microsoftprojectg.xyz Open in urlscan Pro
80.87.196.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://microsoftprojectg.xyz/
Submission: On December 31 via api (December 31st 2020, 7:37:39 am UTC) from US

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 6 countries across 14 domains to perform 33 HTTP transactions. The main IP is 80.87.196.98, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is microsoftprojectg.xyz.

This is the only time microsoftprojectg.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	80.87.196.98 80.87.196.98	29182 (THEFIRST-AS) (THEFIRST-AS)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
1	199.60.103.29 199.60.103.29	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a04:4e42:3::649 2a04:4e42:3::649	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3033::ac43:d088	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	198.71.233.197 198.71.233.197	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
33	10

15 80.87.196.98 (Russian Federation) 1 redirects

ASN29182 (THEFIRST-AS, RU)
PTR: gigliliput30.fvds.ru

microsoftprojectg.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.60.103.29 (Canada)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.suretysolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::649 (Ascension Island)

ASN54113 (FASTLY, US)

www.wikihow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d088 (United States)

ASN13335 (CLOUDFLARENET, US)

cruise-ny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fe80:1010::16 (United Kingdom) 1 redirects

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.71.233.197 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-197.ip.secureserver.net

252.e47.myftpupload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

d.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	microsoftprojectg.xyz 1 redirects microsoftprojectg.xyz	259 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	148 KB
2	wikihow.com www.wikihow.com	65 KB
2	doubleclick.net googleads.g.doubleclick.net
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	648 B
1	newsweek.com d.newsweek.com	92 KB
1	myftpupload.com 252.e47.myftpupload.com	86 KB
1	secureservercdn.net 1 redirects secureservercdn.net	351 B
1	cruise-ny.com cruise-ny.com	13 KB
1	suretysolutions.com blog.suretysolutions.com	63 KB
1	wixstatic.com static.wixstatic.com	69 KB
33	14

	Domain	Requested by
15	microsoftprojectg.xyz	1 redirects microsoftprojectg.xyz
4	pagead2.googlesyndication.com	microsoftprojectg.xyz pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.wikihow.com	microsoftprojectg.xyz
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d.newsweek.com	microsoftprojectg.xyz
1	252.e47.myftpupload.com
1	secureservercdn.net	1 redirects
1	cruise-ny.com	microsoftprojectg.xyz
1	blog.suretysolutions.com	microsoftprojectg.xyz
1	static.wixstatic.com	microsoftprojectg.xyz
33	15

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-07` - `2021-03-06`	6 months	crt.sh
blog.suretysolutions.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
*.wikihow.com R3	`2020-12-05` - `2021-03-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-12` - `2021-07-12`	a year	crt.sh
*.e47.myftpupload.com Go Daddy Secure Certificate Authority - G2	`2019-02-11` - `2021-02-11`	2 years	crt.sh
d.newsweek.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-16` - `2021-02-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://microsoftprojectg.xyz/
Frame ID: 636E923FCAF65FD6D2FA35B03551C7C8
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: C2AAB052292DBADA1D9FA2C8749B78FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7592156143243290&output=html&adk=1812271804&adf=3025194257&lmt=1609400242&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fmicrosoftprojectg.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1609400242426&bpp=205&bdt=69&idt=307&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=382027973662&frm=20&pv=2&ga_vid=261045397.1609400243&ga_sid=1609400243&ga_hid=1489895304&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=4009836948543158&pem=107&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=321
Frame ID: 0672818D86632E2E9B988CA25FC481A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 783D00CE513CCA4E7138AEB0E9514240
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

33
Requests

58 %
HTTPS

45 %
IPv6

14
Domains

15
Subdomains

10
IPs

6
Countries

824 kB
Transfer

1457 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://microsoftprojectg.xyz/wp-content/themes/deep/css/fonts/fontawesome-free-svgs/chevron-right.svg HTTP 301
http://microsoftprojectg.xyz/executive-leadership/

Request Chain 21

https://secureservercdn.net/198.71.233.197/252.e47.myftpupload.com/wp-content/uploads/2018/06/Helix.jpg?time=1609205671 HTTP 301
https://252.e47.myftpupload.com/wp-content/uploads/2018/06/Helix.jpg?time=1609205671

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
microsoftprojectg.xyz/ 32 KB
5 KB 375ms
303ms Document
text/html 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: d2c0fec62d2748f266c57fd95201ff76ac34ca642f8940eb3e0f47b67c4c0dad

Request headers

Host: microsoftprojectg.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://microsoftprojectg.xyz/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47107
x-xss-protection: 0
server: cafe
etag: 13290078405355148527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Dec 2020 07:37:22 GMT

GET
H/1.1 200
OK style.min.css
microsoftprojectg.xyz/wp-includes/css/dist/block-library/ 50 KB
8 KB 94ms
90ms Stylesheet
text/css 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Dec 2020 12:21:40 GMT
Server: nginx
ETag: W/"5fc63554-c8e9"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
microsoftprojectg.xyz/wp-content/themes/deep/ 1 KB
1 KB 187ms
166ms Stylesheet
text/css 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/style.css?ver=1.0.2
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: f1c50dbbc7bc343044b38643518280616a3e9b30966da09a1e93c45dacb679c1

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-4fa"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rubik-font.css
microsoftprojectg.xyz/wp-content/themes/deep/css/ 649 B
506 B 187ms
166ms Stylesheet
text/css 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: e9779d981e3cbadc7780a82c9afbe0601f020b6d7dfc2374087c6aa9fb3bd31f

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-289"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK deep-theme-style.css
microsoftprojectg.xyz/wp-content/themes/deep/css/ 24 KB
6 KB 179ms
158ms Stylesheet
text/css 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/css/deep-theme-style.css?ver=1.0.2
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 5b6ac4b514cc258ec9a4b6426229d2040b0d9cc22ec008ba75987a1ee7890ef4

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-618f"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
microsoftprojectg.xyz/wp-includes/js/jquery/ 87 KB
31 KB 177ms
157ms Script
application/javascript 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2020 16:33:25 GMT
Server: nginx
ETag: W/"5f7dedd5-15d98"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
microsoftprojectg.xyz/wp-includes/js/jquery/ 11 KB
4 KB 183ms
162ms Script
application/javascript 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Nov 2020 09:31:13 GMT
Server: nginx
ETag: W/"5fb63b61-2bd8"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK navigation.js Show response
microsoftprojectg.xyz/wp-content/themes/deep//js/ 3 KB
1 KB 185ms
92ms Script
application/javascript 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep//js/navigation.js?ver=1.0.2
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: b01ff8e957863d48b5dbd16538bcd15dae28bcc38d20fd9169675fdcec44c44f

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-c03"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobile-menu.js Show response
microsoftprojectg.xyz/wp-content/themes/deep/js/ 628 B
618 B 264ms
86ms Script
application/javascript 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/js/mobile-menu.js?ver=1.0.2
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: d5fd0b6074cf83e99b08d765f5630974690dc7c39305d8a7acc763a654915082

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-274"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
microsoftprojectg.xyz/wp-includes/js/ 1 KB
1 KB 268ms
86ms Script
application/javascript 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 2019 00:17:07 GMT
Server: nginx
ETag: W/"5db39083-59a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Dec 2020 07:37:22 GMT

GET
H/1.1

200
OK

/
microsoftprojectg.xyz/executive-leadership/
Redirect Chain

http://microsoftprojectg.xyz/wp-content/themes/deep/css/fonts/fontawesome-free-svgs/chevron-right.svg
http://microsoftprojectg.xyz/executive-leadership/

9 KB
9 KB

111ms
110ms

Image
text/html

80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://microsoftprojectg.xyz/executive-leadership/
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/wp-content/themes/deep/css/deep-theme-style.css?ver=1.0.2
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://microsoftprojectg.xyz/wp-content/themes/deep/css/deep-theme-style.css?ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: http://microsoftprojectg.xyz/executive-leadership/
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK Rubik-Regular.ttf
microsoftprojectg.xyz/wp-content/themes/deep/fonts/rubik/ 129 KB
63 KB 108ms
107ms Font
application/octet-stream 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/fonts/rubik/Rubik-Regular.ttf
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 790cad6b1fc62515b8a60fbe76ce9c95f626289130ee8523e2a4483b9c83dec5

Request headers

Origin: http://microsoftprojectg.xyz
Referer: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-20384"
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK Rubik-SemiBold.ttf
microsoftprojectg.xyz/wp-content/themes/deep/fonts/rubik/ 129 KB
63 KB 120ms
120ms Font
application/octet-stream 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/fonts/rubik/Rubik-SemiBold.ttf
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 26cbd9bbb2f330c6f2e0b5a91630d4c0fcff35839f9b2fb48b9592ef04e0769e

Request headers

Origin: http://microsoftprojectg.xyz
Referer: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-20308"
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK Rubik-Bold.ttf
microsoftprojectg.xyz/wp-content/themes/deep/fonts/rubik/ 129 KB
63 KB 126ms
126ms Font
application/octet-stream 80.87.196.98
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://microsoftprojectg.xyz/wp-content/themes/deep/fonts/rubik/Rubik-Bold.ttf
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
Protocol: HTTP/1.1
Server: 80.87.196.98 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: gigliliput30.fvds.ru
Software: nginx /
Resource Hash: 525fa502a52d116c82af76cb82f8540e9a2996707044b756ba1cc7277df3409c

Request headers

Origin: http://microsoftprojectg.xyz
Referer: http://microsoftprojectg.xyz/wp-content/themes/deep/css/rubik-font.css?ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 13:58:52 GMT
Server: nginx
ETag: W/"5fec879c-20364"
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame C2AA 0
0 6ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://microsoftprojectg.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://microsoftprojectg.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 30 Dec 2020 09:58:13 GMT
expires: Wed, 13 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 77949
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 d225e0_55cce36d4c3048bcbdddbc3123f59679~mv2.png
static.wixstatic.com/media/d225e0_55cce36d4c3048bcbdddbc3123f59679~mv2.png/v1/fill/w_224,h_114,al_c,usm_0.66_1.00_0.01,blur_2/ 69 KB
69 KB 581ms
536ms Image
image/png 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/d225e0_55cce36d4c3048bcbdddbc3123f59679~mv2.png/v1/fill/w_224,h_114,al_c,usm_0.66_1.00_0.01,blur_2/d225e0_55cce36d4c3048bcbdddbc3123f59679~mv2.png
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: fe63cc285b2717356bc41868b7aa6fa77dba2d1d2483920190b251790b41dd06

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:23 GMT
via: 1.1 google
server: openresty/1.17.8.2
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1mPfeYb3X679Yu6BY0k9CHzTsL8
timing-allow-origin: *
alt-svc: clear
content-length: 70228
x-seen-by: image-manipulator-testbed-594dbcd6fb-vwm28

GET
H2 200 pexels-photo%20(3).jpg
blog.suretysolutions.com/hs-fs/hubfs/ 62 KB
63 KB 496ms
290ms Image
image/jpeg 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.suretysolutions.com/hs-fs/hubfs/pexels-photo%20(3).jpg?width=828&name=pexels-photo%20(3).jpg
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.29 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e429deb55719e0e973a41fcb0422255a790e479edf8ae6a3e0a4d76f2f27d3

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:23 GMT
via: 1.1 85fc1201a1918facbeb30836e7391661.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-4528912499,P-360382,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 63473
cf-request-id: 075953eac60000085b079b7000000001
last-modified: Tue, 22 Dec 2020 19:17:23 GMT
server: cloudflare
etag: "c25b72e7bd239d68cb44d435d701b43c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 60a255be0b6b085b-CDG
x-amz-cf-id: d5u9QHBjFiRvx_HDNX9w1QF3UF4vxzfbE3K0UMMle3mak1wwu3mFwQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 v4-460px-Change-a-Typewriter-Ribbon-Step-1-Version-2.jpg
www.wikihow.com/images/thumb/8/88/Change-a-Typewriter-Ribbon-Step-1-Version-2.jpg/ 34 KB
35 KB 26ms
8ms Image
image/jpeg 2a04:4e42:3::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wikihow.com/images/thumb/8/88/Change-a-Typewriter-Ribbon-Step-1-Version-2.jpg/v4-460px-Change-a-Typewriter-Ribbon-Step-1-Version-2.jpg

Requested by

Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::649 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d9841835b0f88ffe17ffb4d7c54cfd7cad7bc77e45994bd441fe23c43a78fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 15:05:58 GMT
age: 508040
etag: "59c8eb60bbe03e991b3f8025146c34b2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-c: cache-fra19121-FRA,H,508040
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 35072
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 10:30:02 GMT

GET
H2 200 v4-460px-Dress-as-a-Petite-Woman-Step-1.jpg
www.wikihow.com/images/thumb/a/a7/Dress-as-a-Petite-Woman-Step-1.jpg/ 30 KB
30 KB 31ms
13ms Image
image/jpeg 2a04:4e42:3::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wikihow.com/images/thumb/a/a7/Dress-as-a-Petite-Woman-Step-1.jpg/v4-460px-Dress-as-a-Petite-Woman-Step-1.jpg

Requested by

Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::649 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25eca7584cc09a0bdd945edc933c5a47599ef960591f0964c1421f7fb9538e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 06:51:04 GMT
age: 0
etag: "4cefc5e6a0990139706a0dffa64cb6f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-c: cache-fra19121-FRA,M
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 30694
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 07:37:22 GMT

GET
H2 200 cruise-ny-new-york-city-view.jpg
cruise-ny.com/wp-content/uploads/2018/07/ 13 KB
13 KB 446ms
416ms Image
image/png 2606:4700:3033::ac43:d088
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cruise-ny.com/wp-content/uploads/2018/07/cruise-ny-new-york-city-view.jpg
Requested by: Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1cca498904b87c8b14e4100203f31d6bd9b9cac47da3b99ec80f6042c91b47f9

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:23 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
content-length: 12890
cf-request-id: 075953ea1100004a74b8370000000001
last-modified: Mon, 26 Oct 2020 22:41:18 GMT
server: cloudflare
etag: "5f97508e-325a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nCy0K6RzNqg4hTXXr%2BxaWkLTabPh22YslUsZg28SLFLmk5Y034dbL7J2nv4mot%2Foei%2BhYCtaRejaM3RApLhP%2FngcM4P%2FakYLsMFDTN9YdJcaaeFJMPbJKakP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 60a255bcefa24a74-FRA

GET
H2

200

Helix.jpg
252.e47.myftpupload.com/wp-content/uploads/2018/06/
Redirect Chain

https://secureservercdn.net/198.71.233.197/252.e47.myftpupload.com/wp-content/uploads/2018/06/Helix.jpg?time=1609205671
https://252.e47.myftpupload.com/wp-content/uploads/2018/06/Helix.jpg?time=1609205671

85 KB
86 KB

401ms
185ms

Image
image/jpeg

198.71.233.197
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://252.e47.myftpupload.com/wp-content/uploads/2018/06/Helix.jpg?time=1609205671

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.71.233.197 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-197.ip.secureserver.net

Software

openresty /

Resource Hash

2d7a32387d94a223ec7205e3fd8f5c11c125cf7812b38e1bfc3ddc9aa89e2609

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 87413
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Jun 2018 17:15:56 GMT
server: openresty
date: Thu, 31 Dec 2020 07:37:23 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: MISS
etag: "15575-56e60e70f2b00"
accept-ranges: bytes

Redirect headers

date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://252.e47.myftpupload.com/wp-content/uploads/2018/06/Helix.jpg?time=1609205671
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 philip-rivers.jpg
d.newsweek.com/en/full/1693387/ 91 KB
92 KB 561ms
515ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1693387/philip-rivers.jpg?w=790&f=bea5e8804ee2c3cd133bf688a457e958

Requested by

Host: microsoftprojectg.xyz
URL: http://microsoftprojectg.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

5260253b3396c92228b26a9553f67557366f049e3a380952c928ccf51cd21398

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:23 GMT
x-cacheable: YES
server: Apache
etag: "1609400243"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1609400242.cds037.pa1.hn,1609400242.cds214.pa1.sc,1609400243.cds214.pa1.p
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
last-modified: Thu, 31 Dec 2020 07:37:23 GMT
accept-ranges: bytes

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
648 B 103ms
38ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=microsoftprojectg.xyz&callback=_gfp_s_&client=ca-pub-7592156143243290

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

240f844202e0a73baa1ed8d26256bc2db4b13ead1cb05b0088d53496cd5d40fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=microsoftprojectg.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoftprojectg.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0672 0
0 37ms
36ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7592156143243290&output=html&adk=1812271804&adf=3025194257&lmt=1609400242&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fmicrosoftprojectg.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1609400242426&bpp=205&bdt=69&idt=307&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=382027973662&frm=20&pv=2&ga_vid=261045397.1609400243&ga_sid=1609400243&ga_hid=1489895304&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=4009836948543158&pem=107&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=321

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7592156143243290&output=html&adk=1812271804&adf=3025194257&lmt=1609400242&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fmicrosoftprojectg.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1609400242426&bpp=205&bdt=69&idt=307&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=382027973662&frm=20&pv=2&ga_vid=261045397.1609400243&ga_sid=1609400243&ga_hid=1489895304&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=4009836948543158&pem=107&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=321
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://microsoftprojectg.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://microsoftprojectg.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 31 Dec 2020 07:37:22 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 31-Dec-2020 07:52:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 31 Dec 2020 07:37:22 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Thu, 31 Dec 2020 07:37:22 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
25ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83b6bf9f5540eb06bee38cf3cdd28d388652df515ea5761ffebaa1ffad9c88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 07:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 31 Dec 2020 07:37:22 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 783D 0
0 27ms
13ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://microsoftprojectg.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://microsoftprojectg.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 31 Dec 2020 06:02:36 GMT
expires: Fri, 31 Dec 2021 06:02:36 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5687
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 16ms
15ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=4009836948543158&bg=!KSqlKgrNAAUbEDgJG1iUCB9P8T4QTQIAAABhUgAAAAxoAQcKAX0FHQFd4Js6Sc3OrXdGckTCmPQRI8VL69FBZtm6lEu86e9EZDqTc4vY39RLenijubJovk5gZc3pUrkvMC9qE8zCdYs3FwFBVSMSc81uYOxjPCeBee7bIMvtxRYKtBjpTZkBbo9lp9Qemz9AYofxOVhtske5aVoWATSpiwqilhFNk8gpdNizZn3qXkNYxegdTrD6k68titUeVjT5XrWRDkfiV6Yy-3JtcMF3-EBMuMzDPn8a6Z_3cToFdOfFVaAsquL0ucIevFz6nxYD5udLcPGBQRGyxLc0MCOv3SK3WD3qGmx_wgcgwxRAwbsv9H3MV9dfocqEpMBjMNng00eLtUPFEr8l5Eh_-WcViRSy6VSFsz-QgkkvKNhAq45Q8nFOqh1MjRv8NjXHVMffEoMxYrKnfgbiyKyYUOnSuLwKnqqFZW5Q85Rq8-qCsaKr-TlYiHvfEB3rh60k98pL5WsYCSJDQEdwpP2NUfCqAtv--IrKPTzC2-ejEICtyYMmZImZAb0hKOoe0WKDgz_lq9LV_qghgnzJnPSFqTRpnj5GsQXe0OerFbTJranfknDZlwRNCboo3SEgS3mvZuBslDF86Cny7sBKd3Jq2t1aBy0SAPEEgQSnfXvbJu4fMpss4nv4UvQlkND9T_0y-qAUlEQZJH05ajxGuJPFdR16ZMg7Vwb5XTlYNpWATCahZrF4mFRgUO1aYn8QRE1A4kT3ZUY0Q_XWkDiAXcdCxamkFkCQ6a89L9UHq-EEsgVp2WZrJEx1npCEetbXO6mU0AjQ1vAyQufUhkZOyBm1BlE-s8MKS-octRC0RJSD9xZtvrHLmq_r3SxRIeoT6l5qei8LuvPcv0-kaX-S8kuvXD0jq75Nncv2g27JBqj2RSSdifDQ2V3dpVFKs6YedokwTOqykOT7ml4s1ZnXcI0tYBBZ4mdyeaPTYkwk83vtbjP2SaN6AR6C-RbdBZKkne7IikJyknC3f_zi52ryHxmie-uAZrZ-UBHefdxGewSGjfB1n3BtA9feJE-qdrA8Xiqs1BjtoTttx3GgN8htfcPASeCITT_E4TbERzCkUCvy5nprkzQprpLYwnXtmjHmQctgbnYaqwNU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://microsoftprojectg.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 07:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 15:03:21	Name: test_cookie Value: CheckForPermission
			.microsoftprojectg.xyz/	1970-01-20 00:24:56	Name: __gads Value: ID=0a6905dc28b45589-22e01d3378b9009d:T=1609400242:RT=1609400242:S=ALNI_MYbdYeJOmywfQNitSaQsIvQI1OLUg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://microsoftprojectg.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

252.e47.myftpupload.com
adservice.google.com
adservice.google.de
blog.suretysolutions.com
cruise-ny.com
d.newsweek.com
googleads.g.doubleclick.net
microsoftprojectg.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
secureservercdn.net
static.wixstatic.com
tpc.googlesyndication.com
www.googletagservices.com
www.wikihow.com
151.139.128.11
172.217.21.226
198.71.233.197
199.60.103.29
2606:4700:3033::ac43:d088
2a00:1450:4001:808::2002
2a00:1450:4001:81d::2001
2a02:fe80:1010::16
2a04:4e42:3::649
34.102.176.152
80.87.196.98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1cca498904b87c8b14e4100203f31d6bd9b9cac47da3b99ec80f6042c91b47f9
240f844202e0a73baa1ed8d26256bc2db4b13ead1cb05b0088d53496cd5d40fa
25eca7584cc09a0bdd945edc933c5a47599ef960591f0964c1421f7fb9538e04
26cbd9bbb2f330c6f2e0b5a91630d4c0fcff35839f9b2fb48b9592ef04e0769e
2d7a32387d94a223ec7205e3fd8f5c11c125cf7812b38e1bfc3ddc9aa89e2609
525fa502a52d116c82af76cb82f8540e9a2996707044b756ba1cc7277df3409c
5260253b3396c92228b26a9553f67557366f049e3a380952c928ccf51cd21398
5b6ac4b514cc258ec9a4b6426229d2040b0d9cc22ec008ba75987a1ee7890ef4
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
790cad6b1fc62515b8a60fbe76ce9c95f626289130ee8523e2a4483b9c83dec5
8d9841835b0f88ffe17ffb4d7c54cfd7cad7bc77e45994bd441fe23c43a78fbf
a5e429deb55719e0e973a41fcb0422255a790e479edf8ae6a3e0a4d76f2f27d3
b01ff8e957863d48b5dbd16538bcd15dae28bcc38d20fd9169675fdcec44c44f
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c83b6bf9f5540eb06bee38cf3cdd28d388652df515ea5761ffebaa1ffad9c88f
d2c0fec62d2748f266c57fd95201ff76ac34ca642f8940eb3e0f47b67c4c0dad
d5fd0b6074cf83e99b08d765f5630974690dc7c39305d8a7acc763a654915082
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9779d981e3cbadc7780a82c9afbe0601f020b6d7dfc2374087c6aa9fb3bd31f
f1c50dbbc7bc343044b38643518280616a3e9b30966da09a1e93c45dacb679c1
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
fe63cc285b2717356bc41868b7aa6fa77dba2d1d2483920190b251790b41dd06

microsoftprojectg.xyz Open in urlscan Pro 80.87.196.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

58 %HTTPS

45 %IPv6

14 Domains

15 Subdomains

10 IPs

6 Countries

824 kBTransfer

1457 kBSize

2 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

microsoftprojectg.xyz Open in urlscan Pro
80.87.196.98 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

58 %
HTTPS

45 %
IPv6

14
Domains

15
Subdomains

10
IPs

6
Countries

824 kB
Transfer

1457 kB
Size

2
Cookies

33 HTTP transactions
0 data transactions