URL: https://quest-microsoft.syssoft.ru/
Submission Tags: @phishunt_io
Submission: On August 29 via api from ES

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 60 HTTP transactions. The main IP is 85.119.149.96, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is quest-microsoft.syssoft.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 27th 2020. Valid for: 3 months.
This is the only time quest-microsoft.syssoft.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 u6.platformalp.ru quest-microsoft.syssoft.ru
7 s.plpstatic.ru quest-microsoft.syssoft.ru
s.plpstatic.ru
5 ssl.gstatic.com quest-microsoft.syssoft.ru
5 api-maps.yandex.ru s.plpstatic.ru
quest-microsoft.syssoft.ru
5 www.facebook.com quest-microsoft.syssoft.ru
4 fonts.gstatic.com s.plpstatic.ru
4 mc.yandex.ru 1 redirects quest-microsoft.syssoft.ru
4 apis.google.com quest-microsoft.syssoft.ru
apis.google.com
4 vk.com quest-microsoft.syssoft.ru
vk.com
3 widgets-2-omni-iframe.livetex.me balancer-cloud.livetex.ru
3 balancer-cloud.livetex.ru 2 redirects balancer-cloud.livetex.ru
3 connect.facebook.net quest-microsoft.syssoft.ru
connect.facebook.net
2 widgets-2-omni-iframe.livetex.ru quest-microsoft.syssoft.ru
2 www.youtube.com apis.google.com
2 quest-microsoft.syssoft.ru quest-microsoft.syssoft.ru
1 yastatic.net api-maps.yandex.ru
1 accounts.google.com apis.google.com
1 cs15.livetex.ru quest-microsoft.syssoft.ru
60 18
Subject Issuer Validity Valid
quest-microsoft.syssoft.ru
Let's Encrypt Authority X3
2020-08-27 -
2020-11-25
3 months crt.sh
plpstatic.ru
Let's Encrypt Authority X3
2020-06-05 -
2020-09-03
3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-06-09 -
2022-06-10
2 years crt.sh
*.apis.google.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-07-21 -
2020-10-12
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.google.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.livetex.ru
RapidSSL RSA CA 2018
2020-04-22 -
2021-05-09
a year crt.sh
api-maps.yandex.ru
Yandex CA
2020-03-17 -
2020-09-13
6 months crt.sh
*.platformalp.ru
Sectigo RSA Domain Validation Secure Server CA
2020-07-24 -
2022-10-22
2 years crt.sh
accounts.google.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.yastatic.net
Yandex CA
2020-08-07 -
2021-08-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh

This page contains 7 frames:

Primary Page: https://quest-microsoft.syssoft.ru/
Frame ID: D739F0615690D8DDA5B2194E762200B3
Requests: 66 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FSyssoftru%2F&tabs&width=500&height=214&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=true&appId=227709620593954
Frame ID: 8E213BB66D482BA376E0A404FB96FC00
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCnQIi8-PxyWV6V_LM2WXq4w&layout=full&count=hidden&origin=https%3A%2F%2Fquest-microsoft.syssoft.ru&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 79C86F092F7DD4AAAB20E8FEA79B867A
Requests: 1 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=0&width=500px&_ver=1&gid=71481981&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&referrer=&title=Quest%20-%20Microsoft%20Platform%20Management&174395cb60b
Frame ID: 36B34F18BAC2F710F09A44F9E2A69738
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fquest-microsoft.syssoft.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: F131BA3718E1E1F6A69D00A6BE87A1AA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCnQIi8-PxyWV6V_LM2WXq4w&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 49B2BD18465B816453F3F9EFEF277623
Requests: 1 HTTP requests in this frame

Frame: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Frame ID: 3378040CCE2C822F5E33290A5A52462C
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

60
Requests

100 %
HTTPS

67 %
IPv6

13
Domains

18
Subdomains

16
IPs

4
Countries

2513 kB
Transfer

8637 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://mc.yandex.ru/watch/49434307?wmode=7&page-url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598690210461%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200829103651%3Aet%3A1598690212%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170254917313%3Arqn%3A1%3Arn%3A826929359%3Ahid%3A793074490%3Ads%3A106%2C138%2C110%2C50%2C0%2C0%2C0%2C665%2C76%2C%2C%2C%2C1022%3Afp%3A746%3Awn%3A16715%3Ahl%3A2%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598690212%3Au%3A1598690212802475661%3At%3AQuest%20-%20Microsoft%20Platform%20Management HTTP 302
  • https://mc.yandex.ru/watch/49434307/1?wmode=7&page-url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598690210461%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200829103651%3Aet%3A1598690212%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170254917313%3Arqn%3A1%3Arn%3A826929359%3Ahid%3A793074490%3Ads%3A106%2C138%2C110%2C50%2C0%2C0%2C0%2C665%2C76%2C%2C%2C%2C1022%3Afp%3A746%3Awn%3A16715%3Ahl%3A2%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598690212%3Au%3A1598690212802475661%3At%3AQuest%20-%20Microsoft%20Platform%20Management
Request Chain 49
  • https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=settings_path&rnd=mabzgrxn89 HTTP 302
  • https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
Request Chain 60
  • https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=path&rnd=iwxkb9ka6e8 HTTP 302
  • https://widgets-2-omni-iframe.livetex.ru/js/app3.js

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
quest-microsoft.syssoft.ru/
458 KB
47 KB
Document
General
Full URL
https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.119.149.96 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
ffe459e332a1b10f107cb3b44e018df6d434d4d150de0256d410d06f68ee6237

Request headers

Host
quest-microsoft.syssoft.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Content-encoding
gzip
vendors.css
s.plpstatic.ru/assets/3.3/
308 KB
38 KB
Stylesheet
General
Full URL
https://s.plpstatic.ru/assets/3.3/vendors.css
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
21f538bb5a3b10b0c6758f5072ca4469075bc6367444dc0bf8c0177617280997

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2020 13:35:11 GMT
Server
nginx
ETag
"5eda4a0f-973a"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
38714
Expires
Sun, 30 Aug 2020 08:36:50 GMT
plp.css
s.plpstatic.ru/assets/3.3/
560 KB
45 KB
Stylesheet
General
Full URL
https://s.plpstatic.ru/assets/3.3/plp.css
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
25cd4b3632c9b1622968d1b3de5841c14a3c563dd507da009f14cc06b48b4292

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2020 13:35:20 GMT
Server
nginx
ETag
"5eda4a18-b21c"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
45596
Expires
Sun, 30 Aug 2020 08:36:50 GMT
nodes.css
s.plpstatic.ru/assets/3.3/
115 KB
47 KB
Stylesheet
General
Full URL
https://s.plpstatic.ru/assets/3.3/nodes.css
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
274533f86a530bf9f4ef20a622e84a80456f37f6d649e9e9df76ee548645b380

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Mar 2020 12:43:56 GMT
Server
nginx
ETag
"5e6cd18c-bb67"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
47975
Expires
Sun, 30 Aug 2020 08:36:50 GMT
openapi.js
vk.com/js/api/
100 KB
24 KB
Script
General
Full URL
https://vk.com/js/api/openapi.js?154
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:50 GMT
content-encoding
gzip
x-frontend
front213218
last-modified
Sat, 29 Aug 2020 03:52:48 GMT
server
kittenx
etag
"5f49d110-5db3"
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23987
expires
Wed, 02 Sep 2020 08:36:50 GMT
platform.js
apis.google.com/js/
49 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uBSQTzfZBkbjE5gqPdfEVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"81b6c5d10475fc4c0084a56d3b41af80"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-uBSQTzfZBkbjE5gqPdfEVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 29 Aug 2020 08:36:50 GMT
vendors.js
s.plpstatic.ru/assets/3.3/
355 KB
108 KB
Script
General
Full URL
https://s.plpstatic.ru/assets/3.3/vendors.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a8106ac064e738cd838a7a836bd9527ef3f6b40d9ef44dcdd742c3aef3d818c

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Mar 2020 12:44:29 GMT
Server
nginx
ETag
"5e6cd1ad-1ae02"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
110082
Expires
Sun, 30 Aug 2020 08:36:50 GMT
plp.js
s.plpstatic.ru/assets/3.3/
77 KB
22 KB
Script
General
Full URL
https://s.plpstatic.ru/assets/3.3/plp.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
687584625fa912e0fd6fec7f0fbee226ba732b64712d1080d06cdb88689d959f

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2020 13:35:25 GMT
Server
nginx
ETag
"5eda4a1d-5595"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
21909
Expires
Sun, 30 Aug 2020 08:36:50 GMT
nodes.js
s.plpstatic.ru/assets/3.3/
49 KB
9 KB
Script
General
Full URL
https://s.plpstatic.ru/assets/3.3/nodes.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
1db6a268677e54cf4be9704ccc6ac6e3288f015472211c4127fee25ef6243cad

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Mar 2020 12:43:56 GMT
Server
nginx
ETag
"5e6cd18c-22cf"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
8911
Expires
Sun, 30 Aug 2020 08:36:50 GMT
watch.js
mc.yandex.ru/metrika/
141 KB
42 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
49a98c4f3121f63a65a5683efdb14a264c3d968d4ae89244eea38979b5c5fe41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Content-Encoding
br
Last-Modified
Wed, 26 Aug 2020 09:15:52 GMT
Server
nginx/1.14.2
ETag
"5f462848-a651"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
42577
Expires
Sat, 29 Aug 2020 09:36:51 GMT
fbevents.js
connect.facebook.net/en_US/
134 KB
34 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
yTviKyt16zaY+zOIQEJCHsExjghXKM8bZviY4WKBv4bx1pBw0pnfhtt/OuORFcrdauD0rkucxizX7Z8E5CekOw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sat, 29 Aug 2020 08:36:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
rtrg
vk.com/
49 B
442 B
Image
General
Full URL
https://vk.com/rtrg?p=VK-RTRG-271695-frzsz
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / PHP/3.103642
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
content-encoding
gzip
x-frontend
front213218
server
kittenx
x-powered-by
PHP/3.103642
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
truncated
/
79 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfefe268bc05b349c75c286b36e52f8378f19bb2e58054b44f5657376762718e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9757aaa793e9917c71e68a725c305933a775666aa5c103339e873f9754d54538

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
79 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6eca3d6b0e3b0fd3c9b250c555be33e2fac9a8ee456f8c29339b1187e9d39ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
RjgO7rYTmqiVp7vzi-Q5UbO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/opensans/v13/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v13/RjgO7rYTmqiVp7vzi-Q5UbO3LdcAZYWl9Si6vvxL-qU.woff
Requested by
Host: s.plpstatic.ru
URL: https://s.plpstatic.ru/assets/3.3/plp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e8f00bed071bc169467cc91b1d2d8405ce391f070d10e6c97781c20d4d96170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://quest-microsoft.syssoft.ru
Referer
https://s.plpstatic.ru/assets/3.3/plp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:14:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:45:38 GMT
server
sffe
age
422547
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19400
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:14:24 GMT
fontawesome-webfont.woff2
s.plpstatic.ru/fonts/
70 KB
71 KB
Font
General
Full URL
https://s.plpstatic.ru/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: s.plpstatic.ru
URL: https://s.plpstatic.ru/assets/3.3/vendors.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.179.62 Lyubertsy, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://quest-microsoft.syssoft.ru
Referer
https://s.plpstatic.ru/assets/3.3/vendors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Last-Modified
Fri, 13 Mar 2020 06:55:25 GMT
Server
nginx
ETag
"5e6b2e5d-118d8"
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
71896
Expires
Sun, 30 Aug 2020 08:36:51 GMT
truncated
/
76 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58a564addb2eda88ab43db0525f1b732a8c607fc5ff383833b67129495471b32

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d83d6ffeb54705c36524f7d189511051439579615f4599284067d19be1dfe632

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
88 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
562adef1fbe0bc0b2e473fd32a74c1af42c0ea38997c5ee57d1f5b8db0454f7a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
81 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfe689e67061824b061d250169023efcff1bbcec33f2be214be50fb55dc8ad3e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
79 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
602860262e5d917ff156da20a2751bde45c0d4c7968f814800c70f0168038880

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
k3k702ZOKiLJc3WVjuplzAcuEIXEaFWBWXA4NoGd_Oo.woff
fonts.gstatic.com/s/opensans/v13/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzAcuEIXEaFWBWXA4NoGd_Oo.woff
Requested by
Host: s.plpstatic.ru
URL: https://s.plpstatic.ru/assets/3.3/plp.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd01185f335d20e75286a45c3c44d4f9af567fff4c78dbf6ec414a60f3c602f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://quest-microsoft.syssoft.ru
Referer
https://s.plpstatic.ru/assets/3.3/plp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:14:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:23 GMT
server
sffe
age
422547
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19196
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:14:24 GMT
dazS1PrQQuCxC3iOAJFEJZoxY6pJ8tEQQdWYhQvtl8Q.woff
fonts.gstatic.com/s/robotoslab/v6/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v6/dazS1PrQQuCxC3iOAJFEJZoxY6pJ8tEQQdWYhQvtl8Q.woff
Requested by
Host: s.plpstatic.ru
URL: https://s.plpstatic.ru/assets/3.3/plp.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028d7ef984ac3ed4cf60b9fb2b9ccc3fada835cbbcd04ab51562d84617e221e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://quest-microsoft.syssoft.ru
Referer
https://s.plpstatic.ru/assets/3.3/plp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:15:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Aug 2014 18:21:36 GMT
server
sffe
age
422454
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22040
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:15:57 GMT
y7lebkjgREBJK96VQi37ZkbeuvGrcRTTBH456c-a4yI.woff
fonts.gstatic.com/s/robotoslab/v6/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v6/y7lebkjgREBJK96VQi37ZkbeuvGrcRTTBH456c-a4yI.woff
Requested by
Host: s.plpstatic.ru
URL: https://s.plpstatic.ru/assets/3.3/plp.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c0385b75f7706c2000b41287241454a9d6539e8fc0f4380200dd86ffe8dd06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://quest-microsoft.syssoft.ru
Referer
https://s.plpstatic.ru/assets/3.3/plp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:15:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Aug 2014 20:41:06 GMT
server
sffe
age
422454
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21456
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:15:57 GMT
page.php
www.facebook.com/plugins/ Frame 8E21
0
0
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FSyssoftru%2F&tabs&width=500&height=214&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=true&appId=227709620593954
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FSyssoftru%2F&tabs&width=500&height=214&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=true&appId=227709620593954
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quest-microsoft.syssoft.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quest-microsoft.syssoft.ru/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
pv1+lvcIoVCgKd/JYTRgtXJ6jO7DNUTuKcWj2gfl7m3dJGSbE1LfCBLgTn3XEC9yu1KkUptksWMOpCnmPGlmAg==
date
Sat, 29 Aug 2020 08:36:51 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
truncated
/
75 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3cd13404ce2d402f79f752f7b991e5de4f544c21c24cb6a468f18c0894f88ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
116 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62109d008290dcc5082732986afd832448190b03dfdf67b4940398bf1a9add45

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
upload.gif
vk.com/images/
230 B
485 B
Image
General
Full URL
https://vk.com/images/upload.gif
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
x-frontend
front213218
last-modified
Mon, 03 Aug 2020 21:11:26 GMT
server
kittenx
etag
"5f287d7e-e6"
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=604800
accept-ranges
bytes
content-length
230
expires
Sat, 05 Sep 2020 08:36:51 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/
116 KB
41 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b8e8b6c26d7b34cc48b04df5633f14745f22c06826c70ac7e5f3a226bfcb869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 17:04:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 02 Aug 2020 22:35:54 GMT
server
sffe
age
401532
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41995
x-xss-protection
0
expires
Tue, 24 Aug 2021 17:04:39 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/
119 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
521ceb171869c1862404b31bd4768200aa4c5a1cb53ab27bb8e9d4e08a424a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 17:04:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 02 Aug 2020 22:35:54 GMT
server
sffe
age
401532
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41259
x-xss-protection
0
expires
Tue, 24 Aug 2021 17:04:39 GMT
subscribe_embed
www.youtube.com/ Frame 79C8
0
0
Document
General
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCnQIi8-PxyWV6V_LM2WXq4w&layout=full&count=hidden&origin=https%3A%2F%2Fquest-microsoft.syssoft.ru&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?usegapi=1&channelid=UCnQIi8-PxyWV6V_LM2WXq4w&layout=full&count=hidden&origin=https%3A%2F%2Fquest-microsoft.syssoft.ru&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quest-microsoft.syssoft.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quest-microsoft.syssoft.ru/

Response headers

status
200
content-encoding
br
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
content-length
1874
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
date
Sat, 29 Aug 2020 08:36:51 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=AXIChqXD9aQ; path=/; domain=.youtube.com; secure; expires=Thu, 25-Feb-2021 08:36:51 GMT; httponly; samesite=None YSC=M4fUqhIs_Bg; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 29-Aug-2020 09:06:51 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
widget_community.php
vk.com/ Frame 36B3
0
0
Document
General
Full URL
https://vk.com/widget_community.php?app=0&width=500px&_ver=1&gid=71481981&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&referrer=&title=Quest%20-%20Microsoft%20Platform%20Management&174395cb60b
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?154
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / PHP/3.103642
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: about:;script-src 'self' https://*.vk.com https://static.vk.me https://*.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
vk.com
:scheme
https
:path
/widget_community.php?app=0&width=500px&_ver=1&gid=71481981&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&referrer=&title=Quest%20-%20Microsoft%20Platform%20Management&174395cb60b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quest-microsoft.syssoft.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
remixlang=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quest-microsoft.syssoft.ru/

Response headers

status
200
server
kittenx
date
Sat, 29 Aug 2020 08:36:51 GMT
content-type
text/html; charset=windows-1251
content-length
7111
x-powered-by
PHP/3.103642
set-cookie
remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None remixstid=1135084604_CKYLzIChbvJXEbZqSTI8ZgUqjXJz52Op62clfz4JqsD; expires=Sat, 21 Aug 2021 07:21:26 GMT; path=/; domain=.vk.com; secure; SameSite=None
cache-control
no-store
content-security-policy
default-src * data: blob: about:;script-src 'self' https://*.vk.com https://static.vk.me https://*.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
content-encoding
gzip
x-frontend
front213218
strict-transport-security
max-age=15768000
access-control-expose-headers
X-Frontend
191908958077093
connect.facebook.net/signals/config/
524 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/191908958077093?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
800a5e26ca075fcc7da9d4fae06c134f97700bee5efd969f7bb945dbfa90ed0f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
K2tZUxM4KzkIFqD1C5G2c8dwFPqfgiVP+ciPI69H3M0tzjPiVjLa4jM1ZHSH3gEou6HaNzJvFvM3VjBcZTD/RQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sat, 29 Aug 2020 08:36:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/
83 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6e10c14e1fd682be542858446d53b75688441c0d395f74a9ce1fde4241a4cd9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
client.js
cs15.livetex.ru/js/
2 KB
1 KB
Script
General
Full URL
https://cs15.livetex.ru/js/client.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
af65a4a9ce0c688f2f259c6d0ecf51865c74315ac89a3847c438ba07b9cbf711

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 11:09:40 GMT
server
nginx
etag
W/"5e1c4ff4-67f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=86400
expires
Sun, 30 Aug 2020 08:36:51 GMT
/
api-maps.yandex.ru/2.1/
39 KB
14 KB
Script
General
Full URL
https://api-maps.yandex.ru/2.1/?lang=ru-RU&_=1598690211467
Requested by
Host: s.plpstatic.ru
URL: https://s.plpstatic.ru/assets/3.3/vendors.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
89705870e0b9768bcc16b264aec9558a161e440a4abdc67e7214716557ad9b89
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
X-qloud-router
myt6-c721432ad800.qloud-c.yandex.net
Vary
Accept-Encoding, Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-LIGHTTPD-LOCALE
ru_RU
Content-Disposition
attachment; filename=json.txt
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=120
X-XSS-Protection
1; mode=block
1
mc.yandex.ru/watch/49434307/
Redirect Chain
  • https://mc.yandex.ru/watch/49434307?wmode=7&page-url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598690210461%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%...
  • https://mc.yandex.ru/watch/49434307/1?wmode=7&page-url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598690210461%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afp...
186 B
748 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49434307/1?wmode=7&page-url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598690210461%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200829103651%3Aet%3A1598690212%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170254917313%3Arqn%3A1%3Arn%3A826929359%3Ahid%3A793074490%3Ads%3A106%2C138%2C110%2C50%2C0%2C0%2C0%2C665%2C76%2C%2C%2C%2C1022%3Afp%3A746%3Awn%3A16715%3Ahl%3A2%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598690212%3Au%3A1598690212802475661%3At%3AQuest%20-%20Microsoft%20Platform%20Management
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2c95fa31179f076dbd38d7977676d43e74d4bc70807ea94afc277d3f366b619c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Aug 2020 08:36:51 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 29-Aug-2020 08:36:51 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://quest-microsoft.syssoft.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Sat, 29-Aug-2020 08:36:51 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Aug 2020 08:36:51 GMT
Last-Modified
Sat, 29-Aug-2020 08:36:51 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://quest-microsoft.syssoft.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/49434307/1?wmode=7&page-url=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598690210461%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200829103651%3Aet%3A1598690212%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170254917313%3Arqn%3A1%3Arn%3A826929359%3Ahid%3A793074490%3Ads%3A106%2C138%2C110%2C50%2C0%2C0%2C0%2C665%2C76%2C%2C%2C%2C1022%3Afp%3A746%3Awn%3A16715%3Ahl%3A2%3Agdpr%3A14%3Av%3A1926%3Arqnl%3A1%3Ast%3A1598690212%3Au%3A1598690212802475661%3At%3AQuest%20-%20Microsoft%20Platform%20Management
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sat, 29-Aug-2020 08:36:51 GMT
8a51067ccec5f8cfcc5be3b969b738e6.png
u6.platformalp.ru/s/8c40j9051/e286aafa2bbcc199ee3ad02aa6b65828/
8 KB
8 KB
Image
General
Full URL
https://u6.platformalp.ru/s/8c40j9051/e286aafa2bbcc199ee3ad02aa6b65828/8a51067ccec5f8cfcc5be3b969b738e6.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
c4f147fe343964296b47bc21b82a8fa9410d072a0f584e9be060d5cd6bf72579

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Server
openresty
Content-Type
image/png
Expires
Sun, 29 Aug 2021 08:36:51 GMT
Cache-Control
max-age=31536000, public, max-age=2592000, s-maxage=2592000
X-Request-Time
0.000
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
7836
X-Proxy-Cache
MISS
57a2c9748305390ceaac3922767126f1.png
u6.platformalp.ru/s/57ejfl051/e286aafa2bbcc199ee3ad02aa6b65828/
9 KB
9 KB
Image
General
Full URL
https://u6.platformalp.ru/s/57ejfl051/e286aafa2bbcc199ee3ad02aa6b65828/57a2c9748305390ceaac3922767126f1.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
7c1182bb79659c57bf5c4c45b9f45223e5a1b05ecf3be9c2da9b3f5e51a08cff

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Server
openresty
Content-Type
image/png
Expires
Sun, 29 Aug 2021 08:36:51 GMT
Cache-Control
max-age=31536000, public, max-age=2592000, s-maxage=2592000
X-Request-Time
0.000
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
9220
X-Proxy-Cache
MISS
719204839e8c99e361a4ec74e221e81e.png
u6.platformalp.ru/s/1h43hb051/e286aafa2bbcc199ee3ad02aa6b65828/
3 KB
3 KB
Image
General
Full URL
https://u6.platformalp.ru/s/1h43hb051/e286aafa2bbcc199ee3ad02aa6b65828/719204839e8c99e361a4ec74e221e81e.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
043b9d45cbad92cccabe78c2eff5fe943fd58374ccaab7e63297617f3ba2e6c9

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Server
openresty
Content-Type
image/png
Expires
Sun, 29 Aug 2021 08:36:51 GMT
Cache-Control
max-age=31536000, public, max-age=2592000, s-maxage=2592000
X-Request-Time
0.000
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
3137
X-Proxy-Cache
MISS
9e9bd6adb9440c4db766c3e2c556ce34.gif
u6.platformalp.ru/s/73o5j09061/e286aafa2bbcc199ee3ad02aa6b65828/
510 KB
511 KB
Image
General
Full URL
https://u6.platformalp.ru/s/73o5j09061/e286aafa2bbcc199ee3ad02aa6b65828/9e9bd6adb9440c4db766c3e2c556ce34.gif
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
abd822877be6921bbec83920e7b9ef0500fee6a6ab980497b46b99b2029fa007

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Last-Modified
Thu, 18 Apr 2019 13:09:49 GMT
Server
openresty
ETag
"5cb8771d-7f9b3"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
522675
X-Media
true
Expires
Sun, 29 Aug 2021 08:36:51 GMT
837f613b51036ea54a25ab0fad8f0e23.png
u6.platformalp.ru/s/2108511061/e286aafa2bbcc199ee3ad02aa6b65828/
57 KB
57 KB
Image
General
Full URL
https://u6.platformalp.ru/s/2108511061/e286aafa2bbcc199ee3ad02aa6b65828/837f613b51036ea54a25ab0fad8f0e23.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
00ce4f04bad5f3d8de68bf445f2bf484d2f12a2295abf6c83a51c4358e927f51

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Server
openresty
Content-Type
image/png
Expires
Sun, 29 Aug 2021 08:36:51 GMT
Cache-Control
max-age=31536000, public, max-age=2592000, s-maxage=2592000
X-Request-Time
0.100
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
58310
X-Proxy-Cache
MISS
9d75f00312ae559a23e770bc22e017ad.jpg
u6.platformalp.ru/s/213f5sk061/e286aafa2bbcc199ee3ad02aa6b65828/
16 KB
17 KB
Image
General
Full URL
https://u6.platformalp.ru/s/213f5sk061/e286aafa2bbcc199ee3ad02aa6b65828/9d75f00312ae559a23e770bc22e017ad.jpg
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
e8b55b6dd5235741c6558346adda04d7b8ddda2236478ed08c9a45e328bc43f6

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:52 GMT
Server
openresty
Content-Type
image/jpeg
Expires
Sun, 29 Aug 2021 08:36:52 GMT
Cache-Control
max-age=31536000, public, max-age=2592000, s-maxage=2592000
X-Request-Time
0.044
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
16577
X-Proxy-Cache
MISS
274557748ae586f42c7212426e9be65c.png
u6.platformalp.ru/s/1mkb3k051/e286aafa2bbcc199ee3ad02aa6b65828/
18 KB
18 KB
Image
General
Full URL
https://u6.platformalp.ru/s/1mkb3k051/e286aafa2bbcc199ee3ad02aa6b65828/274557748ae586f42c7212426e9be65c.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.213.231.150 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
a421bf95d0a9c37703956a5283d9dc2bb3c20531ddd4fcf11f4464c9ccea791d

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Server
openresty
Content-Type
image/png
Expires
Sun, 29 Aug 2021 08:36:51 GMT
Cache-Control
max-age=31536000, public, max-age=2592000, s-maxage=2592000
X-Request-Time
0.000
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
18237
X-Proxy-Cache
MISS
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Last-Modified
Mon, 06 Jul 2020 15:32:05 GMT
Server
nginx/1.14.2
ETag
"5f0343f5-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 29 Aug 2020 09:36:51 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame F131
0
0
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fquest-microsoft.syssoft.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F4yI68SOyhkUdO31dYrA7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fquest-microsoft.syssoft.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quest-microsoft.syssoft.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=0fbEZJIuJ-E6Om4T2DkfbaNy7fFTRvQ9sJ8KRAIUfkUtFV9jMngIlWKiSuBQ1tuXnkJIotstInrlo3ZVPULh3FbFlrpyfHNU7dFeBZaC8yU-bcjsDz1LJKPJa3iKmHtAHvtVa8EnO8_fPCP9Pq_nXqic0TF2T4P0-TWXPu_t4Eo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quest-microsoft.syssoft.ru/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 29 Aug 2020 08:36:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-F4yI68SOyhkUdO31dYrA7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
629221560552390
connect.facebook.net/signals/config/
524 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/629221560552390?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a7aadbf27cf7154f12219d2bf2f4404dab9065cb1df93b6b2ae09da2b87ae08
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
pcArzc287Pg1auy5eQYOnOsXSsBjsTm3tOj09PpVJ0snEarpXpKFkyM3DEuHkpOJyZxq0lKu6/B22AwJ116bxg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sat, 29 Aug 2020 08:36:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
240 B
Image
General
Full URL
https://www.facebook.com/tr/?id=191908958077093&ev=PageView&dl=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&rl=&if=false&ts=1598690211785&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598690211784.1980920708&it=1598690211412&coo=false&rqm=GET
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 29 Aug 2020 08:36:51 GMT
widgetsSettings.json
widgets-2-omni-iframe.livetex.ru/js/
Redirect Chain
  • https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=settings_path&rnd=mabzgrxn89
  • https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
1020 B
1 KB
XHR
General
Full URL
https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
e6d2e447997a58043ecdc6e4534ebd9cb98f0576bfee7b82a4d8d2e357968d62

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
last-modified
Tue, 07 Jul 2020 12:19:07 GMT
server
nginx
etag
"5f04683b-3fc"
status
200
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1020

Redirect headers

pragma
no-cache
date
Sat, 29 Aug 2020 08:36:51 GMT
server
nginx
status
302
location
//widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
access-control-allow-origin
https://quest-microsoft.syssoft.ru
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials
true
content-length
0
expires
Sat, 29 Aug 2020 08:36:50 GMT
full-d3f34cc99c9c0dd436b9bc268e8dd6c17d0c711a.js
yastatic.net/s3/front-maps-static/front-jsapi-v2-1/2.1.77-27/build/release/
3 MB
692 KB
Script
General
Full URL
https://yastatic.net/s3/front-maps-static/front-jsapi-v2-1/2.1.77-27/build/release/full-d3f34cc99c9c0dd436b9bc268e8dd6c17d0c711a.js
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru-RU&_=1598690211467
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c4c7d01b5d85dc271c4de5ab1ba99bd00bb22283ec5d040160d24f9ab4d4f45
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
x-nginx-request-id
de0846ed093f512f
last-modified
Fri, 17 Jul 2020 14:25:25 GMT
server
nginx/1.17.9
etag
W/"93a1917fff5d14485b3e5b2e73f63b04"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31556952
timing-allow-origin
*
expires
Sun, 29 Aug 2021 14:24:30 GMT
/
quest-microsoft.syssoft.ru/
2 B
289 B
XHR
General
Full URL
https://quest-microsoft.syssoft.ru/
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.119.149.96 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
openresty /
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 29 Aug 2020 08:36:51 GMT
Server
openresty
Connection
keep-alive
Keep-Alive
timeout=20
Transfer-Encoding
chunked
Content-Type
application/octet-stream
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/
27 KB
9 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ada70caed6a7e67d4c10a6de4c07c7863d48d6819c700c39d6b24234d9b4f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 17:04:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 02 Aug 2020 22:35:54 GMT
server
sffe
age
401532
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
expires
Tue, 24 Aug 2021 17:04:39 GMT
subscribe_embed
www.youtube.com/ Frame 49B2
0
0
Document
General
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCnQIi8-PxyWV6V_LM2WXq4w&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?action_card=1&channelid=UCnQIi8-PxyWV6V_LM2WXq4w&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quest-microsoft.syssoft.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=AXIChqXD9aQ; YSC=M4fUqhIs_Bg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quest-microsoft.syssoft.ru/

Response headers

status
200
content-type
text/html; charset=utf-8
content-encoding
br
strict-transport-security
max-age=31536000
content-length
325
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
date
Sat, 29 Aug 2020 08:36:51 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Sat, 29-Aug-2020 09:06:51 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
43 B
397 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:04:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
423153
content-type
image/gif
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:04:18 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
43 B
117 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:04:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
423138
content-type
image/gif
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:04:33 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
318 B
344 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:04:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
423151
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:04:20 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
116 B
193 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:04:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
423151
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:04:20 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
117 B
202 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 11:04:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
423154
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Tue, 24 Aug 2021 11:04:17 GMT
/
www.facebook.com/tr/
44 B
106 B
Image
General
Full URL
https://www.facebook.com/tr/?id=629221560552390&ev=PageView&dl=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&rl=&if=false&ts=1598690211962&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598690211784.1980920708&it=1598690211412&coo=false&rqm=GET
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 29 Aug 2020 08:36:51 GMT
app3.js
widgets-2-omni-iframe.livetex.ru/js/
Redirect Chain
  • https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=path&rnd=iwxkb9ka6e8
  • https://widgets-2-omni-iframe.livetex.ru/js/app3.js
26 KB
7 KB
Script
General
Full URL
https://widgets-2-omni-iframe.livetex.ru/js/app3.js
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
612e00615c774a25fe97dca42929a9c9e55283a528cd424741d0debfad10f071

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:52 GMT
content-encoding
gzip
server
nginx
etag
W/"5f47e3aa-684d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Sat, 29 Aug 2020 08:36:52 GMT
server
nginx
status
302
location
//widgets-2-omni-iframe.livetex.ru/js/app3.js
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials
true
content-length
0
expires
Sat, 29 Aug 2020 08:36:51 GMT
iframe.html
widgets-2-omni-iframe.livetex.me/js/
0
0
Fetch
General
Full URL
https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=path&rnd=iwxkb9ka6e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:6562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://quest-microsoft.syssoft.ru
cache-control
no-cache
cf-ray
5ca4f26298a2d729-FRA
cf-request-id
04daf5d1a00000d7290a310200000001
iframe.html
widgets-2-omni-iframe.livetex.me/js/ Frame 3378
0
0
Document
General
Full URL
https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=path&rnd=iwxkb9ka6e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:6562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
widgets-2-omni-iframe.livetex.me
:scheme
https
:path
/js/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quest-microsoft.syssoft.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quest-microsoft.syssoft.ru/

Response headers

status
200
date
Sat, 29 Aug 2020 08:36:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd4514b92713d233af9627999ed2680051598690212; expires=Mon, 28-Sep-20 08:36:52 GMT; path=/; domain=.livetex.me; HttpOnly; SameSite=Lax __cf_bm=bb6086e45df91864f0d607a494b879e69c092d04-1598690212-1800-AaaLiL8UjUu4LWIQp6Csuhd9Lizr1reVcymVtNa7TBZwtVT6ao70x03F/LtwIKNAkVe6XuzOgkl/OI1PgsGmkR8=; path=/; expires=Sat, 29-Aug-20 09:06:52 GMT; domain=.livetex.me; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-request-id
04daf5d2180000c272aa86a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ca4f26358a1c272-FRA
content-encoding
br
ui.7.1.664.js
widgets-2-omni-iframe.livetex.me/js/
1 MB
226 KB
Script
General
Full URL
https://widgets-2-omni-iframe.livetex.me/js/ui.7.1.664.js
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=path&rnd=iwxkb9ka6e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:6562 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86f54d53ef2c504e5458f945b75fc298906f5c0b6e754fd74d948ca4adf9061

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:52 GMT
content-encoding
br
cf-cache-status
HIT
age
142695
cf-polished
origSize=1089789
status
200
cf-request-id
04daf5d2190000c272aa86b200000001
cf-bgj
minify
server
cloudflare
etag
W/"5f47e3a5-10a0fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
sourcemap
ui.7.1.664.js.map
cf-ray
5ca4f26358a4c272-FRA
/
balancer-cloud.livetex.ru/services/
2 KB
698 B
Fetch
General
Full URL
https://balancer-cloud.livetex.ru/services/?site_id=153459&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http,event-service-app.widgets-thrift-http&client=widget&version=7.1.664
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=153459&version=1.1.55&target=path&rnd=iwxkb9ka6e8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
87a73ee56e2d8f6541691f4236c73fac5e24f9e386e786f8fd4f5444789db590

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 08:36:52 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://quest-microsoft.syssoft.ru
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-TOKEN
expires
Sat, 29 Aug 2020 08:36:51 GMT
grab.cur
api-maps.yandex.ru/2.1.77/build/release/images/cursor/
326 B
780 B
Image
General
Full URL
https://api-maps.yandex.ru/2.1.77/build/release/images/cursor/grab.cur
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:52 GMT
Last-Modified
Fri, 17 Jul 2020 14:25:47 GMT
Server
nginx
ETag
"5f11b4eb-146"
X-qloud-router
myt6-c721432ad800.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
grabbing.cur
api-maps.yandex.ru/2.1.77/build/release/images/cursor/
326 B
780 B
Image
General
Full URL
https://api-maps.yandex.ru/2.1.77/build/release/images/cursor/grabbing.cur
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:52 GMT
Last-Modified
Fri, 17 Jul 2020 14:25:47 GMT
Server
nginx
ETag
"5f11b4eb-146"
X-qloud-router
myt6-c721432ad800.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
help.cur
api-maps.yandex.ru/2.1.77/build/release/images/cursor/
326 B
780 B
Image
General
Full URL
https://api-maps.yandex.ru/2.1.77/build/release/images/cursor/help.cur
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:52 GMT
Last-Modified
Fri, 17 Jul 2020 14:25:47 GMT
Server
nginx
ETag
"5f11b4eb-146"
X-qloud-router
iva8-1d8f1e600b6d.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
zoom_in.cur
api-maps.yandex.ru/2.1.77/build/release/images/cursor/
326 B
780 B
Image
General
Full URL
https://api-maps.yandex.ru/2.1.77/build/release/images/cursor/zoom_in.cur
Requested by
Host: quest-microsoft.syssoft.ru
URL: https://quest-microsoft.syssoft.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 08:36:52 GMT
Last-Modified
Fri, 17 Jul 2020 14:25:47 GMT
Server
nginx
ETag
"5f11b4eb-146"
X-qloud-router
sas8-8e6f697e32f0.qloud-c.yandex.net
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
326
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/
44 B
151 B
Image
General
Full URL
https://www.facebook.com/tr/?id=191908958077093&ev=Microdata&dl=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&rl=&if=false&ts=1598690213331&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Quest%20-%20Microsoft%20Platform%20Management%22%2C%22meta%3Adescription%22%3A%22Quest%20-%20Microsoft%20Platform%20Management%22%2C%22meta%3Akeywords%22%3A%22Quest%20-%20Microsoft%20Platform%20Management%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1598690211784.1980920708&it=1598690211412&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 29 Aug 2020 08:36:53 GMT
/
www.facebook.com/tr/
44 B
105 B
Image
General
Full URL
https://www.facebook.com/tr/?id=629221560552390&ev=Microdata&dl=https%3A%2F%2Fquest-microsoft.syssoft.ru%2F&rl=&if=false&ts=1598690213622&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Quest%20-%20Microsoft%20Platform%20Management%22%2C%22meta%3Adescription%22%3A%22Quest%20-%20Microsoft%20Platform%20Management%22%2C%22meta%3Akeywords%22%3A%22Quest%20-%20Microsoft%20Platform%20Management%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1598690211784.1980920708&it=1598690211412&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quest-microsoft.syssoft.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 08:36:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 29 Aug 2020 08:36:53 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| plp number| plp_page_id number| plp_content_id string| plp_lang string| lptag function| error_handler object| _trackJs function| fbq function| _fbq function| obj2qs object| fastXDM object| VK object| gapi object| ___jsl function| onYouTubeIframeAPIReady object| ytp function| $ function| jQuery function| _ object| Modernizr function| WOW object| store function| sweetAlertInitialize function| swal function| sweetAlert object| stackEffects function| Snowfall function| particlesJS boolean| liveTex number| liveTexID boolean| liveTex_object object| jQuery111008580742038280185 object| goodshare object| Ya object| yaCounter49434307 object| yaCounter object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| oauth2 object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow string| LTX_VERSION object| LiveTex object| ymaps object| x function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___

13 Cookies

Domain/Path Name / Value
.livetex.me/ Name: __cf_bm
Value: bb6086e45df91864f0d607a494b879e69c092d04-1598690212-1800-AaaLiL8UjUu4LWIQp6Csuhd9Lizr1reVcymVtNa7TBZwtVT6ao70x03F/LtwIKNAkVe6XuzOgkl/OI1PgsGmkR8=
.vk.com/ Name: remixstid
Value: 1135084604_CKYLzIChbvJXEbZqSTI8ZgUqjXJz52Op62clfz4JqsD
.vk.com/ Name: remixlang
Value: 3
quest-microsoft.syssoft.ru/ Name: plp7_1498666
Value: 5f4a13a30d987884350231
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: AXIChqXD9aQ
.facebook.com/ Name: fr
Value: 0aukWlpcgFHE9hsHs..BfShOj...1.0.BfShOj.
.syssoft.ru/ Name: _ym_visorc_49434307
Value: w
.syssoft.ru/ Name: _fbp
Value: fb.1.1598690211784.1980920708
.youtube.com/ Name: YSC
Value: M4fUqhIs_Bg
.syssoft.ru/ Name: _ym_d
Value: 1598690212
.google.com/ Name: NID
Value: 204=0fbEZJIuJ-E6Om4T2DkfbaNy7fFTRvQ9sJ8KRAIUfkUtFV9jMngIlWKiSuBQ1tuXnkJIotstInrlo3ZVPULh3FbFlrpyfHNU7dFeBZaC8yU-bcjsDz1LJKPJa3iKmHtAHvtVa8EnO8_fPCP9Pq_nXqic0TF2T4P0-TWXPu_t4Eo
.syssoft.ru/ Name: _ym_isad
Value: 2
.syssoft.ru/ Name: _ym_uid
Value: 1598690212802475661

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-maps.yandex.ru
apis.google.com
balancer-cloud.livetex.ru
connect.facebook.net
cs15.livetex.ru
fonts.gstatic.com
mc.yandex.ru
quest-microsoft.syssoft.ru
s.plpstatic.ru
ssl.gstatic.com
u6.platformalp.ru
vk.com
widgets-2-omni-iframe.livetex.me
widgets-2-omni-iframe.livetex.ru
www.facebook.com
www.youtube.com
yastatic.net
185.39.80.168
2606:4700:3034::6818:6562
2a00:1450:4001:814::200d
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:821::200e
2a02:6b8:20::215
2a02:6b8::173
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
80.93.179.62
85.119.149.96
87.240.190.67
95.213.231.150
0028d7ef984ac3ed4cf60b9fb2b9ccc3fada835cbbcd04ab51562d84617e221e
00ce4f04bad5f3d8de68bf445f2bf484d2f12a2295abf6c83a51c4358e927f51
043b9d45cbad92cccabe78c2eff5fe943fd58374ccaab7e63297617f3ba2e6c9
092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2
0c4c7d01b5d85dc271c4de5ab1ba99bd00bb22283ec5d040160d24f9ab4d4f45
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
1db6a268677e54cf4be9704ccc6ac6e3288f015472211c4127fee25ef6243cad
21f538bb5a3b10b0c6758f5072ca4469075bc6367444dc0bf8c0177617280997
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
25cd4b3632c9b1622968d1b3de5841c14a3c563dd507da009f14cc06b48b4292
274533f86a530bf9f4ef20a622e84a80456f37f6d649e9e9df76ee548645b380
2ada70caed6a7e67d4c10a6de4c07c7863d48d6819c700c39d6b24234d9b4f0b
2c95fa31179f076dbd38d7977676d43e74d4bc70807ea94afc277d3f366b619c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3a7aadbf27cf7154f12219d2bf2f4404dab9065cb1df93b6b2ae09da2b87ae08
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
49a98c4f3121f63a65a5683efdb14a264c3d968d4ae89244eea38979b5c5fe41
4a8106ac064e738cd838a7a836bd9527ef3f6b40d9ef44dcdd742c3aef3d818c
4b8e8b6c26d7b34cc48b04df5633f14745f22c06826c70ac7e5f3a226bfcb869
521ceb171869c1862404b31bd4768200aa4c5a1cb53ab27bb8e9d4e08a424a32
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
562adef1fbe0bc0b2e473fd32a74c1af42c0ea38997c5ee57d1f5b8db0454f7a
58a564addb2eda88ab43db0525f1b732a8c607fc5ff383833b67129495471b32
602860262e5d917ff156da20a2751bde45c0d4c7968f814800c70f0168038880
612e00615c774a25fe97dca42929a9c9e55283a528cd424741d0debfad10f071
62109d008290dcc5082732986afd832448190b03dfdf67b4940398bf1a9add45
687584625fa912e0fd6fec7f0fbee226ba732b64712d1080d06cdb88689d959f
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
7c1182bb79659c57bf5c4c45b9f45223e5a1b05ecf3be9c2da9b3f5e51a08cff
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
800a5e26ca075fcc7da9d4fae06c134f97700bee5efd969f7bb945dbfa90ed0f
87a73ee56e2d8f6541691f4236c73fac5e24f9e386e786f8fd4f5444789db590
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
89705870e0b9768bcc16b264aec9558a161e440a4abdc67e7214716557ad9b89
91c0385b75f7706c2000b41287241454a9d6539e8fc0f4380200dd86ffe8dd06
9757aaa793e9917c71e68a725c305933a775666aa5c103339e873f9754d54538
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9e8f00bed071bc169467cc91b1d2d8405ce391f070d10e6c97781c20d4d96170
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a3cd13404ce2d402f79f752f7b991e5de4f544c21c24cb6a468f18c0894f88ce
a421bf95d0a9c37703956a5283d9dc2bb3c20531ddd4fcf11f4464c9ccea791d
abd822877be6921bbec83920e7b9ef0500fee6a6ab980497b46b99b2029fa007
af65a4a9ce0c688f2f259c6d0ecf51865c74315ac89a3847c438ba07b9cbf711
b6eca3d6b0e3b0fd3c9b250c555be33e2fac9a8ee456f8c29339b1187e9d39ff
b86f54d53ef2c504e5458f945b75fc298906f5c0b6e754fd74d948ca4adf9061
bfefe268bc05b349c75c286b36e52f8378f19bb2e58054b44f5657376762718e
c4f147fe343964296b47bc21b82a8fa9410d072a0f584e9be060d5cd6bf72579
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3
cd01185f335d20e75286a45c3c44d4f9af567fff4c78dbf6ec414a60f3c602f8
cfe689e67061824b061d250169023efcff1bbcec33f2be214be50fb55dc8ad3e
d6e10c14e1fd682be542858446d53b75688441c0d395f74a9ce1fde4241a4cd9
d83d6ffeb54705c36524f7d189511051439579615f4599284067d19be1dfe632
e6d2e447997a58043ecdc6e4534ebd9cb98f0576bfee7b82a4d8d2e357968d62
e8b55b6dd5235741c6558346adda04d7b8ddda2236478ed08c9a45e328bc43f6
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffe459e332a1b10f107cb3b44e018df6d434d4d150de0256d410d06f68ee6237