urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-windows8.ru Open in urlscan Pro
2606:4700:30::6812:29a8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://microsoft-windows8.ru/
Effective URL: https://microsoft-windows8.ru/
Submission: On December 23 via manual from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 15 domains to perform 54 HTTP transactions. The main IP is 2606:4700:30::6812:29a8, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is microsoft-windows8.ru.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 12th 2019. Valid for: a year.
This is the only time microsoft-windows8.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 2606:4700:30:... 13335 (CLOUDFLAR...)
1 151.101.65.195 54113 (FASTLY)
2 5 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 2a02:6b8::1:119 13238 (YANDEX)
1 2 88.208.46.221 39572 (ADVANCEDH...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 216.58.207.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.195 54113 (FASTLY)
54 14
28    2606:4700:30::6812:29a8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
microsoft-windows8.ru
1    151.101.65.195 (United States)

ASN54113 (FASTLY - Fastly, US)
zxtst-44902.firebaseapp.com
5    2606:4700:30::681b:a59a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
fernomius.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    88.208.46.221 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
actpx.com
actiflex.org
1    2606:4700:30::681c:f6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
torrent5.net
6    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
4    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    151.101.1.195 (United States)

ASN54113 (FASTLY - Fastly, US)
ad.os-helper.ru
Domain Requested by
28 microsoft-windows8.ru 1 redirects microsoft-windows8.ru
6 mc.yandex.ru 1 redirects microsoft-windows8.ru
mc.yandex.ru
5 fernomius.com 2 redirects microsoft-windows8.ru
fernomius.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
microsoft-windows8.ru
3 www.googletagservices.com zxtst-44902.firebaseapp.com
securepubads.g.doubleclick.net
2 fonts.gstatic.com microsoft-windows8.ru
1 pagead2.googlesyndication.com
1 googleads.g.doubleclick.net ad.os-helper.ru
1 ad.os-helper.ru microsoft-windows8.ru
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 torrent5.net microsoft-windows8.ru
1 actiflex.org fernomius.com
1 actpx.com 1 redirects
1 fonts.googleapis.com microsoft-windows8.ru
1 zxtst-44902.firebaseapp.com microsoft-windows8.ru
54 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-12 -
2020-10-09		 a year crt.sh
firebaseapp.com
GTS CA 1O1		 2019-10-28 -
2020-10-26		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
actiflex.org
Let's Encrypt Authority X3		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
apps.camerareadycosmetics.com
Let's Encrypt Authority X3		 2019-12-14 -
2020-03-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://microsoft-windows8.ru/
Frame ID: 6746488975C45F97A0944A75401CB3AD
Requests: 48 HTTP requests in this frame

Frame: https://actiflex.org/pf?p=341&uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1
Frame ID: A3C71DDA8E812FB7D0005550584822B1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFrN1ym6M8dX8Zl7vpZHdEKzfTpnU5hjI36x3o5hAGfZLhZK4Q-3a5rZZ8cAU6Gb9y0tbnrRpKLyBoztZMstqsWK1zdlv1di5KAkdy0WeXj0O6T09tfOk7wwWqNw5KLKAkTFqW_RHHoMp5IbPRjD15xhE3mpm9ejnf2479Wpu_Rt-NKIo_dXiyED4vyi4vkEJqBYjWwwKosIuGULMw8xAl5MQOdQvm8FaTX6hlFJ7ezHtrPznTJ8BRuami2vk5NVY8Etw8DnUk&sai=AMfl-YTr8XXQaVtHAtFR3L3CppbXixL1EAupLKCWd0DeAe_QMluvll-Q7nInxlERwTIOtIntER4f-W8TI0xE61CnsAVjB_xsFnpu5YUZp6Gd&sig=Cg0ArKJSzI0VD7z4BxYYEAE&urlfix=1&adurl=
Frame ID: 48F2F7FD1391B85BC8A1486BCBCDD1A9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZX1/ZX1ADNSTR&adk=3472495436&adf=3260733823&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fos-helper.ru%2F&ea=0&flash=0&wgl=1&adsid=ChAI8Ir27AUQk5Cg1Ii73dxeEkwAojV1Rf1aAXbmGJwlvfmW5QHbOGw5Om6yHOGLfyucL50nfZmlmpWiLz2RnPXOhCv_zs0FtfQ0Xu934_GxKiAtTZpDRsu_6FShaNJW&dt=1570604450761&bpp=172&bdt=124&fdt=308&idt=311&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1769298160690&frm=23&ife=1&pv=2&ga_vid=565924690.1541591133&ga_sid=1570604451&ga_hid=394466285&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=55&biw=877&bih=670&isw=833&ish=534&ifk=2248178731&scr_x=0&scr_y=0&eid=229739147%2C229739149&oid=3&pvsid=854900375688159&pem=23&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C833%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-8-11&ifi=1&uci=1.djot4uyf0m1u&fsb=1&p=https%3A%2F%2Fos-helper.ru%2F&dtd=401&0.6724687396692377
Frame ID: ABBD59CBBC30CE209C3620D1E280623E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://microsoft-windows8.ru/ HTTP 301
    https://microsoft-windows8.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

54
Requests

100 %
HTTPS

69 %
IPv6

15
Domains

17
Subdomains

14
IPs

4
Countries

972 kB
Transfer

1653 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://microsoft-windows8.ru/ HTTP 301
    https://microsoft-windows8.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22ADNSTR%22:{%22microsoft-windows8.ru%22:{%22https://microsoft-windows8.ru/%22:%22%22}}}&r=0.037548630332179256 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22ADNSTR%22%3A%7B%22microsoft-windows8.ru%22%3A%7B%22https%3A%2F%2Fmicrosoft-windows8.ru%2F%22%3A%22%22%7D%7D%7D&r=0.037548630332179256
Request Chain 35
  • https://fernomius.com/js/sync?visitor_id=18be30d4-275a-49f5-a047-8ac2cecf20a0 HTTP 302
  • https://actpx.com/sync?callback=%2F%2Ffernomius.com%2Fjs%2Fsyncback%3Fvisitor_id%3D18be30d4-275a-49f5-a047-8ac2cecf20a0 HTTP 302
  • https://fernomius.com/js/syncback?uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1&visitor_id=18be30d4-275a-49f5-a047-8ac2cecf20a0 HTTP 302
  • https://actiflex.org/pf?p=341&uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-windows8.ru/
Redirect Chain
  • http://microsoft-windows8.ru/
  • https://microsoft-windows8.ru/
52 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
627b40e4ddfd9d17e987c849ccf735b63676ac4ef9c8c2f40719ad9cb78263b0

Request headers

:method
GET
:authority
microsoft-windows8.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=d823c8374113e6e4e63c4da5bf9d229f01577084731
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 23 Dec 2019 07:05:31 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54987cd3f8f8cbac-VIE
content-encoding
br

Redirect headers

Date
Mon, 23 Dec 2019 07:05:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d823c8374113e6e4e63c4da5bf9d229f01577084731; expires=Wed, 22-Jan-20 07:05:31 GMT; path=/; domain=.microsoft-windows8.ru; HttpOnly; SameSite=Lax
X-Powered-By
PHP/5.6.40
X-Redirect-By
WordPress
Location
https://microsoft-windows8.ru/
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54987cd2eb225964-VIE
swipebox.min.css
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.2.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 01 Dec 2019 05:39:09 GMT
server
cloudflare
etag
W/"5de351fd-1080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
54987cd64e2bcbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
pagenavi-css.css
microsoft-windows8.ru/wp-content/plugins/wp-pagenavi/ 		374 B
314 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Nov 2019 05:24:02 GMT
server
cloudflare
etag
W/"5dcce4f2-176"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
54987cd64e2ccbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
style.css
microsoft-windows8.ru/wp-content/themes/blogpost2/ 		78 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/style.css
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77b50eb5f3e60eff655e7359b31ae8ee2b2119f79b455ba1235fb35ccdf0715

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
etag
W/"5910aea4-13887"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
54987cd64e38cbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
jquery.js
microsoft-windows8.ru/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 21 May 2019 20:43:56 GMT
server
cloudflare
etag
W/"5ce4630c-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd64e39cbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
jquery.swipebox.min.js
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.2.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fecc6157919ffc41b052ae7e49726e205c75b847aef46daab8d75e29a48b95f

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 01 Dec 2019 05:39:09 GMT
server
cloudflare
etag
W/"5de351fd-32a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd64e3bcbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
infinite-scroll.pkgd.min.js
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.3.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 01 Dec 2019 05:39:09 GMT
server
cloudflare
etag
W/"5de351fd-640f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd64e3ccbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
front.js
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/js/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.2.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48555977de52a497e0dd8fe5aaf9ebf2df20bf16340340f4012baaa8153e490b

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 01 Dec 2019 05:39:09 GMT
server
cloudflare
etag
W/"5de351fd-6912"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd64e3fcbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
msft0101-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/msft0101-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb64f3c876ebdc8d48ed378d25e1f9a904d50fb5f806b22ef1b25e294634f6de

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Sat, 07 Dec 2019 20:22:56 GMT
server
cloudflare
etag
"5dec0a20-23012"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd64e41cbac-VIE
content-length
143378
expires
Mon, 30 Dec 2019 07:05:31 GMT
joytokey-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/joytokey-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f52f3ab1c70cee6290110e36e3c3c2c71782f6958b2133b09825fb5086d99f6

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Sat, 07 Dec 2019 19:28:16 GMT
server
cloudflare
etag
"5debfd50-d9b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd64e42cbac-VIE
content-length
55728
expires
Mon, 30 Dec 2019 07:05:31 GMT
microsoft-publisher-2010-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/microsoft-publisher-2010-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ae790ab38dfdf2b6430ee0626c9f0d8b8d6be9a242c758a0ba146275a7492

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 18:46:29 GMT
server
cloudflare
etag
"5deaa205-2c25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e75cbac-VIE
content-length
11301
expires
Mon, 30 Dec 2019 07:05:31 GMT
unhackme-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/unhackme-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb683965690ef77063c845ebb85c9b7eae4c72fd7d91986bb943607d2511c3e9

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 18:33:13 GMT
server
cloudflare
etag
"5dea9ee9-4ca8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e76cbac-VIE
content-length
19624
expires
Mon, 30 Dec 2019 07:05:32 GMT
loaris-trojan-remover-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/loaris-trojan-remover-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
952d30834a64170ec793f2601ad3903b1c3dd245605693890a619f0ab563b0eb

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 16:58:28 GMT
server
cloudflare
etag
"5dea88b4-35cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e78cbac-VIE
content-length
13771
expires
Mon, 30 Dec 2019 07:05:31 GMT
unturned--400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/unturned--400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd743238641442a959392b3eeb007b3d231f75a21d0f06936dd95b1ca9decf1

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Dec 2019 15:53:35 GMT
server
cloudflare
etag
"5de927ff-5e25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e7acbac-VIE
content-length
24101
expires
Mon, 30 Dec 2019 07:05:31 GMT
ableton-live-suite-10-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/ableton-live-suite-10-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db934f720e7effa5be74fca3fce38585fa4c0ae1b057d6cafad55b0d98697983

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Dec 2019 15:26:19 GMT
server
cloudflare
etag
"5de9219b-15951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e7bcbac-VIE
content-length
88401
expires
Mon, 30 Dec 2019 07:05:32 GMT
fl-studio-20-refx-nexus-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/fl-studio-20-refx-nexus-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0dfd0285f6b376249f6c72e686e46d8245eb3dae623be41161102e581a048e

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Dec 2019 15:12:30 GMT
server
cloudflare
etag
"5de91e5e-285a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e7ccbac-VIE
content-length
165280
expires
Mon, 30 Dec 2019 07:05:31 GMT
itunes-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/itunes-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4795d1e87d0bbee591f993f747022663aeeb53e6b4649190366ea66377be5493

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Dec 2019 14:57:21 GMT
server
cloudflare
etag
"5de91ad1-1b616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd65e81cbac-VIE
content-length
112150
expires
Mon, 30 Dec 2019 07:05:31 GMT
21120201.js
zxtst-44902.firebaseapp.com/adx/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zxtst-44902.firebaseapp.com/adx/21120201.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
1081aa1f2a8ddecb23d2935dd459985dc699d0552630a358e6e27b638004f34d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 20:39:03 GMT
x-timer
S1577084732.978650,VS0,VE0
etag
b3d02699280ef80fc3544f81c8134cb9d6a08c8a601a97008e2a51e1d52e8986
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Mon, 23 Dec 2019 07:05:31 GMT
x-cache-hits
39
accept-ranges
bytes
content-length
3351
x-served-by
cache-ams21023-AMS
superfish.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/superfish.js?ver=1.4.8.
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5234de470f20128434aef3e74cc4da80d564f6ffd6dac6bdb2f8810b1ea6bb

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
etag
W/"5910aea4-9d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e58cbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
jquery.flexslider-min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/jquery.flexslider-min.js?ver=1.2.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56b08590b93eda20511daa2bfa928102159e396f10f55f4ae7e9298f6e5a9d5

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
etag
W/"5910aea4-5747"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e66cbac-VIE
expires
Mon, 30 Dec 2019 07:05:32 GMT
theia-sticky-sidebar.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/theia-sticky-sidebar.js?ver=1.1.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1e94a90ccb99cd60d29d88322e3f7af0beb126d4b2bc820eda01c8e4aa4ba5

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
etag
W/"5910aea4-f53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e69cbac-VIE
expires
Mon, 30 Dec 2019 07:05:32 GMT
jquery.mmenu.min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/jquery.mmenu.min.js?ver=5.6.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c89b9482b7bc2992f14befb2484e11559f6af55e666a3cf865a720f6d4d04e

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
84286
etag
W/"5910aea4-3eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e6acbac-VIE
expires
Sun, 29 Dec 2019 07:40:45 GMT
headhesive.min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/headhesive.min.js?ver=1.2.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb97637f93dce2abbbf13b35e057e9c7657b41f0d3dcce5ced279b56f3687e5

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
84286
etag
W/"5910aea4-c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e6dcbac-VIE
expires
Sun, 29 Dec 2019 07:40:45 GMT
responsiveCarousel.min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/responsiveCarousel.min.js?ver=1.2.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e1482e4fd2efdbd898b95620e1a67f3825d8c429a14ee9b502af5bfe3b38ce

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
84286
etag
W/"5910aea4-1f51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e6fcbac-VIE
expires
Sun, 29 Dec 2019 07:40:45 GMT
custom.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/custom.js?ver=1.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee32713a9c2829fd1530ca13167292579e63df8c18f2be0dc69113db8a3539b

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
etag
W/"5910aea4-94e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e70cbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
q2w3-fixed-widget.min.js
microsoft-windows8.ru/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Jul 2019 15:11:49 GMT
server
cloudflare
etag
W/"5d3dbb35-1108"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e71cbac-VIE
expires
Mon, 30 Dec 2019 07:05:31 GMT
universalis.js
microsoft-windows8.ru/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/universalis.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e433d796f597ba64786576bfa8059f9b38a32f14a611eb2dfa9d442183f7a522

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 04 Dec 2019 09:01:54 GMT
server
cloudflare
etag
W/"5de77602-150e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd65e73cbac-VIE
expires
Mon, 30 Dec 2019 07:05:32 GMT
73565.js
fernomius.com/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fernomius.com/73565.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a59a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
526ce8f18971816f2bad5c23b92f1ab069c1ca97d0c5d0effe932c70723194ed

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
54987cd6dd6acbb0-VIE
expires
0
css
fonts.googleapis.com/ 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700&subset=cyrillic
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7c4dbd662f97d8bed0037e9f37bd98b67a75fc4f84ac01f3334547b467dfd7c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 23 Dec 2019 07:05:32 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 23 Dec 2019 07:05:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:32 GMT
0011.png
microsoft-windows8.ru/wp-content/uploads/2018/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2018/06/0011.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29a8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30f2063292920ab7bceb5729a1e51ab3b7eddad5ece5ea1371db94059f5bf57

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Jun 2018 13:20:46 GMT
server
cloudflare
etag
"5b1fc8ae-ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
54987cd78956cbac-VIE
content-length
3778
expires
Mon, 30 Dec 2019 07:05:32 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZXMf6hPvhPUWH.woff2
fonts.gstatic.com/s/merriweather/v21/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6hPvhPUWH.woff2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d66a1370af864dbcba984a23b2b4cac6147bc6e8d3e2831af7be53a6b8f624c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Merriweather:400,700&subset=cyrillic
Origin
https://microsoft-windows8.ru

Response headers

date
Fri, 20 Dec 2019 06:00:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:00 GMT
server
sffe
age
263078
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9048
x-xss-protection
0
expires
Sat, 19 Dec 2020 06:00:54 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Merriweather:400,700&subset=cyrillic
Origin
https://microsoft-windows8.ru

Response headers

date
Fri, 20 Dec 2019 03:49:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:58 GMT
server
sffe
age
270979
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12192
x-xss-protection
0
expires
Sat, 19 Dec 2020 03:49:13 GMT
/
mc.yandex.ru/watch/50803036/ADNSTR/ 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/50803036/ADNSTR/?r=0.5917890433569482
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 07:05:32 GMT
Last-Modified
Mon, 23-Dec-2019 07:05:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Dec-2019 07:05:32 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22ADNSTR%22:{%22microsoft-windows8.ru%22:{%22https://microsoft-windows8.ru/%22:%22%22}}}&r=0.037548630332179256
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22ADNSTR%22%3A%7B%22microsoft-windows8.ru%22%3A%7B%22https%3A%2F%2Fmicrosoft-windows8.ru%2F%22%3A%22%22%7D%7D%7D&r=0.037548630332179256
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22ADNSTR%22%3A%7B%22microsoft-windows8.ru%22%3A%7B%22https%3A%2F%2Fmicrosoft-windows8.ru%2F%22%3A%22%22%7D%7D%7D&r=0.037548630332179256
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 07:05:32 GMT
Last-Modified
Mon, 23-Dec-2019 07:05:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Location
/watch/53428543/1?wmode=7&site-info=%7B%22ADNSTR%22%3A%7B%22microsoft-windows8.ru%22%3A%7B%22https%3A%2F%2Fmicrosoft-windows8.ru%2F%22%3A%22%22%7D%7D%7D&r=0.037548630332179256
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Dec-2019 07:05:32 GMT
12710
fernomius.com/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fernomius.com/12710
Requested by
Host: fernomius.com
URL: https://fernomius.com/73565.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a59a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5218316a80206dc1ee97d7c4bd50eea4d9515b5d8dfb6bcf98ab4a9eeb553554

Request headers

Referer
https://microsoft-windows8.ru/
Origin
https://microsoft-windows8.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json
access-control-allow-origin
https://microsoft-windows8.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
54987cd7bf86cbb0-VIE
expires
0
set
fernomius.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fernomius.com/event/set
Requested by
Host: fernomius.com
URL: https://fernomius.com/73565.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a59a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://microsoft-windows8.ru/
Origin
https://microsoft-windows8.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://microsoft-windows8.ru
access-control-allow-credentials
true
cf-ray
54987cd8186fcbb0-VIE
access-control-allow-headers
Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Cookie set pf
actiflex.org/ Frame A3C7
Redirect Chain
  • https://fernomius.com/js/sync?visitor_id=18be30d4-275a-49f5-a047-8ac2cecf20a0
  • https://actpx.com/sync?callback=%2F%2Ffernomius.com%2Fjs%2Fsyncback%3Fvisitor_id%3D18be30d4-275a-49f5-a047-8ac2cecf20a0
  • https://fernomius.com/js/syncback?uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1&visitor_id=18be30d4-275a-49f5-a047-8ac2cecf20a0
  • https://actiflex.org/pf?p=341&uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://actiflex.org/pf?p=341&uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1
Requested by
Host: fernomius.com
URL: https://fernomius.com/73565.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.221 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash

Request headers

Host
actiflex.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://microsoft-windows8.ru/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://microsoft-windows8.ru/

Response headers

Server
nginx/1.17.3
Date
Mon, 23 Dec 2019 07:05:32 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_ssp_uid=Vtv1C2xKQWeqEvVJtCIBHg; Path=/; Expires=Sat, 21 Dec 2024 10:05:32 +0300
Content-Encoding
gzip

Redirect headers

status
302
date
Mon, 23 Dec 2019 07:05:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dae2c55fba0b1a5b3b2864f32e26eb54b1577084732; expires=Wed, 22-Jan-20 07:05:32 GMT; path=/; domain=.fernomius.com; HttpOnly; SameSite=Lax; Secure
location
//actiflex.org/pf?p=341&uid=Vtv1C2xKQWeqEvVJtCIBHg&dmpNewUser=1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54987cd97bc0cbb0-VIE
appUbarButton.js
torrent5.net/templates/t5net/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://torrent5.net/templates/t5net/js/appUbarButton.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b265a7940c5f0e9736dcd102155488332288a41e75d3a4a665fcf231bae715e8

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Jun 2018 15:55:17 GMT
server
cloudflare
etag
W/"5b37a7e5-2751"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
cf-ray
54987cd97ecccbc4-VIE
expires
Mon, 30 Dec 2019 07:05:32 GMT
watch.js
mc.yandex.ru/metrika/ 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3ce5e6e6f4c06a55b694a7444df3046b202de6bdb3f63b7949b33a0d9e67c6b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:05:32 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Dec 2019 10:33:56 GMT
Server
nginx/1.14.2
ETag
"5def7494-9e02"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40450
Expires
Mon, 23 Dec 2019 08:05:32 GMT
41963294
mc.yandex.ru/watch/ 		152 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/41963294?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577084731223%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191223080532%3Aet%3A1577084732%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A955876782%3Ahid%3A86265541%3Ads%3A0%2C30%2C281%2C3%2C256%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A688%3Agdpr%3A14%3Av%3A1784%3Ast%3A1577084732%3Au%3A1577084732885267627%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2010
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
dc409deae3cfca10fdea0259f1cde112b3ddd780153007776c9425a37a2d040a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microsoft-windows8.ru/
Origin
https://microsoft-windows8.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 07:05:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23-Dec-2019 07:05:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://microsoft-windows8.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Dec-2019 07:05:32 GMT
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js?zx
Requested by
Host: zxtst-44902.firebaseapp.com
URL: https://zxtst-44902.firebaseapp.com/adx/21120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"375 / 311 of 1000 / last-modified: 1576520981"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15827
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:32 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Dec 2019 07:05:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 23 Dec 2019 08:05:32 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=microsoft-windows8.ru
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=microsoft-windows8.ru
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2608011734598484&correlator=1017755786572313&output=ldjh&impl=fif&adsid=NT&eid=21064169%2C21065202&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191223&iu=%2F60274849%2FZX-ADNSTR&sz=300x600&cust_params=seg_id%3D21120200%26site_domen%3Dmicrosoft-windows8.ru%26site_topdomen%3Dmicrosoft-windows8.ru%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%259F%25D1%2580%25D0%25BE%25D0%25B3%25D1%2580%25D0%25B0%25D0%25BC%25D0%25BC%25D1%258B%2520%25D0%25B4%25D0%25BB%25D1%258F%2520Windows%252010%2520&cookie_enabled=1&bc=31&abxe=1&lmt=1577084732&dt=1577084732919&dlt=1577084731801&idt=1104&frm=20&biw=1585&bih=1200&oid=3&adx=1072&ady=352&adk=4250343942&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&dssz=34&icsg=11542724606&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x600&msz=301x600&ga_vid=740205642.1577084733&ga_sid=1577084733&ga_hid=1298132690&fws=4&ohw=1585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
bd215cde58cbb5a4b39178efcaf6ea62ad69a3f30d9f6da214413bbc96660c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://microsoft-windows8.ru/
Origin
https://microsoft-windows8.ru

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2104
x-xss-protection
0
google-lineitem-id
5194630924
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138290568237
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://microsoft-windows8.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:32 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 48F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFrN1ym6M8dX8Zl7vpZHdEKzfTpnU5hjI36x3o5hAGfZLhZK4Q-3a5rZZ8cAU6Gb9y0tbnrRpKLyBoztZMstqsWK1zdlv1di5KAkdy0WeXj0O6T09tfOk7wwWqNw5KLKAkTFqW_RHHoMp5IbPRjD15xhE3mpm9ejnf2479Wpu_Rt-NKIo_dXiyED4vyi4vkEJqBYjWwwKosIuGULMw8xAl5MQOdQvm8FaTX6hlFJ7ezHtrPznTJ8BRuami2vk5NVY8Etw8DnUk&sai=AMfl-YTr8XXQaVtHAtFR3L3CppbXixL1EAupLKCWd0DeAe_QMluvll-Q7nInxlERwTIOtIntER4f-W8TI0xE61CnsAVjB_xsFnpu5YUZp6Gd&sig=Cg0ArKJSzI0VD7z4BxYYEAE&urlfix=1&adurl=
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Dec 2019 07:05:33 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:33 GMT
zxvr.96
ad.os-helper.ru/ADNSTR/ Frame 48F2 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.os-helper.ru/ADNSTR/zxvr.96
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
773f731c9b7490f731b26db39f13e6dea1d4ee8e44ff5cb9dc443361755df432
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 20:39:03 GMT
x-timer
S1577084733.159729,VS0,VE1
etag
e8c6dec9e8f076607f8d30cb6eddacaae846a5d43d4021a9419dd924b1da4003
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Mon, 23 Dec 2019 07:05:33 GMT
x-cache-hits
1
accept-ranges
bytes
content-length
1540
x-served-by
cache-ams21040-AMS
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 48F2 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:33 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 07:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Mon, 23 Dec 2019 07:05:33 GMT
truncated
/ Frame 48F2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
283a0746d496c9bfabb54ef38485e49f9fa8614ef446d0e1850521edf9db3e84

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame ABBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZX1/ZX1ADNSTR&adk=3472495436&adf=3260733823&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fos-helper.ru%2F&ea=0&flash=0&wgl=1&adsid=ChAI8Ir27AUQk5Cg1Ii73dxeEkwAojV1Rf1aAXbmGJwlvfmW5QHbOGw5Om6yHOGLfyucL50nfZmlmpWiLz2RnPXOhCv_zs0FtfQ0Xu934_GxKiAtTZpDRsu_6FShaNJW&dt=1570604450761&bpp=172&bdt=124&fdt=308&idt=311&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1769298160690&frm=23&ife=1&pv=2&ga_vid=565924690.1541591133&ga_sid=1570604451&ga_hid=394466285&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=55&biw=877&bih=670&isw=833&ish=534&ifk=2248178731&scr_x=0&scr_y=0&eid=229739147%2C229739149&oid=3&pvsid=854900375688159&pem=23&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C833%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-8-11&ifi=1&uci=1.djot4uyf0m1u&fsb=1&p=https%3A%2F%2Fos-helper.ru%2F&dtd=401&0.6724687396692377
Requested by
Host: ad.os-helper.ru
URL: https://ad.os-helper.ru/ADNSTR/zxvr.96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZX1/ZX1ADNSTR&adk=3472495436&adf=3260733823&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fos-helper.ru%2F&ea=0&flash=0&wgl=1&adsid=ChAI8Ir27AUQk5Cg1Ii73dxeEkwAojV1Rf1aAXbmGJwlvfmW5QHbOGw5Om6yHOGLfyucL50nfZmlmpWiLz2RnPXOhCv_zs0FtfQ0Xu934_GxKiAtTZpDRsu_6FShaNJW&dt=1570604450761&bpp=172&bdt=124&fdt=308&idt=311&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1769298160690&frm=23&ife=1&pv=2&ga_vid=565924690.1541591133&ga_sid=1570604451&ga_hid=394466285&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=55&biw=877&bih=670&isw=833&ish=534&ifk=2248178731&scr_x=0&scr_y=0&eid=229739147%2C229739149&oid=3&pvsid=854900375688159&pem=23&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C833%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-8-11&ifi=1&uci=1.djot4uyf0m1u&fsb=1&p=https%3A%2F%2Fos-helper.ru%2F&dtd=401&0.6724687396692377
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://microsoft-windows8.ru/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn0VD33SS05wBjD0t7ZajP2lrqNViQw1KR9ggh9a6majdGnkeIUnYWajyjp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://microsoft-windows8.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Dec 2019 07:05:33 GMT
server
cafe
content-length
21844
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
activeview
pagead2.googlesyndication.com/pcs/ Frame 48F2 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbQcpi_ZuJsk3YiA_FjWJA-TUFEIq73Q7x1AAZi1hsKwMznlosjU0Qin_BCwa219-ulFHV-6UfQyM8lZKJ5-csexKBMwrawnj_3DKPi2A&sig=Cg0ArKJSzL6lJb2uF6n7EAE&adk=4250343942&tt=-1&bs=1585%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=352,1072,952,1372&mcvt=1011&rs=0&ht=0&tfs=224&tls=1235&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&lm=2&rst=1577084733006&dlt&rpt=153&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C1682&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-13-5-12-12-0-0-0&tvt=1232&is=300%2C600&iframe_loc=https%3A%2F%2Fmicrosoft-windows8.ru%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 07:05:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| wpnConfig undefined| $ function| jQuery function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs string| ajaxUrlFlatPM object| _0xe9aa number| zxadflg_rich_stat string| zxadblockmng_ext string| zxadpartner_ext string| yamId number| zx_ad_flg boolean| zx_flgCap string| url1 string| url2 string| url3 string| slot_ext string| zxadblock_ext string| domen string| site_topdomen object| t object| sbmt object| npt object| d function| __ksinit object| pseudo_links function| gotoal function| xdfk72078 object| jQuery1124013780655014489485 function| Headhesive function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar function| flatPM_arcticmodalLoad boolean| duplicateMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random function| ff undefined| flat_body object| flat_stack_scripts object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear number| flat_dateMonth number| flat_dateDay string| flat_dateHours string| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| parseHTML function| flatPM_setSCRIPT function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading number| uBarFlowId object| ubar_button_callback object| Ya object| yaCounter41963294 object| appUbarButton string| OFGA_V number| OFGA_CE string| OFGA_OFFER string| OFGA_SOURCE string| OFGA_LAND string| OFGA_DOMAIN string| OFGA_SUB_1 string| OFGA_SUB_2 string| OFGA_SUB_3 string| OFGA_SUB_4 string| OFGA_SUB_5 string| OFGA_SUB_6 string| OFGA_SUB_7 string| OFGA_OL string| OFGA_WM object| OFGA_RE object| ofgaLink function| setCookie function| getCookie function| browserDetect string| zx_network_prefix string| zx_ad_slot_default string| zx_banner_w_default string| zx_banner_h_default string| BannerSize_default number| flg_dfp object| t2 object| e2 string| zx_ad_place number| zx_ad_width number| zx_ad_height string| zx_ad_slot number| cw number| ch object| tt98 string| txt98 string| txt99 string| stl98 string| BannerSize object| e object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

5 Cookies

Domain/Path Name / Value
actiflex.org/ Name: _ssp_uid
Value: Vtv1C2xKQWeqEvVJtCIBHg
.microsoft-windows8.ru/ Name: _ym_d
Value: 1577084732
.microsoft-windows8.ru/ Name: _ym_isad
Value: 2
.microsoft-windows8.ru/ Name: _ym_uid
Value: 1577084732885267627
.microsoft-windows8.ru/ Name: __cfduid
Value: d823c8374113e6e4e63c4da5bf9d229f01577084731

1 Console Messages

Source Level URL
Text
console-api log URL: https://microsoft-windows8.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9(Line 1)
Message:
q2w3_sidebar_options not found!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actiflex.org
actpx.com
ad.os-helper.ru
adservice.google.com
adservice.google.de
fernomius.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
microsoft-windows8.ru
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
torrent5.net
tpc.googlesyndication.com
www.googletagservices.com
zxtst-44902.firebaseapp.com
151.101.1.195
151.101.65.195
216.58.207.66
2606:4700:30::6812:29a8
2606:4700:30::681b:a59a
2606:4700:30::681c:f6
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a02:6b8::1:119
88.208.46.221
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d66a1370af864dbcba984a23b2b4cac6147bc6e8d3e2831af7be53a6b8f624c
1081aa1f2a8ddecb23d2935dd459985dc699d0552630a358e6e27b638004f34d
1b5234de470f20128434aef3e74cc4da80d564f6ffd6dac6bdb2f8810b1ea6bb
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
283a0746d496c9bfabb54ef38485e49f9fa8614ef446d0e1850521edf9db3e84
3bd743238641442a959392b3eeb007b3d231f75a21d0f06936dd95b1ca9decf1
3ce5e6e6f4c06a55b694a7444df3046b202de6bdb3f63b7949b33a0d9e67c6b8
3f0dfd0285f6b376249f6c72e686e46d8245eb3dae623be41161102e581a048e
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
4795d1e87d0bbee591f993f747022663aeeb53e6b4649190366ea66377be5493
48555977de52a497e0dd8fe5aaf9ebf2df20bf16340340f4012baaa8153e490b
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
5218316a80206dc1ee97d7c4bd50eea4d9515b5d8dfb6bcf98ab4a9eeb553554
526ce8f18971816f2bad5c23b92f1ab069c1ca97d0c5d0effe932c70723194ed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
627b40e4ddfd9d17e987c849ccf735b63676ac4ef9c8c2f40719ad9cb78263b0
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864
735ae790ab38dfdf2b6430ee0626c9f0d8b8d6be9a242c758a0ba146275a7492
773f731c9b7490f731b26db39f13e6dea1d4ee8e44ff5cb9dc443361755df432
7c4dbd662f97d8bed0037e9f37bd98b67a75fc4f84ac01f3334547b467dfd7c2
8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a
952d30834a64170ec793f2601ad3903b1c3dd245605693890a619f0ab563b0eb
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9f52f3ab1c70cee6290110e36e3c3c2c71782f6958b2133b09825fb5086d99f6
9fecc6157919ffc41b052ae7e49726e205c75b847aef46daab8d75e29a48b95f
a9e1482e4fd2efdbd898b95620e1a67f3825d8c429a14ee9b502af5bfe3b38ce
abb97637f93dce2abbbf13b35e057e9c7657b41f0d3dcce5ced279b56f3687e5
b265a7940c5f0e9736dcd102155488332288a41e75d3a4a665fcf231bae715e8
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
bd215cde58cbb5a4b39178efcaf6ea62ad69a3f30d9f6da214413bbc96660c6e
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c30f2063292920ab7bceb5729a1e51ab3b7eddad5ece5ea1371db94059f5bf57
c77b50eb5f3e60eff655e7359b31ae8ee2b2119f79b455ba1235fb35ccdf0715
cb683965690ef77063c845ebb85c9b7eae4c72fd7d91986bb943607d2511c3e9
d2c89b9482b7bc2992f14befb2484e11559f6af55e666a3cf865a720f6d4d04e
db934f720e7effa5be74fca3fce38585fa4c0ae1b057d6cafad55b0d98697983
dc1e94a90ccb99cd60d29d88322e3f7af0beb126d4b2bc820eda01c8e4aa4ba5
dc409deae3cfca10fdea0259f1cde112b3ddd780153007776c9425a37a2d040a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e433d796f597ba64786576bfa8059f9b38a32f14a611eb2dfa9d442183f7a522
e56b08590b93eda20511daa2bfa928102159e396f10f55f4ae7e9298f6e5a9d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
fb64f3c876ebdc8d48ed378d25e1f9a904d50fb5f806b22ef1b25e294634f6de
fee32713a9c2829fd1530ca13167292579e63df8c18f2be0dc69113db8a3539b