urlscan.io logo urlscan.io
SecurityTrails logo

www.kmspico.guru Open in urlscan Pro
198.54.126.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kmspico.guru/windows-11-activator
Effective URL: https://www.kmspico.guru/windows-11-activator/
Submission: On August 24 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 198.54.126.108, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.kmspico.guru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 16th 2024. Valid for: a year.
This is the only time www.kmspico.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 198.54.126.108 22612 (NAMECHEAP...)
4 142.250.185.138 15169 (GOOGLE)
2 13.107.246.44 8075 (MICROSOFT...)
4 172.217.18.3 15169 (GOOGLE)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
1 20.231.53.73 8075 (MICROSOFT...)
19 6
8    198.54.126.108 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server52-4.web-hosting.com
www.kmspico.guru
4    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
2    13.107.246.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
Apex Domain
Subdomains		 Transfer
8 kmspico.guru
www.kmspico.guru
87 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
q.clarity.ms — Cisco Umbrella Rank: 8520
29 KB
4 gstatic.com
fonts.gstatic.com
104 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
5 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
775 B
19 5
Domain Requested by
8 www.kmspico.guru 1 redirects www.kmspico.guru
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com www.kmspico.guru
2 c.clarity.ms 1 redirects
2 www.clarity.ms www.kmspico.guru
www.clarity.ms
1 q.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
19 7

This site contains links to these domains. Also see Links.

Domain
mega.nz
Subject Issuer Validity Valid
kmspico.guru
Sectigo RSA Domain Validation Secure Server CA		 2024-07-16 -
2025-07-16		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.kmspico.guru/windows-11-activator/
Frame ID: 4E8BEE16D44BA3E587FE5D10B5ADA604
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Activador De Windows 11

Page URL History Show full URLs

  1. http://www.kmspico.guru/windows-11-activator HTTP 307
    https://www.kmspico.guru/windows-11-activator HTTP 301
    https://www.kmspico.guru/windows-11-activator/ Page URL

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

223 kB
Transfer

737 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kmspico.guru/windows-11-activator HTTP 307
    https://www.kmspico.guru/windows-11-activator HTTP 301
    https://www.kmspico.guru/windows-11-activator/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=47B64B9F2EB247FD9425A12FC97B5B17&RedC=c.clarity.ms&MXFR=2D0132B8F6D468A4390C265DF2D466BE HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=47B64B9F2EB247FD9425A12FC97B5B17&MUID=0DDFB498D4CA69DE0222A07DD564680C

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kmspico.guru/windows-11-activator/
Redirect Chain
  • http://www.kmspico.guru/windows-11-activator
  • https://www.kmspico.guru/windows-11-activator
  • https://www.kmspico.guru/windows-11-activator/
366 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
6e37f3300941a1c6da42077897283eccf72f14819992a8b061a6950eb80a2137

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
36142
content-type
text/html
date
Sat, 24 Aug 2024 03:25:32 GMT
last-modified
Thu, 22 Aug 2024 16:18:25 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
795
content-type
text/html
date
Sat, 24 Aug 2024 03:25:32 GMT
location
https://www.kmspico.guru/windows-11-activator/
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
style.min.css
www.kmspico.guru/css/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kmspico.guru/css/style.min.css
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer
https://www.kmspico.guru/windows-11-activator/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
br
last-modified
Sat, 13 Jul 2024 09:23:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14071
expires
Sat, 31 Aug 2024 03:25:33 GMT
landingpage-front.css
www.kmspico.guru/css/ 		723 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kmspico.guru/css/landingpage-front.css
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1c8f12bbe479e3ff41b1b4cdb2ab43eb599de68f737c3a30685ab0a1c84639f4

Request headers

Referer
https://www.kmspico.guru/windows-11-activator/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
br
last-modified
Sat, 13 Jul 2024 09:23:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
235
expires
Sat, 31 Aug 2024 03:25:33 GMT
style.css
www.kmspico.guru/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kmspico.guru/css/style.css
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
dec3c15837a9ca4014e32b39d8f404ab531ed706189922bfa52b3a9928a089ab

Request headers

Referer
https://www.kmspico.guru/windows-11-activator/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
br
last-modified
Sat, 13 Jul 2024 09:23:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3881
expires
Sat, 31 Aug 2024 03:25:33 GMT
css
fonts.googleapis.com/ 		11 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,300&subset=latin
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
32321c559b19485ddb9bcf4084f2ff6e5ae4acc823bfab4e85a292e157fd78ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 03:25:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 03:25:33 GMT
css
fonts.googleapis.com/ 		9 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i&subset=latin
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
f44cdbd88ccc671495faec089c03966fa82faa42572ac681a6c57dca56e42546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 03:25:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 03:25:33 GMT
KMSPico-icon-logo.png
www.kmspico.guru/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kmspico.guru/KMSPico-icon-logo.png
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b0c4427b9b56ca11a01e29264351e8a59978a12c2679743dfed80c8f0c41cac0

Request headers

Referer
https://www.kmspico.guru/windows-11-activator/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:33 GMT
last-modified
Sat, 13 Jul 2024 10:53:34 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
8281
expires
Sat, 31 Aug 2024 03:25:33 GMT
win11.webp
www.kmspico.guru/windows-11-activator/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kmspico.guru/windows-11-activator/win11.webp
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5acbc149c1c8d6c1cf1b2798c85a5f9330d485c3e59185c9aa5f3f10521d15b0

Request headers

Referer
https://www.kmspico.guru/windows-11-activator/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:33 GMT
last-modified
Tue, 16 Jul 2024 02:21:00 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
23850
expires
Sat, 31 Aug 2024 03:25:33 GMT
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 03:25:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 03:25:33 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,500,400&subset=latin
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
1d54b3be3b60db5c05b4699f9849d0ec974d10b48845b0749cabf4b5a045b7d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 03:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 03:09:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 03:25:33 GMT
nm3yf5tksn
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/nm3yf5tksn
Requested by
Host: www.kmspico.guru
URL: https://www.kmspico.guru/windows-11-activator/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1406d6612ad60029e8a122863253d1827f4eb8003edd1ece94d594064224ec6e

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date
Sat, 24 Aug 2024 03:25:34 GMT
x-azure-ref
20240824T032534Z-175d6d47757m6l28057s9tc5s80000000bn000000000091e
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kmspico.guru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:08:32 GMT
x-content-type-options
nosniff
age
307022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:08:32 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kmspico.guru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:42:20 GMT
x-content-type-options
nosniff
age
304994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20160
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:42:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kmspico.guru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
307331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:03:23 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kmspico.guru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:40:54 GMT
x-content-type-options
nosniff
age
305080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:40:54 GMT
clarity.js
www.clarity.ms/s/0.7.45/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.45/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/nm3yf5tksn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:34 GMT
content-encoding
br
last-modified
Thu, 22 Aug 2024 12:43:26 GMT
etag
W/"0x8DCC2A804373A2A"
vary
Accept-Encoding
x-azure-ref
20240824T032534Z-175d6d47757m6l28057s9tc5s80000000bn000000000091r
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
648466f3-301e-0010-0eb5-f4ebb3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=47B64B9F2EB247FD9425A12FC97B5B17&RedC=c.clarity.ms&MXFR=2D0132B8F6D468A4390C265DF2D466BE
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=47B64B9F2EB247FD9425A12FC97B5B17&MUID=0DDFB498D4CA69DE0222A07DD564680C
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=47B64B9F2EB247FD9425A12FC97B5B17&MUID=0DDFB498D4CA69DE0222A07DD564680C
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Aug 2024 03:25:35 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Aug 2024 03:25:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F1AEBD790F214EE58FF719A528D8B508 Ref B: BCN30EDGE0917 Ref C: 2024-08-24T03:25:35Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=47B64B9F2EB247FD9425A12FC97B5B17&MUID=0DDFB498D4CA69DE0222A07DD564680C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
q.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.kmspico.guru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.kmspico.guru
Date
Sat, 24 Aug 2024 03:25:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
favicon.ico
www.kmspico.guru/ 		318 B
521 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.kmspico.guru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server52-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
24755e6cd8aea9905c60ac78803d6b2301cfd70fe92d080503d69f37c0f4eb81

Request headers

Referer
https://www.kmspico.guru/windows-11-activator/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 03:25:35 GMT
last-modified
Sat, 13 Jul 2024 10:51:14 GMT
server
LiteSpeed
content-type
image/x-icon
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
318
expires
Sat, 31 Aug 2024 03:25:35 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity function| toggleTable

10 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 2825c3f54118440cab2d8beb6f1bac0a.20240824.20250824
.kmspico.guru/ Name: _clck
Value: hg71oc%7C2%7Cfol%7C0%7C1697
.kmspico.guru/ Name: _clsk
Value: 1fecr06%7C1724469935450%7C1%7C1%7Cq.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 0DDFB498D4CA69DE0222A07DD564680C
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0DDFB498D4CA69DE0222A07DD564680C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0DDFB498D4CA69DE0222A07DD564680C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
q.clarity.ms
www.clarity.ms
www.kmspico.guru
13.107.246.44
13.74.129.1
142.250.185.138
172.217.18.3
198.54.126.108
20.231.53.73
204.79.197.237
1406d6612ad60029e8a122863253d1827f4eb8003edd1ece94d594064224ec6e
1c8f12bbe479e3ff41b1b4cdb2ab43eb599de68f737c3a30685ab0a1c84639f4
1d54b3be3b60db5c05b4699f9849d0ec974d10b48845b0749cabf4b5a045b7d5
24755e6cd8aea9905c60ac78803d6b2301cfd70fe92d080503d69f37c0f4eb81
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
32321c559b19485ddb9bcf4084f2ff6e5ae4acc823bfab4e85a292e157fd78ca
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
5acbc149c1c8d6c1cf1b2798c85a5f9330d485c3e59185c9aa5f3f10521d15b0
6e37f3300941a1c6da42077897283eccf72f14819992a8b061a6950eb80a2137
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
b0c4427b9b56ca11a01e29264351e8a59978a12c2679743dfed80c8f0c41cac0
dec3c15837a9ca4014e32b39d8f404ab531ed706189922bfa52b3a9928a089ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f44cdbd88ccc671495faec089c03966fa82faa42572ac681a6c57dca56e42546