urlscan.io logo urlscan.io
SecurityTrails logo

pub-212b3639fb724091a9c56c257970d487.r2.dev Open in urlscan Pro
104.18.3.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://esoterik.ch/
Effective URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Submission: On December 16 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 66 HTTP transactions. The main IP is 104.18.3.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-212b3639fb724091a9c56c257970d487.r2.dev.
TLS certificate: Issued by E1 on December 9th 2023. Valid for: 3 months.
This is the only time pub-212b3639fb724091a9c56c257970d487.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 64.190.63.111 47846 (SEDO-AS)
1 205.234.175.175 23352 (SERVERCEN...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 23.19.76.168 395954 (LEASEWEB-...)
2 3.227.169.142 14618 (AMAZON-AES)
1 1 162.0.217.92 22612 (NAMECHEAP...)
26 104.18.3.35 13335 (CLOUDFLAR...)
1 142.250.185.72 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
12 23.35.228.112 16625 (AKAMAI-AS)
1 216.239.32.36 ()
1 23.53.42.202 ()
2 23.35.229.160 ()
1 2.21.20.148 ()
1 188.114.97.3 ()
66 13
4    64.190.63.111 (Germany)

ASN47846 (SEDO-AS, DE)
esoterik.ch
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
1    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.sedodna.com
1    23.19.76.168 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
q2.quotes.com
2    3.227.169.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-169-142.compute-1.amazonaws.com
okean-qoj.com
1    162.0.217.92 (Amsterdam, Netherlands)

ASN22612 (NAMECHEAP-NET, US)
PTR: server314-3.web-hosting.com
swipoordi.store
26    104.18.3.35 (None, )

ASN13335 (CLOUDFLARENET, US)
pub-212b3639fb724091a9c56c257970d487.r2.dev
1    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.gstatic.com
12    23.35.228.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-112.deploy.static.akamaitechnologies.com
support.microsoft.com
1    216.239.32.36 (None, )

ASN- ()
region1.google-analytics.com
1    23.53.42.202 (None, )

ASN- ()
res-1.cdn.office.net
2    23.35.229.160 (None, )

ASN- ()
www.microsoft.com
1    2.21.20.148 (None, )

ASN- ()
img-prod-cms-rt-microsoft-com.akamaized.net
1    188.114.97.3 (None, )

ASN- ()
cdnstat.net
Domain Requested by
26 pub-212b3639fb724091a9c56c257970d487.r2.dev okean-qoj.com
pub-212b3639fb724091a9c56c257970d487.r2.dev
12 support.microsoft.com pub-212b3639fb724091a9c56c257970d487.r2.dev
support.microsoft.com
4 esoterik.ch 2 redirects esoterik.ch
2 www.microsoft.com support.microsoft.com
2 okean-qoj.com esoterik.ch
okean-qoj.com
1 cdnstat.net pub-212b3639fb724091a9c56c257970d487.r2.dev
1 img-prod-cms-rt-microsoft-com.akamaized.net support.microsoft.com
1 res-1.cdn.office.net support.microsoft.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com pub-212b3639fb724091a9c56c257970d487.r2.dev
1 www.googletagmanager.com pub-212b3639fb724091a9c56c257970d487.r2.dev
1 swipoordi.store 1 redirects
1 q2.quotes.com 1 redirects
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com esoterik.ch
0 mem.gfx.ms Failed support.microsoft.com
0 wcpstatic.microsoft.com Failed support.microsoft.com
66 17

This site contains no links.

Subject Issuer Validity Valid
esoterik.ch
Encryption Everywhere DV TLS CA - G2		 2023-04-16 -
2024-04-16		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2023-11-13 -
2024-12-14		 a year crt.sh
*.r2.dev
E1		 2023-12-09 -
2024-03-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
support.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-05-18 -
2024-05-12		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2023-04-17 -
2024-04-17		 a year crt.sh
www.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-14 -
2024-09-08		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
cdnstat.net
E1		 2023-11-16 -
2024-02-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Frame ID: 83639A1FE520C7205ABC2BD3542D0FF9
Requests: 35 HTTP requests in this frame

Frame: https://support.microsoft.com/ja-jp
Frame ID: 2EF75338F3365BEBECE2736618672636
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Appel Urgent MS windows notification code dsjhe78

Page URL History Show full URLs

  1. https://esoterik.ch/ Page URL
  2. https://esoterik.ch/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm... HTTP 302
    https://esoterik.ch/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm... HTTP 302
    https://xml.sedodna.com/click?i=jJEKCBKKCm8_0 HTTP 302
    http://q2.quotes.com/559c928a-9bfb-11ee-868d-e3335f331438 HTTP 302
    http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51e... Page URL
  3. http://okean-qoj.com/zclkredirect?visitid=55a8b386-9bfb-11ee-b393-0a746880c0c1&type=js&browserWid... Page URL
  4. https://swipoordi.store/ HTTP 301
    https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

74 %
HTTPS

0 %
IPv6

15
Domains

17
Subdomains

13
IPs

4
Countries

998 kB
Transfer

2724 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://esoterik.ch/ Page URL
  2. https://esoterik.ch/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm8_0&v=OTdjZTM3MTMwYWFjODE4NjFmNDJlMTM2NWYwNzRmNGQJMQllc290ZXJpay5jaDY1N2Q3NzkyY2UwODU2LjkyNTcwMzg5CWVzb3RlcmlrLmNoNjU3ZDc3OTJjZTBmNzkuODU1NDU4NTIJMTcwMjcyMTQyNwlhZF82M18w&l=OAlhMDQyYjI1N2E5YzhhODNiY2E5MmRmMWU4MzUwZjU1MgkwCTIwCTAJN2MxYjEyYzUxYmU2MjI0YzE2ZDM4ZWJmYzAzMzljMzIJMzE4MTgyNzA2CWVzb3RlcmlrCTAJNjMJMQkxNgkxNzAyNzIxNDI3CTAuMDEyNDQ4CU4JMAkxCTE1MTIJMTIwNQkxNDc1MTE2NDkJMTc2LjEyNy4xODkuMjMxCTE%253D HTTP 302
    https://esoterik.ch/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm8_0&v=OTdjZTM3MTMwYWFjODE4NjFmNDJlMTM2NWYwNzRmNGQJMQllc290ZXJpay5jaDY1N2Q3NzkyY2UwODU2LjkyNTcwMzg5CWVzb3RlcmlrLmNoNjU3ZDc3OTJjZTBmNzkuODU1NDU4NTIJMTcwMjcyMTQyNwlhZF82M18w&l=OAlhMDQyYjI1N2E5YzhhODNiY2E5MmRmMWU4MzUwZjU1MgkwCTIwCTAJN2MxYjEyYzUxYmU2MjI0YzE2ZDM4ZWJmYzAzMzljMzIJMzE4MTgyNzA2CWVzb3RlcmlrCTAJNjMJMQkxNgkxNzAyNzIxNDI3CTAuMDEyNDQ4CU4JMAkxCTE1MTIJMTIwNQkxNDc1MTE2NDkJMTc2LjEyNy4xODkuMjMxCTE%253D HTTP 302
    https://xml.sedodna.com/click?i=jJEKCBKKCm8_0 HTTP 302
    http://q2.quotes.com/559c928a-9bfb-11ee-868d-e3335f331438 HTTP 302
    http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193 Page URL
  3. http://okean-qoj.com/zclkredirect?visitid=55a8b386-9bfb-11ee-b393-0a746880c0c1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. https://swipoordi.store/ HTTP 301
    https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://esoterik.ch/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm8_0&v=OTdjZTM3MTMwYWFjODE4NjFmNDJlMTM2NWYwNzRmNGQJMQllc290ZXJpay5jaDY1N2Q3NzkyY2UwODU2LjkyNTcwMzg5CWVzb3RlcmlrLmNoNjU3ZDc3OTJjZTBmNzkuODU1NDU4NTIJMTcwMjcyMTQyNwlhZF82M18w&l=OAlhMDQyYjI1N2E5YzhhODNiY2E5MmRmMWU4MzUwZjU1MgkwCTIwCTAJN2MxYjEyYzUxYmU2MjI0YzE2ZDM4ZWJmYzAzMzljMzIJMzE4MTgyNzA2CWVzb3RlcmlrCTAJNjMJMQkxNgkxNzAyNzIxNDI3CTAuMDEyNDQ4CU4JMAkxCTE1MTIJMTIwNQkxNDc1MTE2NDkJMTc2LjEyNy4xODkuMjMxCTE%253D HTTP 302
  • https://esoterik.ch/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm8_0&v=OTdjZTM3MTMwYWFjODE4NjFmNDJlMTM2NWYwNzRmNGQJMQllc290ZXJpay5jaDY1N2Q3NzkyY2UwODU2LjkyNTcwMzg5CWVzb3RlcmlrLmNoNjU3ZDc3OTJjZTBmNzkuODU1NDU4NTIJMTcwMjcyMTQyNwlhZF82M18w&l=OAlhMDQyYjI1N2E5YzhhODNiY2E5MmRmMWU4MzUwZjU1MgkwCTIwCTAJN2MxYjEyYzUxYmU2MjI0YzE2ZDM4ZWJmYzAzMzljMzIJMzE4MTgyNzA2CWVzb3RlcmlrCTAJNjMJMQkxNgkxNzAyNzIxNDI3CTAuMDEyNDQ4CU4JMAkxCTE1MTIJMTIwNQkxNDc1MTE2NDkJMTc2LjEyNy4xODkuMjMxCTE%253D HTTP 302
  • https://xml.sedodna.com/click?i=jJEKCBKKCm8_0 HTTP 302
  • http://q2.quotes.com/559c928a-9bfb-11ee-868d-e3335f331438 HTTP 302
  • http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
esoterik.ch/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://esoterik.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
68605903aca2eb3183dafe3183967e51440d2677b5c8a04ca434f32585fc0417

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 10:10:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 16 Dec 2023 10:10:26 GMT
pragma
no-cache
server
NginX
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zFnhEHy2QeyJYkuiMUAKnXi5OYkTS74bjpd2L4y0VPD+ST8c8hNQ0s+E5HqSvcYY/EU8exrco+ng5ELmRGXmpQ==
x-cache-miss-from
parking-56c7b4c6cb-55ds5
x-powered-by
PHP/8.1.17
js_preloader.gif
img.sedoparking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sedoparking.com/images/js_preloader.gif
Requested by
Host: esoterik.ch
URL: https://esoterik.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:27 GMT
x-cf-tsc
1698785170
x-cf3
H
cf4ttl
31536000.000
x-cf1
11696:fL.fra2:cf:cacheN.fra2-01:H
x-cf-reqid
bd039354775b57dde73067097c35ce90
content-length
4254
x-cf2
H
last-modified
Fri, 15 Mar 2019 12:24:07 GMT
server
CFS 0215
x-cff
B
content-type
image/gif
access-control-allow-origin
*
x-cfhash
"90c93102a88c2ab94bff1575b7a6e86e"
cache-control
max-age=604800
cf4age
0
accept-ranges
bytes
expires
Sat, 23 Dec 2023 10:10:27 GMT
tsc.php
esoterik.ch/search/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://esoterik.ch/search/tsc.php?200=MzE4MTgyNzA2&21=MTc2LjEyNy4xODkuMjMx&681=MTcwMjcyMTQyN2MzZTE2YTIzMDU2ZjE3MmQ1YmQ4YmEwOWFjNzQ5YTM4&crc=0c2aa027d8a23fa0a80bd345a16e1407b41e1ba5&cv=1
Requested by
Host: esoterik.ch
URL: https://esoterik.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:27 GMT
x-cache-miss-from
parking-56c7b4c6cb-zhlr6
server
NginX
x-powered-by
PHP/8.1.17
content-length
0
content-type
text/html; charset=UTF-8
72092e88-2c53-401c-b988-51ef43ce1034
okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/
Redirect Chain
  • https://esoterik.ch/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm8_0&v=OTdjZTM3MTMwYWFjODE4NjFmNDJlMTM2NWYwNzRmNGQJMQllc290ZXJpay5jaDY1N2Q3NzkyY2UwODU2LjkyNTcwMzg5CWV...
  • https://esoterik.ch/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjJEKCBKKCm8_0&v=OTdjZTM3MTMwYWFjODE4NjFmNDJlMTM2NWYwNzRmNGQJMQllc290ZXJpay5jaDY1N2Q3NzkyY2UwODU2LjkyNTcwMzg5CWV...
  • https://xml.sedodna.com/click?i=jJEKCBKKCm8_0
  • http://q2.quotes.com/559c928a-9bfb-11ee-868d-e3335f331438
  • http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193
Requested by
Host: esoterik.ch
URL: https://esoterik.ch/
Protocol
HTTP/1.1
Server
3.227.169.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-169-142.compute-1.amazonaws.com
Software
LihAEKtt /
Resource Hash
c62210d8a6ff47210ec613dea379be8a5711cd18f89de22d6eb71b31016ba8b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://esoterik.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sat, 16 Dec 2023 10:10:28 GMT
Server
LihAEKtt
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Sat, 16 Dec 2023 10:10:28 GMT
location
http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193
server
nginx
zclkredirect
okean-qoj.com/ 		230 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
http://okean-qoj.com/zclkredirect?visitid=55a8b386-9bfb-11ee-b393-0a746880c0c1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: okean-qoj.com
URL: http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193
Protocol
HTTP/1.1
Server
3.227.169.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-169-142.compute-1.amazonaws.com
Software
viUUTKTt /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://okean-qoj.com/zclkvisitor/55a8b386-9bfb-11ee-b393-0a746880c0c1/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=52127150-8ded-11ee-9bb7-0a4ababc2193
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sat, 16 Dec 2023 10:10:29 GMT
Server
viUUTKTt
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request 1444.html
pub-212b3639fb724091a9c56c257970d487.r2.dev/
Redirect Chain
  • https://swipoordi.store/
  • https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Requested by
Host: okean-qoj.com
URL: http://okean-qoj.com/zclkredirect?visitid=55a8b386-9bfb-11ee-b393-0a746880c0c1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c61fd14ebea168c979ba26215bcd09d8c1ac7be8b016a3d730f9f7c2e78570a

Request headers

Referer
http://okean-qoj.com/zclkredirect?visitid=55a8b386-9bfb-11ee-b393-0a746880c0c1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

CF-RAY
83662307d9e501f0-ZRH
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 16 Dec 2023 10:10:29 GMT
ETag
W/"dca91ae4631d61a9e9c04fd07d3a4afe"
Last-Modified
Wed, 22 Nov 2023 20:23:00 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-length
707
content-type
text/html
date
Sat, 16 Dec 2023 10:10:29 GMT
location
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
styles.css
pub-212b3639fb724091a9c56c257970d487.r2.dev/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/css/styles.css
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37aca53ff5d9d5e616f6b6a52a0638d86de8739b4fec0024828097e386bee1ab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:07 GMT
Server
cloudflare
ETag
W/"7204027d75c8676383dd91629cb8460c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
CF-RAY
83662308ab5e01f0-ZRH
scripts.js
pub-212b3639fb724091a9c56c257970d487.r2.dev/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/scripts.js
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ca9709d3719e2f2f5e8552b56ab660ca181032bcf592e8fe6b3e3359f5768d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:24 GMT
Server
cloudflare
ETag
W/"923f32d3e258a28b2cc5e7201e544c20"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
CF-RAY
8366230a88d6baa5-MXP
custom.js
pub-212b3639fb724091a9c56c257970d487.r2.dev/js/ 		179 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/custom.js
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c6d2a7bb85b6f0e8bb644e3bcaa2073ce116a4cda9c1c301f189fc573db4a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:23 GMT
Server
cloudflare
ETag
W/"2f46a1fe5ba5f72212660a303ec311dd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
CF-RAY
8366230a8e2901f0-ZRH
bootstrap.min.css
pub-212b3639fb724091a9c56c257970d487.r2.dev/css/ 		216 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/css/bootstrap.min.css
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Request headers

Referer
https://www.google.com/
Origin
https://pub-212b3639fb724091a9c56c257970d487.r2.dev
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:07 GMT
Server
cloudflare
ETag
W/"5b42276b3039eaf18cc199cb4c8db7b8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
CF-RAY
836623095c4d01f0-ZRH
jquery.min.js
pub-212b3639fb724091a9c56c257970d487.r2.dev/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/jquery.min.js
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
CF-RAY
8366230b6aa7bb17-MXP
bootstrap.js
pub-212b3639fb724091a9c56c257970d487.r2.dev/js/ 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/bootstrap.js
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6684f110129884da58ef5499d8085d8be674a2ab8ec04669593c1ba8394b7b16

Request headers

Referer
https://www.google.com/
Origin
https://pub-212b3639fb724091a9c56c257970d487.r2.dev
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:22 GMT
Server
cloudflare
ETag
W/"1caf88b8b90d1ffa2636ebb805455a89"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
CF-RAY
8366230b79e0bb1f-MXP
bootstrap.min.js
pub-212b3639fb724091a9c56c257970d487.r2.dev/js/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/bootstrap.min.js
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751831fdb1a6af18e8525408fb7882ea3eea6c4a59af0247fe1a190cfa6f8170

Request headers

Referer
https://www.google.com/
Origin
https://pub-212b3639fb724091a9c56c257970d487.r2.dev
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:23 GMT
Server
cloudflare
ETag
W/"386e616bcfd098d883c1ed08e13712d0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
CF-RAY
8366230b6f980229-ZRH
font-awesome.min.css
pub-212b3639fb724091a9c56c257970d487.r2.dev/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/css/font-awesome.min.css
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bc19dbe5c897d18056edbb784c15d6154c9e71146710e890f880d19cc54262

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:07 GMT
Server
cloudflare
ETag
W/"ec4bc8bebad06a4e170ea5380d39ad3f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
CF-RAY
836623097f8dbaa5-MXP
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W6923BL2S2
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b088b15db5c16096b247c6662ddc9c85826ef31e2516f0e4816b72fcd03ffed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91623
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 10:10:30 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:15:57 GMT
x-content-type-options
nosniff
age
381273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25228
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 00:15:57 GMT
minimize.jpeg
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/minimize.jpeg
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:13 GMT
Server
cloudflare
ETag
"4bf52eb9b3efce840add1a90d83a40e5"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230b7b130221-ZRH
Content-Length
17173
kxFy-clip.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		542 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/kxFy-clip.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91fb42a68a122344fd78cfd5f0cf9d06ff6d307fd4a5c68f40231c5950ece9a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:12 GMT
Server
cloudflare
ETag
"0e9558d2d6e8000ce5c6c749c8fc67c2"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230b39f2baa5-MXP
Content-Length
542
qsbs-firewall.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		920 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/qsbs-firewall.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:18 GMT
Server
cloudflare
ETag
"b0495ede4c875843fec037c794e9ff9a"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230beb0cbaa5-MXP
Content-Length
920
s-S4-acc.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		813 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/s-S4-acc.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:19 GMT
Server
cloudflare
ETag
"d648c1837d01495eccd63e053491f72a"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230c4c360221-ZRH
Content-Length
813
Z5BR-network.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		607 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/Z5BR-network.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:22 GMT
Server
cloudflare
ETag
"2cd03a547f00cad010f9038619df45de"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230c591c0229-ZRH
Content-Length
607
uZbx-si.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/uZbx-si.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:20 GMT
Server
cloudflare
ETag
"51147eb9734c3c0caf22aa77a80d96f0"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230c6af3bb1f-MXP
Content-Length
5377
okPE-vs.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		313 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/okPE-vs.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8ebf2c2aeb4d8310341694baf1ed935d35c68c1572588af85b4775d5cf500e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:17 GMT
Server
cloudflare
ETag
"f8176054bb2e264452c0d7c3a1a1093c"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230c6bbabb17-MXP
Content-Length
313
-EBq-current.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/-EBq-current.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:10 GMT
Server
cloudflare
ETag
"35629cc2adc804353a548305f1217206"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230c692a01f0-ZRH
Content-Length
1162
nOxp-sett.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		463 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/nOxp-sett.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:14 GMT
Server
cloudflare
ETag
"905d91c276116928fa306ea732723fa9"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230c7bb2baa5-MXP
Content-Length
463
def.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/def.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:12 GMT
Server
cloudflare
ETag
"77a2ffc5545f87551d74781201de9b3b"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230cfb8bbb1f-MXP
Content-Length
3834
cross.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		377 KB
378 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/cross.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:12 GMT
Server
cloudflare
ETag
"be42ad7752720327d28bf52dbdbb64c2"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230ce9d701f0-ZRH
Content-Length
386359
virus-images.jpeg
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/virus-images.jpeg
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:22 GMT
Server
cloudflare
ETag
"5fc559a242f0ea0a023f10830887d2af"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230cec49bb17-MXP
Content-Length
8196
microsoft.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/microsoft.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:13 GMT
Server
cloudflare
ETag
"bf2b460590fbb9d8e9611a6e9006b816"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230ce9f10229-ZRH
Content-Length
1045
stop.png
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/stop.png
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88ef4e9b5643f5700b48b388a65ad459cdf5f32cdec40951346aaa638a0f0d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:19 GMT
Server
cloudflare
ETag
"c72957d370fa910d3a9717e943cf7267"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230cdd290221-ZRH
Content-Length
16090
24px.svg
pub-212b3639fb724091a9c56c257970d487.r2.dev/fonts/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/fonts/24px.svg
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:20:07 GMT
Server
cloudflare
ETag
W/"2bd5c073a88b83ed74db88282a56ddfb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
CF-RAY
8366230d0cacbaa5-MXP
ja-jp
support.microsoft.com/ Frame 2EF7 		126 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/ja-jp
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
eeff85fa84b13b293d174019126708737c07bba0fccd2c812ff05fe5abb84c53
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

Referer
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25302
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
date
Sat, 16 Dec 2023 10:10:31 GMT
expires
Sat, 16 Dec 2023 10:10:31 GMT
pragma
no-cache
request-context
appId=
server
Kestrel
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
x-correlationid
0HMVSQLDRICHD:00000085
x-operationid
5ffb8fbe70cda41ee0206670380594db
_Fm7-alert.mp3
pub-212b3639fb724091a9c56c257970d487.r2.dev/media/ 		68 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/media/_Fm7-alert.mp3
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.google.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Last-Modified
Wed, 22 Nov 2023 20:20:06 GMT
Server
cloudflare
ETag
"1e5f6f8f1f4d442c510744cbea4d192c"
Vary
Accept-Encoding
Content-Type
audio/mpeg
Content-Range
bytes 0-175743/175744
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8366230d8af80229-ZRH
Content-Length
175744
stars2.html
pub-212b3639fb724091a9c56c257970d487.r2.dev/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/stars2.html
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 10:10:30 GMT
Content-Encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
CF-RAY
8366230d9c39bb1f-MXP
collect
region1.google-analytics.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W6923BL2S2&gtm=45je3bt0v9104230555&_p=1702721430441&gcd=11l1l1l1l1&dma=0&cid=975458702.1702721431&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702721431&sct=1&seg=0&dl=https%3A%2F%2Fpub-212b3639fb724091a9c56c257970d487.r2.dev%2F1444.html&dr=http%3A%2F%2Fokean-qoj.com%2F&dt=Appel%20Urgent%20MS%20windows%20notification%20code%20dsjhe78&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1943
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6923BL2S2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 10:10:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pub-212b3639fb724091a9c56c257970d487.r2.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css.css
support.microsoft.com/css/Article/ Frame 2EF7 		105 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/Article/css.css?v=PiG1K5O28_MJrxxKMSEZkAAz83Ll48xMog65nTBWJhU
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
0c38eb529c12fab701319ad8d666b12c90943df004a35f412c3b7b8fa8af9ea5
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
26888
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:52:24 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQOP0E8MS:00000002
etag
"1da2ebeace04628"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=713
x-operationid
8d469c02c1f16720de31e624983fe3fc
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:22:24 GMT
officeShared.css
support.microsoft.com/css/Article/ Frame 2EF7 		1 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/Article/officeShared.css?v=A4_7TMcrQ0n6vBJStacalKhpVNwsoNRpXkktRcV8MWU
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
038ffb4cc72b4349fabc1252b5a71a94a86954dc2ca0d4695e492d45c57c3165
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
626
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:43:25 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQK85429U:00000002
etag
"1da2ebd6b9d002a"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=861
x-operationid
0d96fc428e7671387d771b81cf6cd1a0
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:24:52 GMT
article.css
support.microsoft.com/css/Article/ Frame 2EF7 		103 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/Article/article.css?v=UA0RMtPtoTOiUE6SNVPjvZ9-jBnG1u7ArrVgikuwq8E
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
137fa46b04862c2f4ce94097fecfb61393be6156a2807007469beee6ac6281f6
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
25135
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:46:31 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQLD7J87C:00000024
etag
"1da2ebdda7bc1c7"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=667
x-operationid
28b8d1155797fdbf081d0fdd01d67cb7
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:21:38 GMT
glyphs.css
support.microsoft.com/css/glyphs/ Frame 2EF7 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/glyphs/glyphs.css?v=qHbJe3SCkcdwY6pBcr252B45cqws2vH1QAPaQ9xiiSU
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
4330f5542cae4f558eff6342357dab4af2ac881fc1fa59a9ff8a2946e5c17538
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
3141
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:49:24 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQN26ABS4:00000002
etag
"1da2ebe4198393b"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=374
x-operationid
d2ca922dec93f8be7a64808119ae209f
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:16:45 GMT
landing-page.min.css
support.microsoft.com/css/landingpage/ Frame 2EF7 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/landingpage/landing-page.min.css?v=DmAw2SCsShIjwfwM8mflHsjbBZ5brbuOYhkUAas2sTg
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
0e6030d920ac4a1223c1fc0cf267e51ec8db059e5badbb8e62191401ab36b138
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
15370
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:40:23 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQIFLB64S:0000004C
etag
"1da2ebcff23bc8f"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=688
x-operationid
008c544d87c7258c14742d998ee3cc44
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:21:59 GMT
components.css
support.microsoft.com/css/fluent/ Frame 2EF7 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/fluent/components.css?v=6_OJ2YOkiy_IpdfqA3UzXKlfyboiW1RAbLHUas_0vYI
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
ebf389d983a48b2fc8a5d7ea0375335ca95fc9ba225b54406cb1d46acff4bd82
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
2081
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:52:20 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQOMTRPPC:00000003
etag
"1da2ebeaa7fcb20"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=1344
x-operationid
5d8cd5f84940c0b320da58165a36032f
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:32:55 GMT
search-box.css
support.microsoft.com/css/SearchBox/ Frame 2EF7 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
6f26f0cc605a8c789c557b2956ce78d147d5d2cc16d2f09b3a606306bca3f4de
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
814
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:49:27 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQN1VLMSN:00000003
etag
"1da2ebe4361dd36"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=786
x-operationid
d5b236b6997677730ac2dd123b00c6d7
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:23:37 GMT
articleCss-overwrite.css
support.microsoft.com/css/sitewide/ Frame 2EF7 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/sitewide/articleCss-overwrite.css?v=O7yu2Cg-qoAsBvhGS48yhf2mlOxS_rhyTDcV3OMUiJ4
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
3bbcaed8283eaa802c06f8464b8f3285fda694ec52feb8724c3715dce314889e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
768
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:52:20 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQOMTRP37:00000009
etag
"1da2ebeaa7f8608"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=788
x-operationid
fb1e4e6fa7b52b687a2dd15086a77292
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:23:39 GMT
teaching-callout.css
support.microsoft.com/css/MeControlCallout/ Frame 2EF7 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/css/MeControlCallout/teaching-callout.css?v=690pjf05o15fVEafEpUwgaF8vqVfOkp5wP1Jl9gE99U
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
ebdd298dfd39a35e5f54469f12953081a17cbea55f3a4a79c0fd4997d804f7d5
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
1320
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:52:20 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQOMTRPFN:00000003
etag
"1da2ebeaa7f9909"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=812
x-operationid
c5f754feb7f40b7f13c54ffc7b573d94
accept-ranges
bytes
expires
Sat, 16 Dec 2023 10:24:03 GMT
fabric.min.css
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/office-ui-fabric-core/11.1.0/css/ Frame 2EF7 		268 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/office-ui-fabric-core/11.1.0/css/fabric.min.css
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2b230a2559258b5ee763f7a230b2ec08da38c7b8c7ed70863050a43c7937cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
31421
last-modified
Tue, 15 Aug 2023 21:20:41 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.c62a3517.1702721431.f81e391"}],"include_subdomains ":true}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7733be80-701e-005b-8015-d0c6ac000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
44-c33a61
www.microsoft.com/onerfstatics/marketingsites-neu-prod/japanese/shell/_scrf/css/themes=default.device=uplevel_web_pc/29-591900/68-c3a397/f4-0855a6/a8-3dc4a6/f1-3221a1/dc-d4cb46/1f-806835/ Frame 2EF7 		167 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/japanese/shell/_scrf/css/themes=default.device=uplevel_web_pc/29-591900/68-c3a397/f4-0855a6/a8-3dc4a6/f1-3221a1/dc-d4cb46/1f-806835/44-c33a61?ver=2.0&_cf=02242021_3231
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.160 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ca3acbdaca61e55264ba592b146ada4c6262a6be94b60190429b8f4aae9e1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ms-operation-id
a88aa715074f514ea9a21e7eaa639dae
date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2023-12-11T22:49:46
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
8254b4f9-f1b3-423e-9a7f-3c3fdad87c70
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV19b311df.0
ms-cv
CASMicrosoftCV19b311df.0
content-length
22750
x-xss-protection
1; mode=block
last-modified
Mon, 11 Dec 2023 22:49:46 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
x-s1
2023-12-11T22:49:46
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-azure-ref
20231211T225031Z-ftdn05vs0d691ak843n80wz87400000000qg00000000grct
cache-control
public, max-age=31149532
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
x-appversion
1.0.8745.29656
expires
Tue, 10 Dec 2024 22:49:23 GMT
ucsCreativeService.js
support.microsoft.com/lib/ucs/dist/ Frame 2EF7 		0
0
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ Frame 2EF7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.148 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
last-modified
Tue, 28 Nov 2023 08:46:56 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
4054
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=426853
x-activityid
976b87aa-91e7-4619-b0c2-0477cb746026
timing-allow-origin
*
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length
4054
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
expires
Thu, 21 Dec 2023 08:44:44 GMT
user-state-sign-in-header-view.css
support.microsoft.com/css/userstatesigninheaderview/ Frame 2EF7 		0
0
promotion-banner.css
support.microsoft.com/css/promotionbanner/ Frame 2EF7 		0
0
support-bridge.css
support.microsoft.com/css/supportbridge/ Frame 2EF7 		0
0
jquery.min.js
support.microsoft.com/lib/jquery/dist/ Frame 2EF7 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/lib/jquery/dist/jquery.min.js?v=9_aliU8dGd2tb6OSsuzixeV4y_faTqgFtohetphbbj0
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

Referer
https://www.google.com/
Origin
https://support.microsoft.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
39223
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:52:21 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQOMTRRCN:00000002
etag
"1da2ebeab197d04"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=160
x-operationid
2abe80dc5aa2523ab1808def1fc48750
accept-ranges
bytes
ms.analytics-web-4.0.2.min.js
support.microsoft.com/lib/oneds/dist/ Frame 2EF7 		146 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/lib/oneds/dist/ms.analytics-web-4.0.2.min.js?v=O7wAAOKAVN2-OLLnoh3KjWb9pW6khEi85GWLxrUYqXA
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-112.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
3bbc0000e28054ddbe38b2e7a21dca8d66fda56ea48448bce4658bc6b518a970
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
69736
request-context
appId=
last-modified
Thu, 14 Dec 2023 18:40:26 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-correlationid
0HMVSQIFAUAEJ:0000000D
etag
"1da2ebd00e980d9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=204
x-operationid
a55e4b1a638b5e1718ca7e66ecf42efd
accept-ranges
bytes
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ Frame 2EF7 		0
0
6c-7627b9
www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/d6-d6e6df/89-746ba4/df-3feeb0/f5-14aef8/bd-f5f332/27-13b2c3/e9-07937b/33-b505e5/fa-7a47db/6e-e2d05f/74-0b2d48/88... Frame 2EF7 		135 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/d6-d6e6df/89-746ba4/df-3feeb0/f5-14aef8/bd-f5f332/27-13b2c3/e9-07937b/33-b505e5/fa-7a47db/6e-e2d05f/74-0b2d48/88-5b9b75/1b-240b37/4e-8e1a50/c2-370434/6f-bf5d0f/ea-315ddf/2e-e273bf/17-02d9ee/cf-2a93c7/c0-2ffa80/77-785548/48-4f52bb/3c-6c8ad0/3a-0d7cd3/5f-7d882b/c1-621df2/38-e8e647/17-c82a09/85-bd536d/44-776362/f8-86938e/61-951d1b/39-3d9dc2/81-96da47/ec-e44e19/6c-7627b9?ver=2.0&_cf=02242021_3231&iife=1
Requested by
Host: support.microsoft.com
URL: https://support.microsoft.com/ja-jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.160 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ms-operation-id
1292a20ab1438647aa7dd08036b414ed
date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2023-12-11T22:28:29
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
1cf2c276-283d-4bac-a63d-9180052cd934
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV19b31226.0
ms-cv
CASMicrosoftCV19b31226.0
content-length
36102
x-xss-protection
1; mode=block
last-modified
Mon, 11 Dec 2023 22:28:28 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-11-15T14:06:56.0000000Z}
x-s1
2023-12-11T22:28:28
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-azure-ref
20231211T222944Z-8vma166v5509z4k8bsdmz3ks2c00000001vg000000000x7x
cache-control
public, max-age=31148200
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
x-appversion
1.0.8719.11008
expires
Tue, 10 Dec 2024 22:27:11 GMT
meversion
mem.gfx.ms/ Frame 2EF7 		0
0
SilentSignInManager.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
TelemetryLogging.js
support.microsoft.com/js/ Frame 2EF7 		0
0
SearchBox.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
feedback.js
support.microsoft.com/js/ Frame 2EF7 		0
0
Support.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
shimmerExperiment.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
PromotionBanner.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
Article.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
MeControlCallout.Main.min.js
support.microsoft.com/js/ Frame 2EF7 		0
0
script.js
cdnstat.net/get/ 		129 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstat.net/get/script.js?referrer=https://pub-212b3639fb724091a9c56c257970d487.r2.dev/1444.html
Requested by
Host: pub-212b3639fb724091a9c56c257970d487.r2.dev
URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:10:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.google.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCx4zQ9feKetrGM1Lsb27wxd8zlAIv0bA4tEuaJHG6JTP2DE79BGZ%2F49hSezqT552yPrBtYJq6VUSy65JFMaxr4W83o9VCDjRq07vKXLAhSy2zVYhBwz43krADRxxw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
83662312fac50da4-MRS
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
support.microsoft.com
URL
https://support.microsoft.com/lib/ucs/dist/ucsCreativeService.js?v=1j4SZ7MUtbrH7rf8Me6zJaRKSFR3UYD4vZcdBwwdDTI
Domain
support.microsoft.com
URL
https://support.microsoft.com/css/userstatesigninheaderview/user-state-sign-in-header-view.css?v=xyG63Bj9vxUihHD_jCNKMNtbuM2dcQOR-mljcLVR9rM
Domain
support.microsoft.com
URL
https://support.microsoft.com/css/promotionbanner/promotion-banner.css?v=cAmflE3c6Gw7niTOiMPEie9MY87yDE2mSl3DO7_jZRI
Domain
support.microsoft.com
URL
https://support.microsoft.com/css/supportbridge/support-bridge.css?v=ft5yipT-SPVc4yMl4wK9PnMTXqhVUrUJZoPQVrYDjUI
Domain
wcpstatic.microsoft.com
URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Domain
mem.gfx.ms
URL
https://mem.gfx.ms/meversion?partner=SMCConvergence&market=ja-jp&uhf=1
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/SilentSignInManager.Main.min.js?v=-H8YY1qMZVa7VuMXDDDTuFKvfZm6v4hD197P02JzQYY
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/SearchBox.Main.min.js?v=qtRvLSEGWCbif-VtQpbpXYVicHGWPbyc9CmreeF8AOI
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/feedback.js?v=vbvaO9lwMf9by3a0J9Ls2cRheSLDhg9mLlH7GKxcxZE
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/Support.Main.min.js?v=atw3nKeZ3Jjr7cwXt3My7TWJVwZ-MsBHfRXAK9f7YQQ
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/shimmerExperiment.Main.min.js?v=RX_2iJy9E0IQUQxAdNRQfWmCIdtJIvuNbS_NBO3X0jY
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/PromotionBanner.Main.min.js?v=_MMiqMl1s7Q17Qx3x_4L1welVdIVGtuQxZ2RSOvoy04
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/Article.Main.min.js?v=EKOnvB9Q2NwfFnCRCg7zJPV3d5-NzRdU__BLhOPbqgU
Domain
support.microsoft.com
URL
https://support.microsoft.com/js/MeControlCallout.Main.min.js?v=VqiWghI1o-dtiPO2stTiNaUYE8G5ohyZOlHMITVBMmo

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| startScan function| playSound object| date string| current_date string| current_time string| date_time function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| FlipDown function| pad function| appendChildren function| getParameterByName function| finalCountdown function| exitModal number| _kmodal boolean| _smodal number| _now number| _tmx function| $ function| jQuery object| bootstrap function| gtag object| dataLayer object| elem function| openFullscreen function| closeFullscreen function| getVariableFromURl string| phone object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
pub-212b3639fb724091a9c56c257970d487.r2.dev/ Name: PHPREFS
Value: full
.pub-212b3639fb724091a9c56c257970d487.r2.dev/ Name: _ga_W6923BL2S2
Value: GS1.1.1702721431.1.0.1702721431.0.0.0
.pub-212b3639fb724091a9c56c257970d487.r2.dev/ Name: _ga
Value: GA1.1.975458702.1702721431
support.microsoft.com/ Name: EXPID
Value: d5216351-ce73-43a4-bb36-56e89d6a045f

4 Console Messages

Source Level URL
Text
security warning URL: https://esoterik.ch/
Message:
Mixed Content: The page at 'https://esoterik.ch/' was loaded over HTTPS, but requested an insecure element 'http://img.sedoparking.com/images/js_preloader.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://esoterik.ch/(Line 15)
Message:
Mixed Content: The page at 'https://esoterik.ch/' was loaded over HTTPS, but requested an insecure element 'http://img.sedoparking.com/images/js_preloader.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/js/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-212b3639fb724091a9c56c257970d487.r2.dev/images/stars2.html
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnstat.net
esoterik.ch
img-prod-cms-rt-microsoft-com.akamaized.net
img.sedoparking.com
mem.gfx.ms
okean-qoj.com
pub-212b3639fb724091a9c56c257970d487.r2.dev
q2.quotes.com
region1.google-analytics.com
res-1.cdn.office.net
support.microsoft.com
swipoordi.store
wcpstatic.microsoft.com
www.googletagmanager.com
www.gstatic.com
www.microsoft.com
xml.sedodna.com
mem.gfx.ms
support.microsoft.com
wcpstatic.microsoft.com
104.18.3.35
142.250.185.72
162.0.217.92
172.217.18.3
173.239.53.32
188.114.97.3
2.21.20.148
205.234.175.175
216.239.32.36
23.19.76.168
23.35.228.112
23.35.229.160
23.53.42.202
3.227.169.142
64.190.63.111
038ffb4cc72b4349fabc1252b5a71a94a86954dc2ca0d4695e492d45c57c3165
0c38eb529c12fab701319ad8d666b12c90943df004a35f412c3b7b8fa8af9ea5
0e6030d920ac4a1223c1fc0cf267e51ec8db059e5badbb8e62191401ab36b138
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
137fa46b04862c2f4ce94097fecfb61393be6156a2807007469beee6ac6281f6
1c61fd14ebea168c979ba26215bcd09d8c1ac7be8b016a3d730f9f7c2e78570a
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
37aca53ff5d9d5e616f6b6a52a0638d86de8739b4fec0024828097e386bee1ab
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
3bbc0000e28054ddbe38b2e7a21dca8d66fda56ea48448bce4658bc6b518a970
3bbcaed8283eaa802c06f8464b8f3285fda694ec52feb8724c3715dce314889e
4330f5542cae4f558eff6342357dab4af2ac881fc1fa59a9ff8a2946e5c17538
48c6d2a7bb85b6f0e8bb644e3bcaa2073ce116a4cda9c1c301f189fc573db4a2
52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
5ca3acbdaca61e55264ba592b146ada4c6262a6be94b60190429b8f4aae9e1de
6684f110129884da58ef5499d8085d8be674a2ab8ec04669593c1ba8394b7b16
68605903aca2eb3183dafe3183967e51440d2677b5c8a04ca434f32585fc0417
6f26f0cc605a8c789c557b2956ce78d147d5d2cc16d2f09b3a606306bca3f4de
751831fdb1a6af18e8525408fb7882ea3eea6c4a59af0247fe1a190cfa6f8170
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
90bc19dbe5c897d18056edbb784c15d6154c9e71146710e890f880d19cc54262
91fb42a68a122344fd78cfd5f0cf9d06ff6d307fd4a5c68f40231c5950ece9a1
92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
94ca9709d3719e2f2f5e8552b56ab660ca181032bcf592e8fe6b3e3359f5768d
9b2b230a2559258b5ee763f7a230b2ec08da38c7b8c7ed70863050a43c7937cb
9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e
9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321
a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b088b15db5c16096b247c6662ddc9c85826ef31e2516f0e4816b72fcd03ffed7
bf8ebf2c2aeb4d8310341694baf1ed935d35c68c1572588af85b4775d5cf500e
c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868
c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c62210d8a6ff47210ec613dea379be8a5711cd18f89de22d6eb71b31016ba8b3
c88ef4e9b5643f5700b48b388a65ad459cdf5f32cdec40951346aaa638a0f0d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebdd298dfd39a35e5f54469f12953081a17cbea55f3a4a79c0fd4997d804f7d5
ebf389d983a48b2fc8a5d7ea0375335ca95fc9ba225b54406cb1d46acff4bd82
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
eeff85fa84b13b293d174019126708737c07bba0fccd2c812ff05fe5abb84c53
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d