812271804&adf=3025194257&lmt=1602074246&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwindows-loader.ru%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246526&bpp=19&bdt=136&idt=74&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1530557486841&frm=20&pv=2&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=8360&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=93
Frame ID: 019D6290B00286244E1E260D686EC8D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=155&slotname=3433503542&adk=1478062660&adf=3367236771&w=620&fwrn=4&lmt=1602074246&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=620x155&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246643&bpp=5&bdt=253&idt=6&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=164514&dssz=13&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nPdILuohek&p=https%3A//windows-loader.ru&dtd=13
Frame ID: C11B2FF898F6C6C106379AB4485080AC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vyaAqBPWCmM
Frame ID: D9551361449059160FD277F3BA0A85FD
Requests: 1 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=165952880&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwindows-loader.ru%2F&referrer=&title=Windows%20Loader&1750310fdf2
Frame ID: 45542C434BA524E4ED946EA5FB56F091
Requests: 1 HTTP requests in this frame

Frame: https://vk.com/widget_comments.php?app=6453904&width=100%25&_ver=1&limit=15&height=0&mini=auto&norealtime=0&page=0&status_publish=0&attach=*&url=https%3A%2F%2Fwindows-loader.ru&title=Windows%20Loader&description=Windows%20Loader%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%83%20%D0%92%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC.&image=https%3A%2F%2Fwindows-loader.ru%2Fimg%2Flogo.png&startWidth=620&referrer=&1750310fe41
Frame ID: 8230FC5581DAA0FF6171C2713AA15968
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1463411133&adf=3841933567&w=620&fwrn=4&fwrnh=100&lmt=1602074246&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5847879668&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246783&bpp=2&bdt=392&idt=-M&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x155&nras=2&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=10528928&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=5124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m9zGyqdnnU&p=https%3A//windows-loader.ru&dtd=14
Frame ID: E95B472A54DBAB26FE08AF6556E04422
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1463411133&adf=775546623&w=620&fwrn=4&fwrnh=100&lmt=1602074246&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5847879668&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246783&bpp=1&bdt=392&idt=1&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x155%2C620x280&nras=3&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=144746656&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=5764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HJSKzCYn91&p=https%3A//windows-loader.ru&dtd=21
Frame ID: AB1A08B356A1CBEA3187DEED5F791CBC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 866B847FF38B1A646E4ADB9D096571CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

43
Requests

93 %
HTTPS

63 %
IPv6

12
Domains

13
Subdomains

9
IPs

3
Countries

756 kB
Transfer

1430 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://click.1k3web.net/r/124567cf8eba866555e19a04e4f5635b?dpl=https://yadi.sk/d/3hy8EODailHTYQ&extra2=Windows%20Loader

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://mc.yandex.ru/watch/48542417?wmode=7&page-url=https%3A%2F%2Fwindows-loader.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602074246089%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201007143726%3Aet%3A1602074247%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406649073182%3Arqn%3A1%3Arn%3A938311145%3Ahid%3A958173961%3Ads%3A96%2C131%2C70%2C1%2C0%2C0%2C0%2C330%2C0%2C%2C%2C%2C633%3Afp%3A436%3Awn%3A50027%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602074247%3Au%3A1602074247645502726%3At%3AWindows%20Loader%20by%20DAZ%202.2.2%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%20%D0%B2%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC HTTP 302
https://mc.yandex.ru/watch/48542417/1?wmode=7&page-url=https%3A%2F%2Fwindows-loader.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602074246089%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201007143726%3Aet%3A1602074247%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406649073182%3Arqn%3A1%3Arn%3A938311145%3Ahid%3A958173961%3Ads%3A96%2C131%2C70%2C1%2C0%2C0%2C0%2C330%2C0%2C%2C%2C%2C633%3Afp%3A436%3Awn%3A50027%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602074247%3Au%3A1602074247645502726%3At%3AWindows%20Loader%20by%20DAZ%202.2.2%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%20%D0%B2%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
windows-loader.ru/ 25 KB
8 KB 299ms
71ms Document
text/html 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 9be4e4536658e202134cf8e05bed09b9d44a5dde3b16050d7c33e73f3b891b36

Request headers

:method: GET
:authority: windows-loader.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx/1.16.1
date: Wed, 07 Oct 2020 12:37:26 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 styles.css
windows-loader.ru/css/ 5 KB
2 KB 66ms
65ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-loader.ru/css/styles.css
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: e3ddbbd639ae4ce4b0f320a8b65e194bac8a52ac55dd2f65f384030616b98c51

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: W/"5cf3ceec-13cb"
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
46 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windows-loader.ru
URL: https://windows-loader.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

918eccd63c5fc468af3108abc4078b9774d303298ac58a7c57f9e418d22e253a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45748
x-xss-protection: 0
server: cafe
etag: 81603445910454524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Oct 2020 12:37:26 GMT

GET
H2 200 logo.png
windows-loader.ru/img/ 22 KB
22 KB 81ms
71ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/logo.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 6ccf816b2908321fefdcf44f0ec545ea113478c0d3a523080cd75123df750109

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-56d6"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 22230

GET
H2 200 loader.png
windows-loader.ru/img/ 52 KB
52 KB 129ms
119ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/loader.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 834ec8d0a57f062563c94c4e0223b5c2403bf39e3e6ce5f95ed779d49c15a936

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-cfae"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 53166

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
24 KB 149ms
48ms Script
application/x-javascript 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?154
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: kittenx /
Resource Hash: c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-frontend: front213210
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Sun, 11 Oct 2020 12:37:26 GMT

GET
H2 200 windows-loader-download4.jpg
windows-loader.ru/img/ 29 KB
29 KB 180ms
169ms Image
image/jpeg 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/windows-loader-download4.jpg
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 50b6d64a108547ffa31d1cf4a81c7ba3e740b3ab6b7313e89675795308f131a2

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-72b3"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 29363

GET
H2 200 windows-loader-download.png
windows-loader.ru/img/ 36 KB
36 KB 183ms
172ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/windows-loader-download.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 11952c3feb536b9bc0eabdf12bcc18e9e29eb3579257a69ce96f5ed3a803c1bd

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-8f0f"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 36623

GET
H2 200 windows-loader-download3.png
windows-loader.ru/img/ 35 KB
35 KB 183ms
172ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/windows-loader-download3.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: baa2ff2e2ec75dbf0171f9617abb63d7a0a031df91a2feff72e4d8b81e63b6e5

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-8c2b"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 35883

GET
H2 200 windows-loader-download5.png
windows-loader.ru/img/ 12 KB
12 KB 183ms
173ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/windows-loader-download5.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 366570e645833a82d59ef6caa6f5e578ed645bef5ea9b84c140a119155272eac

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-2e37"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 11831

GET
H2 200 WinVer.jpg
windows-loader.ru/img/ 143 KB
143 KB 183ms
173ms Image
image/jpeg 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/WinVer.jpg
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 4d9f958ff4141725f70d5b4deb51fcfc0b3c762d6035625536c01110a59da3ea

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-23af7"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 146167

GET
H2 200 windows-loader-delete.png
windows-loader.ru/img/ 12 KB
12 KB 182ms
173ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/windows-loader-delete.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 7c7f4232dfa398661f482c8dd8742e686e49c3f7a7ad3dafe1d519b9fbb2fc24

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-2e44"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 11844

GET
H2 200 dlbtn1.jpg
windows-loader.ru/img/ 26 KB
26 KB 182ms
173ms Image
image/jpeg 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/dlbtn1.jpg
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 73e4ebf491cf9b5f6f6c842d2e9c2163f440884fd7c9c3108e7388f59e3484bf

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-6713"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 26387

GET
H2 200 208.jpg
windows-loader.ru/img/ 9 KB
9 KB 177ms
173ms Image
image/jpeg 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/208.jpg
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 7d56ad02aa9ab04b76a10ca398d0927fe87b8d29cf2019e4642c6b7fb0ac14dc

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-2208"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 8712

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
24 KB 203ms
117ms Script
application/x-javascript 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?153
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: kittenx /
Resource Hash: c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-frontend: front213210
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Sun, 11 Oct 2020 12:37:26 GMT

GET openapi.js
vk.com/js/api/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK push.js Show response
pushiti.info/ 46 KB
18 KB 114ms
62ms Script
application/javascript 88.208.46.47
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=windows-loader.ru&proto=https:
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.47 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 170599ffe64d6f361fded725e10cd251cfbae990168cf920b516476b6dd8c4e8

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Oct 2020 12:37:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 bg.jpg
windows-loader.ru/img/ 35 KB
35 KB 177ms
174ms Image
image/jpeg 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/img/bg.jpg
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: db6abe9a0ca47c21c01b5c35b99bfe5adea47c28a6e66be9a82bb9fac51fd762

Request headers

Referer: https://windows-loader.ru/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
last-modified: Sun, 02 Jun 2019 13:28:12 GMT
server: nginx/1.16.1
etag: "5cf3ceec-8be5"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 35813

GET
H2 404 topmenu.png
windows-loader.ru/images/ 207 B
207 B 177ms
174ms Image
text/html 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-loader.ru/images/topmenu.png
Requested by: Host: windows-loader.ru
URL: https://windows-loader.ru/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: isp1.ru.fastfox.pro
Software: nginx/1.16.1 /
Resource Hash: 72ec27bd0d959a1e6713d96b4e55c5a9b92ac6d1b5b5a4a8d5d1211422fcee57

Request headers

Referer: https://windows-loader.ru/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/html; charset=iso-8859-1

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/ 230 KB
87 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

767c091d7a3eb3434e7b67d7fa5c6ab78d551b6c8a3fb8d3a1ca81be45a9a350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88649
x-xss-protection: 0
server: cafe
etag: 14171272713373412384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Oct 2020 12:37:26 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/ Frame 1758 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201001/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 06 Oct 2020 17:07:46 GMT
expires: Tue, 20 Oct 2020 17:07:46 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 70180
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK set
pushiti.info/event/ 0
0 34ms
34ms Fetch
text/html 88.208.46.47
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/event/set
Requested by: Host: pushiti.info
URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=windows-loader.ru&proto=https:
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.47 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 07 Oct 2020 12:37:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://windows-loader.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-loader.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
320 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-loader.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 019D 0
0 86ms
84ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&adk=1812271804&adf=3025194257&lmt=1602074246&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwindows-loader.ru%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246526&bpp=19&bdt=136&idt=74&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1530557486841&frm=20&pv=2&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=8360&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&adk=1812271804&adf=3025194257&lmt=1602074246&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwindows-loader.ru%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246526&bpp=19&bdt=136&idt=74&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1530557486841&frm=20&pv=2&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=8360&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Oct 2020 12:37:26 GMT
server: cafe
content-length: 663
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Oct-2020 12:52:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Oct 2020 12:37:26 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6879bf69ca14159cb61c4420c496946a303da8a9a37f6e0b4f4e12e79cbbf06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601897795664432"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Wed, 07 Oct 2020 12:37:26 GMT

GET
H2 200 upload.gif
vk.com/images/ 230 B
485 B 48ms
48ms Image
image/gif 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/images/upload.gif

Requested by

Host: windows-loader.ru
URL: https://windows-loader.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx /

Resource Hash

0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
x-frontend: front213210
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-e6"
strict-transport-security: max-age=15768000
content-type: image/gif
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=604800
accept-ranges: bytes
content-length: 230
expires: Wed, 14 Oct 2020 12:37:26 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C11B 0
0 278ms
278ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=155&slotname=3433503542&adk=1478062660&adf=3367236771&w=620&fwrn=4&lmt=1602074246&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=620x155&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246643&bpp=5&bdt=253&idt=6&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=164514&dssz=13&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nPdILuohek&p=https%3A//windows-loader.ru&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&h=155&slotname=3433503542&adk=1478062660&adf=3367236771&w=620&fwrn=4&lmt=1602074246&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=620x155&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246643&bpp=5&bdt=253&idt=6&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=164514&dssz=13&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nPdILuohek&p=https%3A//windows-loader.ru&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Oct 2020 12:37:26 GMT
server: cafe
content-length: 22644
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Oct-2020 12:52:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Oct 2020 12:37:26 GMT
cache-control: private

GET share.js
yastatic.net/share2/ 0
0

GET
H2 200 vyaAqBPWCmM
www.youtube.com/embed/ Frame D955 0
0 140ms
118ms Document
text/html 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/vyaAqBPWCmM

Requested by

Host: windows-loader.ru
URL: https://windows-loader.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/vyaAqBPWCmM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 10975
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Wed, 07 Oct 2020 12:37:26 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Wh5lxqGZC2o; path=/; domain=.youtube.com; secure; expires=Mon, 05-Apr-2021 12:37:26 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 07-Oct-2020 13:07:26 GMT YSC=NNsQRrGp8dU; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=Wh5lxqGZC2o; path=/; domain=.youtube.com; secure; expires=Mon, 05-Apr-2021 12:37:26 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widget_community.php
vk.com/ Frame 4554 0
0 86ms
86ms Document
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=165952880&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwindows-loader.ru%2F&referrer=&title=Windows%20Loader&1750310fdf2

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?154

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / PHP/3.26577

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about:;script-src 'self' https://.vk.com https://static.vk.me https://.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.com https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

:method: GET
:authority: vk.com
:scheme: https
:path: /widget_community.php?app=0&width=200px&_ver=1&gid=165952880&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwindows-loader.ru%2F&referrer=&title=Windows%20Loader&1750310fdf2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
server: kittenx
date: Wed, 07 Oct 2020 12:37:26 GMT
content-type: text/html; charset=windows-1251
content-length: 6322
x-powered-by: PHP/3.26577
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None remixlang=3; expires=Tue, 05 Oct 2021 03:45:51 GMT; path=/; domain=.vk.com; secure; SameSite=None remixstid=1917257690_laIhPfjxlOFxJ637yPklENzOdeZU0x9FYVpFyCKAQ1H; expires=Sat, 09 Oct 2021 14:04:41 GMT; path=/; domain=.vk.com; secure; SameSite=None
cache-control: no-store
content-security-policy: default-src * data: blob: about:;script-src 'self' https://*.vk.com https://static.vk.me https://*.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front213210
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 143 KB
43 KB 137ms
47ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: windows-loader.ru
URL: https://windows-loader.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 12:37:26 GMT
Content-Encoding: br
Last-Modified: Wed, 07 Oct 2020 12:02:59 GMT
ETag: "5f7c74bb-a8a5"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 43173
Expires: Wed, 07 Oct 2020 13:37:26 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/ 145 KB
52 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b1d9724d968ba9f950511106e0b72ad14146bb0d38f3f654b02df99eae54c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 53354
x-xss-protection: 0
server: cafe
etag: 10560712763123107776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Oct 2020 12:37:26 GMT

GET
H2 200 widget_comments.php
vk.com/ Frame 8230 0
0 201ms
200ms Document
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_comments.php?app=6453904&width=100%25&_ver=1&limit=15&height=0&mini=auto&norealtime=0&page=0&status_publish=0&attach=*&url=https%3A%2F%2Fwindows-loader.ru&title=Windows%20Loader&description=Windows%20Loader%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%83%20%D0%92%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC.&image=https%3A%2F%2Fwindows-loader.ru%2Fimg%2Flogo.png&startWidth=620&referrer=&1750310fe41

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?154

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / PHP/3.26577

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about:;script-src 'self' https://.vk.com https://static.vk.me https://.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.com https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

:method: GET
:authority: vk.com
:scheme: https
:path: /widget_comments.php?app=6453904&width=100%25&_ver=1&limit=15&height=0&mini=auto&norealtime=0&page=0&status_publish=0&attach=*&url=https%3A%2F%2Fwindows-loader.ru&title=Windows%20Loader&description=Windows%20Loader%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%83%20%D0%92%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC.&image=https%3A%2F%2Fwindows-loader.ru%2Fimg%2Flogo.png&startWidth=620&referrer=&1750310fe41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: remixlang=3; remixstid=1917257690_laIhPfjxlOFxJ637yPklENzOdeZU0x9FYVpFyCKAQ1H
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
server: kittenx
date: Wed, 07 Oct 2020 12:37:26 GMT
content-type: text/html; charset=windows-1251
content-length: 20716
x-powered-by: PHP/3.26577
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None
cache-control: no-store
content-security-policy: default-src * data: blob: about:;script-src 'self' https://*.vk.com https://static.vk.me https://*.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front213210
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E95B 0
0 262ms
261ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1463411133&adf=3841933567&w=620&fwrn=4&fwrnh=100&lmt=1602074246&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5847879668&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246783&bpp=2&bdt=392&idt=-M&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x155&nras=2&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=10528928&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=5124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m9zGyqdnnU&p=https%3A//windows-loader.ru&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1463411133&adf=3841933567&w=620&fwrn=4&fwrnh=100&lmt=1602074246&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5847879668&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246783&bpp=2&bdt=392&idt=-M&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x155&nras=2&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=10528928&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=5124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m9zGyqdnnU&p=https%3A//windows-loader.ru&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Oct 2020 12:37:27 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: IDE=AHWqTUkbMmwdhjRRM5o7XL7OPuVT798dEyRHq-C-7hDKBKTokBJU1ntG5G4HeXuC; expires=Mon, 01-Nov-2021 12:37:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Oct 2020 12:37:27 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame AB1A 0
0 214ms
214ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1463411133&adf=775546623&w=620&fwrn=4&fwrnh=100&lmt=1602074246&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5847879668&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246783&bpp=1&bdt=392&idt=1&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x155%2C620x280&nras=3&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=144746656&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=5764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HJSKzCYn91&p=https%3A//windows-loader.ru&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1463411133&adf=775546623&w=620&fwrn=4&fwrnh=100&lmt=1602074246&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5847879668&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwindows-loader.ru%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602074246783&bpp=1&bdt=392&idt=1&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C620x155%2C620x280&nras=3&correlator=1530557486841&frm=20&pv=1&ga_vid=2112285944.1602074247&ga_sid=1602074247&ga_hid=1616074297&ga_fc=0&iag=0&icsg=144746656&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=360&ady=5764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=987457596665018&pem=485&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HJSKzCYn91&p=https%3A//windows-loader.ru&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Oct 2020 12:37:27 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUnahp9__bba7pIfi0gHnTY8kiBgpSsnUN1YwHsW4Fe_TK_MHWWF1cw6FaiD; expires=Mon, 01-Nov-2021 12:37:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Oct 2020 12:37:27 GMT
cache-control: private

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/48542417/
Redirect Chain

https://mc.yandex.ru/watch/48542417?wmode=7&page-url=https%3A%2F%2Fwindows-loader.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602074246089%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136...
https://mc.yandex.ru/watch/48542417/1?wmode=7&page-url=https%3A%2F%2Fwindows-loader.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602074246089%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661...

186 B
739 B

96ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/48542417/1?wmode=7&page-url=https%3A%2F%2Fwindows-loader.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602074246089%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201007143726%3Aet%3A1602074247%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406649073182%3Arqn%3A1%3Arn%3A938311145%3Ahid%3A958173961%3Ads%3A96%2C131%2C70%2C1%2C0%2C0%2C0%2C330%2C0%2C%2C%2C%2C633%3Afp%3A436%3Awn%3A50027%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602074247%3Au%3A1602074247645502726%3At%3AWindows%20Loader%20by%20DAZ%202.2.2%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%20%D0%B2%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC

Requested by

Host: windows-loader.ru
URL: https://windows-loader.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

cd37c1ae3b7b0a0d1ef084255b706d0bed1cac9af3db7c82e50677db2ed8367f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Oct 2020 12:37:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07-Oct-2020 12:37:27 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://windows-loader.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 186
X-XSS-Protection: 1; mode=block
Expires: Wed, 07-Oct-2020 12:37:27 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Oct 2020 12:37:27 GMT
Last-Modified: Wed, 07-Oct-2020 12:37:27 GMT
Access-Control-Allow-Origin: https://windows-loader.ru
Strict-Transport-Security: max-age=31536000
Location: /watch/48542417/1?wmode=7&page-url=https%3A%2F%2Fwindows-loader.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602074246089%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201007143726%3Aet%3A1602074247%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406649073182%3Arqn%3A1%3Arn%3A938311145%3Ahid%3A958173961%3Ads%3A96%2C131%2C70%2C1%2C0%2C0%2C0%2C330%2C0%2C%2C%2C%2C633%3Afp%3A436%3Awn%3A50027%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602074247%3Au%3A1602074247645502726%3At%3AWindows%20Loader%20by%20DAZ%202.2.2%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%20%D0%B2%D0%B8%D0%BD%D0%B4%D0%BE%D0%B2%D1%81%20%D0%BB%D0%BE%D0%B0%D0%B4%D0%B5%D1%80%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 07-Oct-2020 12:37:27 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
379 B 117ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: windows-loader.ru
URL: https://windows-loader.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 12:37:27 GMT
Last-Modified: Mon, 06 Jul 2020 15:32:05 GMT
ETag: "5f0343f5-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 07 Oct 2020 13:37:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
25ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201001&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb6f96c21c77a3431071e8d758d90eefcfe97cc324748d8c0208e27c332be72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Oct 2020 12:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6416
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 12:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Wed, 07 Oct 2020 12:37:28 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 866B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-loader.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-loader.ru/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 07 Oct 2020 12:11:38 GMT
expires: Thu, 07 Oct 2021 12:11:38 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1550
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 16ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201001&jk=987457596665018&bg=!aWqlanJYROoypI8DX-QCAAAAa1IAAAAMCgCgCKRqoheyrIr-zRQaVXvh68y0Er8YrqPmsmzkwD0Zh7qepmVIAKOcILtsP_EKr8wdZWuKJhMcULO4RDPquO6vMbnEiRF4avQkgltO--X0zlp8EDEP0lT786oZwF_pkgW2QCjVNVIe-aQDAXAIZLCDcW4NMtoU0DcIErEVgqLxagaGSOFpK7TWZ6xxIXTqD5EmRCHXfJ99z6yqCbc_DlQNEpkBqvN1bLq5WDD5tqFNUGhbMYV2zAVH3n3zCr_ZPU7Uw1tETVQltUbVzO-Zy0EOGKHcju5x5iYgRY1BbYafRNiE1D0NMWm1WEXuQauhzHliYpyi4cEk4tSEuNNgQ7ZVbLIWalP_YyWJC7b99aSa4eOLBaNDHykyKMoS0yvHbBWqHmvMZMTkJFRxdS2IvdE3s5ukc-h73KP9zXNPgTph8GqhjmSHjPyRIgIyIHpFaaHVf9CIynVQ4EEWd7pxpE7CSooglVm67x8tAY5bWRlbmM89165TbFbJgY2tKgAeU95wSE1ddBN8qV-3Kf-LkINvtOtbPs1rwb6P5qO_cCqtFh7CaN0KoZVQa_ypQ--oiy0DUsNMKljg0gB-ucNQgy7BeFTh2rAqgyRAAEVvIpd0-e2AcyM76_WkDueV7RrM8CLfaJkIZUCQ7-D9GLZrvnEeH_pfT5fdkGkldlkF-x8vvvX8xoa6tdCPD6OCLnJelbdB9HO_z-spIBUuAhwqrliTvL45yTsM3Ad9sEPjc4yD8tzs0Q_5dbmZ_LOgy1qopLcuyg-UwoiHRf8Wuh2uiA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-loader.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Oct 2020 12:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vk.com
URL: http://vk.com/js/api/openapi.js?137

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Cuprum&subset=latin,cyrillic

Domain: yastatic.net
URL: http://yastatic.net/share2/share.js

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 17:20:26	Name: VISITOR_INFO1_LIVE Value: Wh5lxqGZC2o
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NNsQRrGp8dU
.doubleclick.net/	1970-01-19 22:22:50	Name: IDE Value: AHWqTUkbMmwdhjRRM5o7XL7OPuVT798dEyRHq-C-7hDKBKTokBJU1ntG5G4HeXuC
.doubleclick.net/	1970-01-19 13:01:17	Name: DSID Value: NO_DATA
.windows-loader.ru/	1970-01-19 21:46:50	Name: _ym_d Value: 1602074247
.windows-loader.ru/	1970-01-19 21:46:50	Name: _ym_uid Value: 1602074247645502726
.vk.com/	1970-01-19 21:49:48	Name: remixstid Value: 1917257690_laIhPfjxlOFxJ637yPklENzOdeZU0x9FYVpFyCKAQ1H
.vk.com/	1970-01-19 21:43:25	Name: remixlang Value: 3
.windows-loader.ru/	1970-01-19 21:46:50	Name: pmvid Value: b64ca0d8-9775-49df-af59-245d67eea4c6
.windows-loader.ru/	1970-01-19 13:02:26	Name: _ym_isad Value: 2
.windows-loader.ru/	1970-01-19 13:01:16	Name: _ym_visorc_48542417 Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
pushiti.info
tpc.googlesyndication.com
vk.com
windows-loader.ru
www.googletagservices.com
www.youtube.com
yastatic.net
fonts.googleapis.com
vk.com
yastatic.net
2a00:1450:4001:81f::2002
2a00:1450:4001:820::200e
2a00:1450:4001:824::2001
2a00:1450:4001:825::2002
2a02:6b8::1:119
85.119.149.127
87.240.190.78
88.208.46.47
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
11952c3feb536b9bc0eabdf12bcc18e9e29eb3579257a69ce96f5ed3a803c1bd
170599ffe64d6f361fded725e10cd251cfbae990168cf920b516476b6dd8c4e8
366570e645833a82d59ef6caa6f5e578ed645bef5ea9b84c140a119155272eac
4d9f958ff4141725f70d5b4deb51fcfc0b3c762d6035625536c01110a59da3ea
50b6d64a108547ffa31d1cf4a81c7ba3e740b3ab6b7313e89675795308f131a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20
6ccf816b2908321fefdcf44f0ec545ea113478c0d3a523080cd75123df750109
72ec27bd0d959a1e6713d96b4e55c5a9b92ac6d1b5b5a4a8d5d1211422fcee57
73e4ebf491cf9b5f6f6c842d2e9c2163f440884fd7c9c3108e7388f59e3484bf
767c091d7a3eb3434e7b67d7fa5c6ab78d551b6c8a3fb8d3a1ca81be45a9a350
7b1d9724d968ba9f950511106e0b72ad14146bb0d38f3f654b02df99eae54c5e
7c7f4232dfa398661f482c8dd8742e686e49c3f7a7ad3dafe1d519b9fbb2fc24
7d56ad02aa9ab04b76a10ca398d0927fe87b8d29cf2019e4642c6b7fb0ac14dc
834ec8d0a57f062563c94c4e0223b5c2403bf39e3e6ce5f95ed779d49c15a936
918eccd63c5fc468af3108abc4078b9774d303298ac58a7c57f9e418d22e253a
9be4e4536658e202134cf8e05bed09b9d44a5dde3b16050d7c33e73f3b891b36
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
baa2ff2e2ec75dbf0171f9617abb63d7a0a031df91a2feff72e4d8b81e63b6e5
c6879bf69ca14159cb61c4420c496946a303da8a9a37f6e0b4f4e12e79cbbf06
c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3
cd37c1ae3b7b0a0d1ef084255b706d0bed1cac9af3db7c82e50677db2ed8367f
db6abe9a0ca47c21c01b5c35b99bfe5adea47c28a6e66be9a82bb9fac51fd762
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ddbbd639ae4ce4b0f320a8b65e194bac8a52ac55dd2f65f384030616b98c51
fb6f96c21c77a3431071e8d758d90eefcfe97cc324748d8c0208e27c332be72d

windows-loader.ru Open in urlscan Pro 85.119.149.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

63 %IPv6

12 Domains

13 Subdomains

9 IPs

3 Countries

756 kBTransfer

1430 kBSize

11 Cookies

1 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

windows-loader.ru Open in urlscan Pro
85.119.149.127 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

63 %
IPv6

12
Domains

13
Subdomains

9
IPs

3
Countries

756 kB
Transfer

1430 kB
Size

11
Cookies

43 HTTP transactions
0 data transactions