windows-soft.pw Open in urlscan Pro
185.154.15.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windows-soft.pw/
Submission Tags: @phishunt_io
Submission: On February 17 via api (February 17th 2021, 5:08:15 am UTC) from ES

Summary HTTP 91 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 91 HTTP transactions. The main IP is 185.154.15.251, located in Ukraine and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is windows-soft.pw.
TLS certificate: Issued by R3 on February 16th 2021. Valid for: 3 months.

This is the only time windows-soft.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	185.154.15.251 185.154.15.251	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
13	185.107.80.114 185.107.80.114	43350 (NFORCE) (NFORCE)
2	81.176.238.163 81.176.238.163	8342 (RTCOMM-AS) (RTCOMM-AS)
3	81.176.238.212 81.176.238.212	8342 (RTCOMM-AS) (RTCOMM-AS)
1	2a00:ab00:110... 2a00:ab00:1103:7:43::1	49505 (SELECTEL) (SELECTEL)
17	54.37.190.232 54.37.190.232	16276 (OVH) (OVH)
2	81.176.238.213 81.176.238.213	8342 (RTCOMM-AS) (RTCOMM-AS)
1	81.176.238.211 81.176.238.211	8342 (RTCOMM-AS) (RTCOMM-AS)
1	2606:4700:303... 2606:4700:3035::ac43:8410	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	81.176.238.131 81.176.238.131	8342 (RTCOMM-AS) (RTCOMM-AS)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
91	21

27 185.154.15.251 (Ukraine)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm1405250.4ssd.had.wf

windows-soft.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.107.80.114 (Netherlands)

ASN43350 (NFORCE, NL)
PTR: funkyimg.com

funkyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.176.238.163 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

s50.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s017.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.176.238.212 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

b.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ab00:1103:7:43::1 (Russian Federation)

ASN49505 (SELECTEL, RU)

fost.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.37.190.232 (France)

ASN16276 (OVH, FR)
PTR: 54.37.190.232.foip.abcvg.ovh

picusha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.176.238.213 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

c.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.176.238.211 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

a.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:8410 (United States)

ASN13335 (CLOUDFLARENET, US)

slivavils.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.176.238.131 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

s019.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	windows-soft.pw windows-soft.pw	5 MB
17	picusha.net picusha.net	5 MB
13	funkyimg.com funkyimg.com	1 MB
9	radikal.ru s50.radikal.ru b.radikal.ru c.radikal.ru a.radikal.ru s017.radikal.ru s019.radikal.ru	659 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	367 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	google.com www.google.com adservice.google.com	1 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	642 B
1	slivavils.space slivavils.space	594 B
1	fost.ws fost.ws	28 KB
1	googleapis.com fonts.googleapis.com	855 B
0	gnogle.ru Failed gnogle.ru Failed
91	16

	Domain	Requested by
27	windows-soft.pw	windows-soft.pw
17	picusha.net	windows-soft.pw
13	funkyimg.com	windows-soft.pw
6	pagead2.googlesyndication.com	windows-soft.pw pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	b.radikal.ru	windows-soft.pw
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects windows-soft.pw
2	c.radikal.ru	windows-soft.pw
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	s019.radikal.ru	windows-soft.pw
1	slivavils.space	windows-soft.pw
1	s017.radikal.ru	windows-soft.pw
1	a.radikal.ru	windows-soft.pw
1	fost.ws	windows-soft.pw
1	s50.radikal.ru	windows-soft.pw
1	fonts.googleapis.com	windows-soft.pw
1	www.google.com	windows-soft.pw
0	gnogle.ru Failed	windows-soft.pw
91	24

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
windows-soft.pw R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
funkyimg.com R3	`2021-02-13` - `2021-05-14`	3 months	crt.sh
*.radikal.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-28` - `2022-02-08`	a year	crt.sh
fost.ws R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
picusha.net R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://windows-soft.pw/
Frame ID: 181BA5120FD5FD6A256CAFC8D50094EF
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: A375B136A50B620AAE0A4F6B48BEAC5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8866336384108844&output=html&adk=1812271804&adf=3025194257&lmt=1613538473&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows-soft.pw%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613538473441&bpp=13&bdt=1095&idt=88&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8209193795916&frm=20&pv=2&ga_vid=1768060240.1613538474&ga_sid=1613538474&ga_hid=900143079&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21068945%2C21068786&oid=3&pvsid=3164221096706119&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108
Frame ID: A8CE39554294E55815D9F9FA52D93693
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 06692B44C2BA5D3E1F02E002B37EA19C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DataLife Engine (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

91
Requests

99 %
HTTPS

50 %
IPv6

16
Domains

24
Subdomains

21
IPs

6
Countries

12534 kB
Transfer

13093 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://counter.yadro.ru/hit?t14.5;r;s1600*1200*24;uhttps%3A//windows-soft.pw/;0.4380070265057583 HTTP 302
https://counter.yadro.ru/hit?q;t14.5;r;s1600*1200*24;uhttps%3A//windows-soft.pw/;0.4380070265057583

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
windows-soft.pw/ 101 KB
19 KB 214ms
97ms Document
text/html 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

35d3e2abf5beeb5b3dfe152931da8a6629e750c7aca0c16889f9bf38c5caef62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: windows-soft.pw
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.10.1
Date: Wed, 17 Feb 2021 05:07:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=26bv0l01rl688l00sddq00j0h1; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

GET
H/1.1 200
OK index.php Show response
windows-soft.pw/engine/classes/min/ 205 KB
61 KB 55ms
53ms Script
application/x-javascript 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/engine/classes/min/index.php?charset=utf-8&g=general&21

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jul 2017 01:07:00 GMT
Server: nginx/1.10.1
ETag: "pub1500685620;gz"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Length: 62137
Expires: Thu, 17 Feb 2022 05:07:52 GMT

GET
H/1.1 200
OK styles.css
windows-soft.pw/templates/kinowalk/style/ 39 KB
39 KB 122ms
52ms Stylesheet
text/css 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/style/styles.css

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

4d365b37d7c0ce365a3cbd5badb8fd82539443f81d03a135fcbf48c3562d9def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sun, 30 Jul 2017 21:38:25 GMT
Server: nginx/1.10.1
ETag: "597e51d1-9c15"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39957

GET
H/1.1 200
OK engine.css
windows-soft.pw/templates/kinowalk/style/ 62 KB
62 KB 131ms
57ms Stylesheet
text/css 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/style/engine.css

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

d416678a4754d56d568d2fab05db9db7fcd890b29be598ebdedeb41eac943fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sat, 22 Jul 2017 02:06:39 GMT
Server: nginx/1.10.1
ETag: "5972b32f-f669"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63081

GET
H/1.1 200
OK frameworks.css
windows-soft.pw/templates/kinowalk/style/ 46 KB
47 KB 129ms
55ms Stylesheet
text/css 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/style/frameworks.css

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

a7b7366ffe3563a834406a9c547c472f078fa626e82a4a99915dcf86fb3aaae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-b99a"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47514

GET
H/1.1 200
OK top.css
windows-soft.pw/templates/kinowalk/top/ 726 B
1009 B 110ms
35ms Stylesheet
text/css 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/top/top.css

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

b34d7ed80dc8cffad6e0ed5e29945166e113746ddbecc6312eaaab3761db7359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 02 Aug 2017 20:27:14 GMT
Server: nginx/1.10.1
ETag: "598235a2-2d6"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 726

GET
H/1.1 200
OK top.js Show response
windows-soft.pw/templates/kinowalk/top/ 653 B
950 B 108ms
33ms Script
application/javascript 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/top/top.js

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

2ecd22d83fe52ac49780bab9dd7e9b86e11c634637bec7d72ee15f23bccae750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 02 Aug 2017 20:27:14 GMT
Server: nginx/1.10.1
ETag: "598235a2-28d"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 653

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
639 B 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Wed, 17 Feb 2021 05:07:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
855 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167f812934de4a97aa53e7c4ad6e8e4c0a4c3b32d3636db3a71726479f380aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 05:07:52 GMT
server: ESF
date: Wed, 17 Feb 2021 05:07:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Feb 2021 05:07:52 GMT

GET
H/1.1 200
OK brand.jpg
windows-soft.pw/templates/kinowalk/images/ 405 KB
406 KB 67ms
56ms Image
image/jpeg 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/brand.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

8b5ef90af7e2e84d77d886b1ff9b5ea33d8a5159055257daa8af033879221e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-6555d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 415069

GET
H/1.1 200
OK 3aRyx.png
funkyimg.com/i/ 65 KB
66 KB 145ms
55ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aRyx.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: eee333c11cfdf19dbcb37f8957c5a30142ea08ddef65f24aca8a94c5b5c39d0e

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 16 Feb 2021 21:13:44 GMT
Server: nginx/1.14.2
ETag: "602c3588-104bd"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66749
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 3aRyV.png
funkyimg.com/i/ 235 KB
235 KB 144ms
53ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aRyV.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: becd07432ed8800fa10dab82428abbce1afd033c790d9c7a44bb5ea6c3604c71

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 16 Feb 2021 21:24:34 GMT
Server: nginx/1.14.2
ETag: "602c3812-3ab61"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240481
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 38J4o.png
funkyimg.com/i/ 49 KB
50 KB 147ms
53ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/38J4o.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: f019e38a51c596505e2f6399425df5e8c00128f9e7044b279f54dc15bc444ef9

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 18 Nov 2020 11:52:19 GMT
Server: nginx/1.14.2
ETag: "5fb50af3-c503"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50435
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK e63095ada192.jpg
s50.radikal.ru/i128/1703/b2/ 20 KB
21 KB 494ms
160ms Image
image/jpeg 81.176.238.163
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s50.radikal.ru/i128/1703/b2/e63095ada192.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.163 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: f3315b069c82c61d04848e8cb1d86cdf2021f6f30e1734be316182123c969136

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sun, 26 Mar 2017 17:13:00 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "f893703854a6d21:0"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 20917

GET
H/1.1 200
OK 38GYq.png
funkyimg.com/i/ 33 KB
34 KB 178ms
54ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/38GYq.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 51eb20bbf07e5d47d1be5f2cc1e2c0e523575806dd06470347cb13a511cc294c

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 17 Nov 2020 14:35:04 GMT
Server: nginx/1.14.2
ETag: "5fb3df98-85c1"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34241
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 38akG.png
funkyimg.com/i/ 24 KB
24 KB 185ms
46ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/38akG.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 554483e851edffcc2330f0b96a7cbe39bd5d99a26d620171a10a0ef9f36dbdf2

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sat, 24 Oct 2020 05:25:13 GMT
Server: nginx/1.14.2
ETag: "5f93bab9-5fcf"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24527
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 38J5a.png
funkyimg.com/i/ 99 KB
99 KB 200ms
81ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/38J5a.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 13e5f7899f80ef90bebb5b63d149fa06e1e41a04b3f78b6a9194fd121842e8ef

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 18 Nov 2020 12:07:10 GMT
Server: nginx/1.14.2
ETag: "5fb50e6e-18b9a"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101274
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK e223a92864a2.jpg
b.radikal.ru/b37/2101/c2/ 29 KB
29 KB 429ms
147ms Image
image/jpeg 81.176.238.212
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.radikal.ru/b37/2101/c2/e223a92864a2.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.212 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: caa1ffd6d83663ab3355964b6b9ab651fd4c3771e197b32f200d32a2d1ff8e0a

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 01 Jan 2021 10:00:17 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "2d6e34e824e0d61:0"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 29646

GET
H2 200 1599655040_25.jpg
fost.ws/uploads/posts/2020-09/ 28 KB
28 KB 195ms
107ms Image
image/jpeg 2a00:ab00:1103:7:43::1
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fost.ws/uploads/posts/2020-09/1599655040_25.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:ab00:1103:7:43::1 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1ed9ff90c735ae4bc469786daa0b961ac04be34b26a682d8dc9ce297354558d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Mon, 18 Jan 2021 16:25:00 GMT
server: nginx/1.16.1
etag: "6005b65c-6f3e"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
accept-ranges: bytes
content-length: 28478

GET
H2 200 3eoijauoras8ubcnt2nily2ze.png
picusha.net/img/2020-10/21/ 385 KB
385 KB 149ms
77ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-10/21/3eoijauoras8ubcnt2nily2ze.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

f2b46fa2300365a9daf8035ad0c224ec677a311490b0294ac2fee5ac70e453fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Wed, 21 Oct 2020 06:42:57 GMT
server: nginx
etag: "5f8fd871-602f7"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 393975
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3aReD.png
funkyimg.com/i/ 103 KB
103 KB 91ms
60ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aReD.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 37b70ae7ad16559476b0327b5ccfcb3640190ffc8f1973d250b47ce5e2fa34b9

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 16 Feb 2021 17:15:02 GMT
Server: nginx/1.14.2
ETag: "602bfd96-19bc8"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105416
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 3aRu8.jpg
funkyimg.com/i/ 29 KB
29 KB 85ms
54ms Image
image/jpeg 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aRu8.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 2b4c3453c1ce0b97483519a9b59705a22d427ea39e1c3ae7dedf8953a8948ab1

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 16 Feb 2021 20:01:48 GMT
Server: nginx/1.14.2
ETag: "602c24ac-73da"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29658
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK dfe2b286b6e8.png
b.radikal.ru/b26/1909/40/ 38 KB
38 KB 421ms
144ms Image
image/png 81.176.238.212
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.radikal.ru/b26/1909/40/dfe2b286b6e8.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.212 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: af54d3a8d3c909581a97ccd57633663aad8ac3e48745d7a93afff9b6fe677bcf

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sat, 21 Sep 2019 17:30:41 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "aeaf524aa270d51:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 38552

GET
H/1.1 200
OK 15b4e4f9496d.jpg
c.radikal.ru/c33/1911/ae/ 39 KB
39 KB 433ms
156ms Image
image/jpeg 81.176.238.213
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.radikal.ru/c33/1911/ae/15b4e4f9496d.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.213 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 4f133226c0431aef2aafa9620fb9ae997a7d6be935c6e55970e77aaf296430c9

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Thu, 21 Nov 2019 17:00:58 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "d5c6373f8da0d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 39542

GET
H2 200 ztwahknubxclt4xuyuavdcn3o.png
picusha.net/img/2021-02/16/ 329 KB
330 KB 149ms
77ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-02/16/ztwahknubxclt4xuyuavdcn3o.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

d7f452332c1023ff6910305b9aeaac197075196e340ece400ed4dcb288326a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Tue, 16 Feb 2021 16:14:06 GMT
server: nginx
etag: "602bef4e-525c4"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 337348
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d3t4jv0q78npx13hadr1ondnc.png
picusha.net/img/2021-02/16/ 277 KB
278 KB 149ms
78ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-02/16/d3t4jv0q78npx13hadr1ondnc.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

e4799f3f3176b7daa552f7b01051234a57f157c795191dce291131166614e9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Tue, 16 Feb 2021 14:37:12 GMT
server: nginx
etag: "602bd898-45460"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 283744
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vzbzwd49tbag2ft4h8icqoept.png
picusha.net/img/2021-02/16/ 375 KB
376 KB 149ms
78ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-02/16/vzbzwd49tbag2ft4h8icqoept.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

ea7874b55bf87f43b802c17f6df11b813e892c17915a67d4c398e7e9e0348fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Tue, 16 Feb 2021 14:26:03 GMT
server: nginx
etag: "602bd5fb-5dcf0"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 384240
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7wx7g5h17zrjqymd8sd684h6s.png
picusha.net/img/2021-02/16/ 329 KB
330 KB 149ms
78ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-02/16/7wx7g5h17zrjqymd8sd684h6s.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

d7f452332c1023ff6910305b9aeaac197075196e340ece400ed4dcb288326a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Tue, 16 Feb 2021 14:13:08 GMT
server: nginx
etag: "602bd2f4-525c4"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 337348
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b0c83ycuqexpkw0w6u967gtim.png
picusha.net/img/2021-02/16/ 305 KB
306 KB 77ms
76ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-02/16/b0c83ycuqexpkw0w6u967gtim.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

36ff9b562cfdfae9cabe0d5ee1551199a5dac147fb45eb10a9ef8693df939983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Tue, 16 Feb 2021 14:08:35 GMT
server: nginx
etag: "602bd1e3-4c519"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 312601
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 105190856de6.jpg
a.radikal.ru/a19/1903/62/ 34 KB
35 KB 431ms
146ms Image
image/jpeg 81.176.238.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.radikal.ru/a19/1903/62/105190856de6.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: ca190050ad949a25c91227924576bb3dd38e77adac93f7e44f5346fde43a0368

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sat, 23 Mar 2019 06:58:14 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "e7b0f9c845e1d41:0"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 34995

GET
H/1.1 200
OK 395e5.png
funkyimg.com/i/ 53 KB
53 KB 69ms
69ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/395e5.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 1494dae0d68af202664c016f0c1660801574846e882317f10d828787e2c7fe08

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 02 Dec 2020 11:00:35 GMT
Server: nginx/1.14.2
ETag: "5fc773d3-d388"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54152
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 3aQui.png
funkyimg.com/i/ 90 KB
90 KB 45ms
44ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aQui.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: e50fdb5a42fbff7bd7696250ee6e796c217e9eaba4d2ae851107d9dae8c14b40

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 16 Feb 2021 06:52:16 GMT
Server: nginx/1.14.2
ETag: "602b6ba0-16766"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92006
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 0a74191f394f.png
b.radikal.ru/b12/2001/4d/ 293 KB
293 KB 483ms
182ms Image
image/png 81.176.238.212
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.radikal.ru/b12/2001/4d/0a74191f394f.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.212 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 71c8c5e1ea8942ad3723e565f03008995ff01a1540767c8458b024b2b535181f

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Mon, 27 Jan 2020 05:56:27 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "d32bee83d6d4d51:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 299793

GET
H/1.1 200
OK 3aQtA.jpeg
funkyimg.com/i/ 21 KB
22 KB 44ms
44ms Image
image/jpeg 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aQtA.jpeg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 171a0184359e321c1eda3db4d9510f947a031915527bdcf373f901816bb0e673

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Tue, 16 Feb 2021 06:39:12 GMT
Server: nginx/1.14.2
ETag: "602b6890-55ec"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21996
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H/1.1 200
OK 1bbdfe942eb2.png
s017.radikal.ru/i431/1505/d9/ 107 KB
108 KB 433ms
148ms Image
image/png 81.176.238.163
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s017.radikal.ru/i431/1505/d9/1bbdfe942eb2.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.163 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 56fd64294e5cef240fd6add5e8ef12ffb937ea85f88f2af1f7e82e560085bddb

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 06 May 2015 16:04:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "6896184b1688d01:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 109730

GET
H/1.1 200
OK 8206b56d4b1d.jpg
c.radikal.ru/c39/1903/0b/ 78 KB
78 KB 415ms
138ms Image
image/jpeg 81.176.238.213
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.radikal.ru/c39/1903/0b/8206b56d4b1d.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.213 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 7d38a2e2b59f31c597359f80fe89a788ec7d79a520dc68fb5f194878f5f73884

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sun, 17 Mar 2019 15:28:48 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "2ec2441ed6dcd41:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 80072

GET
H/1.1 200
OK 3aPRS.png
funkyimg.com/i/ 302 KB
303 KB 43ms
43ms Image
image/png 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aPRS.png
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 20d44d60ecbe697e08dee250e7f1d284d6f789bc6faf32f957b5077b01950603

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Mon, 15 Feb 2021 19:58:30 GMT
Server: nginx/1.14.2
ETag: "602ad266-4b8ec"
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309484
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H2 200 code.js Show response
slivavils.space/ 0
594 B 125ms
104ms Script
text/plain 2606:4700:3035::ac43:8410
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://slivavils.space/code.js?d=mvqtu5deomstgmrygeste&public=1&ref=&title=
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

cf-request-id: 084ffc49c50000dfcf30087000000001
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Wed, 17 Feb 2021 05:07:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9dZbshO3%2B%2FcfBzWIXJN%2FuIs43OjUdNkpjsploPgMMNpGQZT93yAx6D4xuBZg%2FWycoG4OCCDEvm2MmLv7xX7SqbPwpKkUC%2B%2B3zOB5tsP1MwRqcaIV2Q%2FJ0txzis0%3D"}],"group":"cf-nel"}
cache-control: max-age=14400
cf-ray: 622cfcbc6ef7dfcf-FRA

GET
H2 200 vwtf31tr1twogzcsas7zgqlk7.jpg
picusha.net/img/2021-01/27/ 45 KB
45 KB 77ms
76ms Image
image/jpeg 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-01/27/vwtf31tr1twogzcsas7zgqlk7.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

a11abf31a991caf0847ce815d8d1086528dd95872086ca465fb9647796f008ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Wed, 27 Jan 2021 10:03:03 GMT
server: nginx
etag: "60113a57-b4c4"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 46276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g7zgkbor94zbcp4tsw693xceg.jpg
picusha.net/img/2021-02/15/ 47 KB
47 KB 86ms
84ms Image
image/jpeg 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-02/15/g7zgkbor94zbcp4tsw693xceg.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

5e9a1c2626665f6a968b8f5308efccc9c6a8dbc26c97db281cbcf24d8e07db69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Mon, 15 Feb 2021 19:31:59 GMT
server: nginx
etag: "602acc2f-bc33"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48179
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hyxdg2dy8j96rakv2lm8u8ryt.png
picusha.net/img/2021-01/29/ 287 KB
287 KB 86ms
85ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-01/29/hyxdg2dy8j96rakv2lm8u8ryt.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

780adb595b06eb353ac518f3c13807ef6a367979e669824890c7f79e16b2606a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Fri, 29 Jan 2021 05:05:48 GMT
server: nginx
etag: "601397ac-47a0f"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 293391
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3aPuJ.jpg
funkyimg.com/i/ 51 KB
52 KB 43ms
43ms Image
image/jpeg 185.107.80.114
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funkyimg.com/i/3aPuJ.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.107.80.114 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: funkyimg.com
Software: nginx/1.14.2 /
Resource Hash: 01ef7414771656b9b45d3babde9f0fd1a656ec037f19e385d1504f3c543c7ad0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Mon, 15 Feb 2021 15:11:30 GMT
Server: nginx/1.14.2
ETag: "602a8f22-cd5d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52573
Expires: Fri, 19 Mar 2021 05:07:52 GMT

GET
H2 200 j057dvtrkch4bkjnfnxztk10u.png
picusha.net/img/2021-01/27/ 367 KB
368 KB 86ms
85ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2021-01/27/j057dvtrkch4bkjnfnxztk10u.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

f65273dd2ce8b53710b3ade79b73fdcc8e043fa5fd560a68d8899dd7885f9fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Wed, 27 Jan 2021 04:53:41 GMT
server: nginx
etag: "6010f1d5-5bbeb"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 375787
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2k1yufnru8bi7hr8ezexpdq8z.png
picusha.net/img/2019-08/26/ 328 KB
329 KB 120ms
119ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2019-08/26/2k1yufnru8bi7hr8ezexpdq8z.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

b5128ddd17d35a5f45ddedf1006b063e768a306df3e8c715aac0bdfaa72fce8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Mon, 26 Aug 2019 07:58:15 GMT
server: nginx
etag: "5d639117-5216e"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 336238
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK efc98727606d.jpg
s019.radikal.ru/i601/1712/e4/ 18 KB
18 KB 461ms
174ms Image
image/jpeg 81.176.238.131
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s019.radikal.ru/i601/1712/e4/efc98727606d.jpg
Requested by: Host: windows-soft.pw
URL: https://windows-soft.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.131 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 4e282a20ed94a624a79436728049f509dbee442636d9adc2bdc66b099b55b1f3

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sun, 10 Dec 2017 18:01:30 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "3e1a1de8e071d31:0"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 17941

GET
H/1.1 200
OK rkl1.jpg
windows-soft.pw/templates/kinowalk/images/ 34 KB
34 KB 39ms
38ms Image
image/jpeg 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/rkl1.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

3cf48aa38b84732a0d39a67439b5114748b286a10f958896213d647b60668c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-882e"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34862

GET
H2 200 1mx0zjlemt35eg5a1nx160x2w.png
picusha.net/img/2020-10/19/ 308 KB
308 KB 125ms
53ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-10/19/1mx0zjlemt35eg5a1nx160x2w.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

a861a21aa71ceeed2ea1efd6cdc3a73eeb3a223960c5283b8995d2d96615b946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Mon, 19 Oct 2020 06:22:18 GMT
server: nginx
etag: "5f8d309a-4cfaa"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 315306
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1bl4xito2vu3nmnder5f74td4.png
picusha.net/img/2020-07/24/ 305 KB
305 KB 121ms
119ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-07/24/1bl4xito2vu3nmnder5f74td4.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

8a6a91870d29f41fb44d273c1e098b2412db3b8d3187a5b51df2a6bdb2557a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Fri, 24 Jul 2020 18:05:46 GMT
server: nginx
etag: "5f1b22fa-4c213"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 311827
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uk42u3wz9j6ajly8lta8n3k5j.png
picusha.net/img/2020-06/28/ 250 KB
250 KB 121ms
120ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-06/28/uk42u3wz9j6ajly8lta8n3k5j.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

1906a214ae5f863192719e2180dab7d1b3114a9dd038b02372bcc3b1651e6b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Sun, 28 Jun 2020 02:01:41 GMT
server: nginx
etag: "5ef7fa05-3e7bc"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 255932
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpuiukuq1aydmgx2cy6nsx2ud.png
picusha.net/img/2020-05/19/ 268 KB
269 KB 121ms
120ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-05/19/gpuiukuq1aydmgx2cy6nsx2ud.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

d9be8a19182030c091a697fbbfd771e392973d8bfdef00d483c96803ddbb7027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Tue, 19 May 2020 13:48:14 GMT
server: nginx
etag: "5ec3e39e-43021"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 274465
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pc5e23f02wx7gxjoqihiev2nj.png
picusha.net/img/2020-04/16/ 398 KB
398 KB 121ms
120ms Image
image/png 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-04/16/pc5e23f02wx7gxjoqihiev2nj.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

2092664fd4c29e36e6341f419de43c0c4ce6def6d9344745a139c1958dbb30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Thu, 16 Apr 2020 18:50:08 GMT
server: nginx
etag: "5e98a8e0-6364b"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 407115
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9mtoc6ty5cgi5v25l9le5y72d.jpg
picusha.net/img/2020-03/26/ 221 KB
222 KB 121ms
120ms Image
image/jpeg 54.37.190.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://picusha.net/img/2020-03/26/9mtoc6ty5cgi5v25l9le5y72d.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

54.37.190.232 , France, ASN16276 (OVH, FR),

Reverse DNS

54.37.190.232.foip.abcvg.ovh

Software

nginx /

Resource Hash

8914c1c81806ff68a4aee29c8d437f683099fc76b490846f699e4336e3a24e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
last-modified: Thu, 26 Mar 2020 14:04:22 GMT
server: nginx
etag: "5e7cb666-375c2"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 226754
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK libs.js Show response
windows-soft.pw/templates/kinowalk/js/ 42 KB
42 KB 41ms
40ms Script
application/javascript 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/js/libs.js

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

3efc3a412209b9b57d461660a8187bc7d68f8301c35cf2180c69dc606530f15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-a669"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42601

GET
H/1.1 200
OK filter-xf.js Show response
windows-soft.pw/templates/kinowalk/js/ 66 KB
67 KB 42ms
41ms Script
application/javascript 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/js/filter-xf.js

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

c699f9bdf9871f0751706bbddd8c021b99e79fe56e12cb5d755d71c03a36f2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-1095f"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67935

GET
H/1.1 200
OK filter-xf.css
windows-soft.pw/templates/kinowalk/style/ 11 KB
12 KB 51ms
39ms Stylesheet
text/css 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/style/filter-xf.css

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

98fc557ad7d94982eb876791162e1da53e397d1b5a4a874d07a91197f0035fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-2dcc"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11724

GET 288dd8d4
gnogle.ru/js/ 0
0

GET
H/1.1 200
OK v.png
windows-soft.pw/templates/kinowalk/top/ 2 KB
2 KB 37ms
36ms Image
image/png 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/top/v.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

d169c124cfe8955a79627542bbc9a94365d2f5838d9bcb21ce849b2e98e4a4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 02 Aug 2017 20:27:14 GMT
Server: nginx/1.10.1
ETag: "598235a2-72a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1834

GET
H/1.1 200
OK n.png
windows-soft.pw/templates/kinowalk/top/ 2 KB
2 KB 36ms
36ms Image
image/png 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/top/n.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

c5432621ff0b8e50c84f9ae8839891caf42c55565e50536b5e042b80477570f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 02 Aug 2017 20:27:14 GMT
Server: nginx/1.10.1
ETag: "598235a2-74a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1866

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9406453f755774f3fe2168484ffc62ae638eaa92bbfa9dc8b56f75250ce10a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48461
x-xss-protection: 0
server: cafe
etag: 12112344721774099002
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Feb 2021 05:07:52 GMT

GET
H/1.1 200
OK reset-settings.css
windows-soft.pw/templates/kinowalk/style/ 4 KB
4 KB 38ms
37ms Stylesheet
text/css 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/style/reset-settings.css

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

b49a3b53fcaaed3657c5d3043748e755f343289018094f93cbc62e19d70bea6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/templates/kinowalk/style/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-e46"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3654

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ 332 KB
332 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows-soft.pw
Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 04:25:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 05:06:45 GMT
server: sffe
age: 2562
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339515
x-xss-protection: 0
expires: Thu, 17 Feb 2022 04:25:10 GMT

GET
H/1.1 200
OK bg.png
windows-soft.pw/templates/kinowalk/images/ 546 KB
547 KB 37ms
35ms Image
image/png 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/bg.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/reset-settings.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

fbd0706e8eda4e8921ff094e86c78f55c203390b6141ad7682c08399b37ae02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/templates/kinowalk/style/reset-settings.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Sun, 30 Jul 2017 20:44:38 GMT
Server: nginx/1.10.1
ETag: "597e4536-889d3"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 559571

GET
H/1.1 200
OK logo.png
windows-soft.pw/templates/kinowalk/images/ 53 KB
54 KB 40ms
39ms Image
image/png 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/logo.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

c7ddb7efda5add6aa6dff5ae490da04b3c677e860e0a95125410933a43458085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/templates/kinowalk/style/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Wed, 16 Aug 2017 19:30:16 GMT
Server: nginx/1.10.1
ETag: "59949d48-d555"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54613

GET
H/1.1 200
OK bg1.png
windows-soft.pw/templates/kinowalk/images/ 43 KB
43 KB 38ms
37ms Image
image/png 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/bg1.png

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/templates/kinowalk/style/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-aaae"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43694

GET
H/1.1 200
OK slider.jpg
windows-soft.pw/templates/kinowalk/images/ 35 KB
36 KB 69ms
67ms Image
image/jpeg 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/slider.jpg

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

d370003c3927a10be8e722562d9f0a900b29b0c0cf68df14b9d92037f35895ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/templates/kinowalk/style/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-8d26"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36134

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows-soft.pw
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 434533
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:39 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
windows-soft.pw/templates/kinowalk/fonts/ 63 KB
63 KB 52ms
52ms Font
application/octet-stream 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/templates/kinowalk/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/frameworks.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Origin: https://windows-soft.pw
Referer: https://windows-soft.pw/templates/kinowalk/style/frameworks.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:52 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "fbd0-554dc84fbbee3"
Strict-Transport-Security: max-age=31536000;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64464

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows-soft.pw
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 05:56:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 601900
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6824
x-xss-protection: 0
expires: Thu, 10 Feb 2022 05:56:12 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows-soft.pw
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:56:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 490253
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:56:59 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 24ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows-soft.pw
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 503380
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:18:12 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.5;r;s1600*1200*24;uhttps%3A//windows-soft.pw/;0.4380070265057583
https://counter.yadro.ru/hit?q;t14.5;r;s1600*1200*24;uhttps%3A//windows-soft.pw/;0.4380070265057583

221 B
675 B

77ms
77ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.5;r;s1600*1200*24;uhttps%3A//windows-soft.pw/;0.4380070265057583

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

3c8575d325fe00408eb98933ec221ae3432c44e03f5fb66b4177851d45ff80c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 05:07:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 221
Expires: Mon, 17 Feb 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 05:07:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.5;r;s1600*1200*24;uhttps%3A//windows-soft.pw/;0.4380070265057583
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 17 Feb 2020 21:00:00 GMT

GET
H/1.1 200
OK t28193693144.js Show response
windows-soft.pw/ 37 KB
38 KB 37ms
36ms Script
application/javascript 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/t28193693144.js

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

c7601b5dc80f75735d536c5d09f9cfddda4e40a55cb5796fbdfb4f827307585b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:53 GMT
Last-Modified: Tue, 02 Jun 2020 06:14:00 GMT
Server: nginx/1.10.1
ETag: "5ed5ee28-94f0"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38128

GET
H/1.1 206
Partial Content f0421_7.mp4
windows-soft.pw/t28193693144/ 48 KB
0 46ms
46ms Media
video/mp4 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/t28193693144/f0421_7.mp4

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 17 Feb 2021 05:07:53 GMT
Last-Modified: Wed, 05 Dec 2018 09:01:42 GMT
Server: nginx/1.10.1
ETag: "bb4f0-57c42a1746980"
Strict-Transport-Security: max-age=31536000;
Content-Type: video/mp4
Content-Range: bytes 0-767215/767216
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 767216

GET
H/1.1 206
Partial Content f0421_7.mp4
windows-soft.pw/t28193693144/ 13 KB
14 KB 43ms
42ms Media
video/mp4 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/t28193693144/f0421_7.mp4

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

2348a4448e97a483a43f2ba0ce4af61e85c88036e9dc12fcb31c48e97b3f1ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=753664-

Response headers

Date: Wed, 17 Feb 2021 05:07:53 GMT
Last-Modified: Wed, 05 Dec 2018 09:01:42 GMT
Server: nginx/1.10.1
ETag: "bb4f0-57c42a1746980"
Strict-Transport-Security: max-age=31536000;
Content-Type: video/mp4
Content-Range: bytes 753664-767215/767216
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13552

GET
H/1.1 206
Partial Content f0421_7.mp4
windows-soft.pw/t28193693144/ 717 KB
718 KB 46ms
45ms Media
video/mp4 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/t28193693144/f0421_7.mp4

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

d02e25b5cf5c61476e883cfac366d36f50a27fceec5b60023093a5d1c06f72f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 17 Feb 2021 05:07:53 GMT
Last-Modified: Wed, 05 Dec 2018 09:01:42 GMT
Server: nginx/1.10.1
ETag: "bb4f0-57c42a1746980"
Strict-Transport-Security: max-age=31536000;
Content-Type: video/mp4
Content-Range: bytes 32768-767215/767216
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 734448

GET
H/1.1 200
OK loader.gif
windows-soft.pw/templates/kinowalk/images/ 1 KB
2 KB 37ms
36ms Image
image/gif 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-soft.pw/templates/kinowalk/images/loader.gif

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/templates/kinowalk/style/frameworks.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

e1da1b5e724cd444319ab4c55e7637b99034b448955ddbe56150b24200a61cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/templates/kinowalk/style/frameworks.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 05:07:53 GMT
Last-Modified: Fri, 21 Jul 2017 23:49:44 GMT
Server: nginx/1.10.1
ETag: "59729318-5ed"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1517

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 62ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8866336384108844&plah=windows-soft.pw&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87061
x-xss-protection: 0
server: cafe
etag: 9039926254773515089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 Feb 2021 05:07:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame A375 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-soft.pw/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-soft.pw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Feb 2021 05:49:25 GMT
expires: Tue, 02 Mar 2021 05:49:25 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 83908
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
642 B 112ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=windows-soft.pw&callback=_gfp_s_&client=ca-pub-8866336384108844

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8866336384108844&plah=windows-soft.pw&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

922109eaf6d40b2ce591ed82046f589bddcedaa6d4be7b1f7f1d15c8164c4033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 36ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-soft.pw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 05:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-soft.pw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 05:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 27ms
27ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwindows-soft.pw%2F&tn=DIV&ign=false

Requested by

Host: windows-soft.pw
URL: https://windows-soft.pw/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 05:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8CE 603 B
321 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8866336384108844&output=html&adk=1812271804&adf=3025194257&lmt=1613538473&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows-soft.pw%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613538473441&bpp=13&bdt=1095&idt=88&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8209193795916&frm=20&pv=2&ga_vid=1768060240.1613538474&ga_sid=1613538474&ga_hid=900143079&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21068945%2C21068786&oid=3&pvsid=3164221096706119&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8866336384108844&output=html&adk=1812271804&adf=3025194257&lmt=1613538473&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows-soft.pw%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613538473441&bpp=13&bdt=1095&idt=88&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8209193795916&frm=20&pv=2&ga_vid=1768060240.1613538474&ga_sid=1613538474&ga_hid=900143079&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21068945%2C21068786&oid=3&pvsid=3164221096706119&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-soft.pw/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-soft.pw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 17 Feb 2021 05:07:53 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 17-Feb-2021 05:22:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 17 Feb 2021 05:07:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613161064837431"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Wed, 17 Feb 2021 05:07:53 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d4bca8d710a3f289b9fbe44c3cd2c3ed32c7b3a89110beabf951b7bbd9b628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 05:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6401
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 17 Feb 2021 05:07:54 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0669 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows-soft.pw/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://windows-soft.pw/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Feb 2021 22:55:14 GMT
expires: Wed, 16 Feb 2022 22:55:14 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22360
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0669 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 64268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Wed, 16 Feb 2022 11:16:46 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 28ms
28ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=3164221096706119&bg=!y8ilyIvNAAXRs2QT0TsAKQB2-Dxa5hZlEzx05-mzNuPMNQ8RBUmUxPR588MI0aOZykPhcOJTr2SrAgAAAJ1SAAAAE2gBBwoAt4-wrHxWGkhXGsIFhr7VHA-6c23kPhO9xQ-hzG_e-400_l49WMe-pH6E55PrGFb5w4QuK1_eWPfeObdruJ82SRaR4AKkrhdwnI0ZUnt1GzPA23ICYaxFGMcC4O7zMquGdTvmwilZY7RRsMEubhhN2XtYANVATSRYC0BQaKpJtmPDmolz_E1RCZfwrzyZ1nnQpx2iCYdiUv1IALDHN0R5lUvhj2jQPV7csy9L_Nqc8ex_nNsb6TSxZZkB1u22lsoYQ5Yc8Aklkn-T0l693xMTxidFQIw_IPjY29hXNVVo-5Z17JsCQBu-DI_R2N7g2vKj6iHi7t5ws7rR5ZnnTnD6QYivxpkT1o2IbNQXF6UF9FdMvEz3weTmOw8EjGL7tMFciNA-hVtO9g-R_3ITQ0KkpfntgMAaKA3Gju7WumOqeCFF5kzX4bZF_0nGwLlo0mz01cCFGmHXilQoWsK_Vg_x7IV87oCPOQehcRWdondTQ8pY78V9jVeyWLL01c6XyNDMwv6pvjtYJuldLORRULE6FyVXCM3P5Pn6aJ-VFtvOt5zqRDRvr1dqXFdDz8m3yyvmEbE0AQ2N5O3Vob0RbVEiH9vjvtf2iEyDVpuw7H0nji-xVRAyUoy8FtFmRsBqv53CYMVaduaBCVUQhoz-Scmn-RHfsokzh_waCwZQ1u-khBvtdI2Ql9vE2Q8nc0zrfYIWKVtXSYn-gXXAFT_UJuLhA-1RuyaV0OXaje9h54fSEUSlPPgzjtxq4sjut1jS48s70HpW-dTCYeTRW3TqjfoiJuk8QSgZt4VUD60y8sFk054LKQ-CdJ4DQrCXauvHprP5l8eMGIHFuSxj1l3RISOeMN-dbxnRceCWrrHAiZ6se3uk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-soft.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content e0555_2.mp4
windows-soft.pw/t28193693144/ 2 MB
2 MB 48ms
48ms Media
video/mp4 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/t28193693144/e0555_2.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

97517f7da98be08654dc5a569262e08328207f6d97b70bd14d28ff4f62452667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 17 Feb 2021 05:08:02 GMT
Last-Modified: Fri, 26 May 2017 09:16:04 GMT
Server: nginx/1.10.1
ETag: "1e646e-55069c9623d00"
Strict-Transport-Security: max-age=31536000;
Content-Type: video/mp4
Content-Range: bytes 0-1991789/1991790
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1991790

GET
H/1.1 206
Partial Content e0304_3.mp4
windows-soft.pw/t28193693144/ 1 MB
1 MB 44ms
44ms Media
video/mp4 185.154.15.251
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-soft.pw/t28193693144/e0304_3.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.154.15.251 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm1405250.4ssd.had.wf

Software

nginx/1.10.1 /

Resource Hash

9c07116d8ade81a9f9ce62eb46792d782316f7e6b93fe783340df5945947dac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://windows-soft.pw/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 17 Feb 2021 05:08:08 GMT
Last-Modified: Fri, 26 May 2017 08:38:36 GMT
Server: nginx/1.10.1
ETag: "10231a-5506943647b00"
Strict-Transport-Security: max-age=31536000;
Content-Type: video/mp4
Content-Range: bytes 0-1057561/1057562
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1057562

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gnogle.ru
URL: https://gnogle.ru/js/288dd8d4

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.windows-soft.pw/	1970-01-20 01:33:54	Name: __gads Value: ID=3bfb0ea6f24f404a-22442139cba600d6:T=1613538473:RT=1613538473:S=ALNI_Ma68LM-VDQsWo4CUBwnpzk24veu0g
.doubleclick.net/	1970-01-19 16:12:19	Name: test_cookie Value: CheckForPermission
.windows-soft.pw/	1969-12-31 23:59:59	Name: gadsTest Value: test
windows-soft.pw/	1969-12-31 23:59:59	Name: PHPSESSID Value: 26bv0l01rl688l00sddq00j0h1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.radikal.ru
adservice.google.com
adservice.google.de
b.radikal.ru
c.radikal.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
fost.ws
funkyimg.com
gnogle.ru
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
picusha.net
s017.radikal.ru
s019.radikal.ru
s50.radikal.ru
slivavils.space
tpc.googlesyndication.com
windows-soft.pw
www.google.com
www.googletagservices.com
www.gstatic.com
gnogle.ru
142.250.185.226
185.107.80.114
185.154.15.251
2606:4700:3035::ac43:8410
2a00:1450:4001:800::2002
2a00:1450:4001:808::2001
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:ab00:1103:7:43::1
54.37.190.232
81.176.238.131
81.176.238.163
81.176.238.211
81.176.238.212
81.176.238.213
88.212.201.210
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ef7414771656b9b45d3babde9f0fd1a656ec037f19e385d1504f3c543c7ad0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227
13e5f7899f80ef90bebb5b63d149fa06e1e41a04b3f78b6a9194fd121842e8ef
1494dae0d68af202664c016f0c1660801574846e882317f10d828787e2c7fe08
167f812934de4a97aa53e7c4ad6e8e4c0a4c3b32d3636db3a71726479f380aa9
171a0184359e321c1eda3db4d9510f947a031915527bdcf373f901816bb0e673
1906a214ae5f863192719e2180dab7d1b3114a9dd038b02372bcc3b1651e6b2d
1ed9ff90c735ae4bc469786daa0b961ac04be34b26a682d8dc9ce297354558d2
2092664fd4c29e36e6341f419de43c0c4ce6def6d9344745a139c1958dbb30d9
20d44d60ecbe697e08dee250e7f1d284d6f789bc6faf32f957b5077b01950603
2348a4448e97a483a43f2ba0ce4af61e85c88036e9dc12fcb31c48e97b3f1ca8
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2b4c3453c1ce0b97483519a9b59705a22d427ea39e1c3ae7dedf8953a8948ab1
2ecd22d83fe52ac49780bab9dd7e9b86e11c634637bec7d72ee15f23bccae750
2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437
35d3e2abf5beeb5b3dfe152931da8a6629e750c7aca0c16889f9bf38c5caef62
36ff9b562cfdfae9cabe0d5ee1551199a5dac147fb45eb10a9ef8693df939983
37b70ae7ad16559476b0327b5ccfcb3640190ffc8f1973d250b47ce5e2fa34b9
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c8575d325fe00408eb98933ec221ae3432c44e03f5fb66b4177851d45ff80c2
3cf48aa38b84732a0d39a67439b5114748b286a10f958896213d647b60668c0d
3efc3a412209b9b57d461660a8187bc7d68f8301c35cf2180c69dc606530f15b
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4d365b37d7c0ce365a3cbd5badb8fd82539443f81d03a135fcbf48c3562d9def
4e282a20ed94a624a79436728049f509dbee442636d9adc2bdc66b099b55b1f3
4f133226c0431aef2aafa9620fb9ae997a7d6be935c6e55970e77aaf296430c9
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
51eb20bbf07e5d47d1be5f2cc1e2c0e523575806dd06470347cb13a511cc294c
554483e851edffcc2330f0b96a7cbe39bd5d99a26d620171a10a0ef9f36dbdf2
56fd64294e5cef240fd6add5e8ef12ffb937ea85f88f2af1f7e82e560085bddb
59d4bca8d710a3f289b9fbe44c3cd2c3ed32c7b3a89110beabf951b7bbd9b628
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e9a1c2626665f6a968b8f5308efccc9c6a8dbc26c97db281cbcf24d8e07db69
5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52
71c8c5e1ea8942ad3723e565f03008995ff01a1540767c8458b024b2b535181f
780adb595b06eb353ac518f3c13807ef6a367979e669824890c7f79e16b2606a
7d38a2e2b59f31c597359f80fe89a788ec7d79a520dc68fb5f194878f5f73884
8914c1c81806ff68a4aee29c8d437f683099fc76b490846f699e4336e3a24e89
8a6a91870d29f41fb44d273c1e098b2412db3b8d3187a5b51df2a6bdb2557a7e
8b5ef90af7e2e84d77d886b1ff9b5ea33d8a5159055257daa8af033879221e34
922109eaf6d40b2ce591ed82046f589bddcedaa6d4be7b1f7f1d15c8164c4033
9406453f755774f3fe2168484ffc62ae638eaa92bbfa9dc8b56f75250ce10a3d
97517f7da98be08654dc5a569262e08328207f6d97b70bd14d28ff4f62452667
98fc557ad7d94982eb876791162e1da53e397d1b5a4a874d07a91197f0035fd6
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
9c07116d8ade81a9f9ce62eb46792d782316f7e6b93fe783340df5945947dac6
a11abf31a991caf0847ce815d8d1086528dd95872086ca465fb9647796f008ac
a7b7366ffe3563a834406a9c547c472f078fa626e82a4a99915dcf86fb3aaae3
a861a21aa71ceeed2ea1efd6cdc3a73eeb3a223960c5283b8995d2d96615b946
af54d3a8d3c909581a97ccd57633663aad8ac3e48745d7a93afff9b6fe677bcf
b34d7ed80dc8cffad6e0ed5e29945166e113746ddbecc6312eaaab3761db7359
b49a3b53fcaaed3657c5d3043748e755f343289018094f93cbc62e19d70bea6a
b5128ddd17d35a5f45ddedf1006b063e768a306df3e8c715aac0bdfaa72fce8b
becd07432ed8800fa10dab82428abbce1afd033c790d9c7a44bb5ea6c3604c71
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
c5432621ff0b8e50c84f9ae8839891caf42c55565e50536b5e042b80477570f5
c699f9bdf9871f0751706bbddd8c021b99e79fe56e12cb5d755d71c03a36f2dd
c7601b5dc80f75735d536c5d09f9cfddda4e40a55cb5796fbdfb4f827307585b
c7ddb7efda5add6aa6dff5ae490da04b3c677e860e0a95125410933a43458085
ca190050ad949a25c91227924576bb3dd38e77adac93f7e44f5346fde43a0368
caa1ffd6d83663ab3355964b6b9ab651fd4c3771e197b32f200d32a2d1ff8e0a
d02e25b5cf5c61476e883cfac366d36f50a27fceec5b60023093a5d1c06f72f1
d169c124cfe8955a79627542bbc9a94365d2f5838d9bcb21ce849b2e98e4a4e9
d370003c3927a10be8e722562d9f0a900b29b0c0cf68df14b9d92037f35895ec
d416678a4754d56d568d2fab05db9db7fcd890b29be598ebdedeb41eac943fc1
d7f452332c1023ff6910305b9aeaac197075196e340ece400ed4dcb288326a47
d9be8a19182030c091a697fbbfd771e392973d8bfdef00d483c96803ddbb7027
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
e1da1b5e724cd444319ab4c55e7637b99034b448955ddbe56150b24200a61cde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4799f3f3176b7daa552f7b01051234a57f157c795191dce291131166614e9e0
e50fdb5a42fbff7bd7696250ee6e796c217e9eaba4d2ae851107d9dae8c14b40
ea7874b55bf87f43b802c17f6df11b813e892c17915a67d4c398e7e9e0348fd0
eee333c11cfdf19dbcb37f8957c5a30142ea08ddef65f24aca8a94c5b5c39d0e
f019e38a51c596505e2f6399425df5e8c00128f9e7044b279f54dc15bc444ef9
f2b46fa2300365a9daf8035ad0c224ec677a311490b0294ac2fee5ac70e453fa
f3315b069c82c61d04848e8cb1d86cdf2021f6f30e1734be316182123c969136
f65273dd2ce8b53710b3ade79b73fdcc8e043fa5fd560a68d8899dd7885f9fd7
fbd0706e8eda4e8921ff094e86c78f55c203390b6141ad7682c08399b37ae02c

windows-soft.pw Open in urlscan Pro 185.154.15.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

91 Requests

99 %HTTPS

50 %IPv6

16 Domains

24 Subdomains

21 IPs

6 Countries

12534 kBTransfer

13093 kBSize

4 Cookies

1 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

windows-soft.pw Open in urlscan Pro
185.154.15.251 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

99 %
HTTPS

50 %
IPv6

16
Domains

24
Subdomains

21
IPs

6
Countries

12534 kB
Transfer

13093 kB
Size

4
Cookies

91 HTTP transactions
0 data transactions