activations-windows.ru Open in urlscan Pro
81.177.135.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://activations-windows.ru/
Submission Tags: @phishunt_io
Submission: On September 15 via api (September 15th 2020, 10:22:20 pm UTC) from ES

Summary HTTP 61 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 61 HTTP transactions. The main IP is 81.177.135.182, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is activations-windows.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 15th 2020. Valid for: 3 months.

This is the only time activations-windows.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	81.177.135.182 81.177.135.182	8342 (RTCOMM-AS) (RTCOMM-AS)
5	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
8	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
5	2a00:1450:400... 2a00:1450:4003:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	148.251.41.166 148.251.41.166	24940 (HETZNER-AS) (HETZNER-AS)
1	78.24.221.88 78.24.221.88	29182 (THEFIRST-AS) (THEFIRST-AS)
1 2	104.111.216.213 104.111.216.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	5.9.154.76 5.9.154.76	24940 (HETZNER-AS) (HETZNER-AS)
61	11

30 81.177.135.182 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

activations-windows.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.163.114.204 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4003:809::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.251.41.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.41.251.148.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.24.221.88 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta15.ru

utl-utils.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.216.213 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.154.76 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.76.154.9.5.clients.your-server.de

cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	activations-windows.ru activations-windows.ru	353 KB
8	uptolike.com w.uptolike.com	63 KB
6	google.com apis.google.com accounts.google.com	103 KB
5	gstatic.com csi.gstatic.com	542 B
4	semantiqo.com sonar.semantiqo.com	22 KB
4	yandex.ru 1 redirects mc.yandex.ru	45 KB
3	yadro.ru 2 redirects counter.yadro.ru	1 KB
2	caltat.com cdn3.caltat.com	543 B
2	aliexpress.com 1 redirects s.click.aliexpress.com best.aliexpress.com	2 KB
1	utl-utils.ru utl-utils.ru	10 KB
61	10

	Domain	Requested by
30	activations-windows.ru	activations-windows.ru
8	w.uptolike.com	activations-windows.ru w.uptolike.com
5	csi.gstatic.com	activations-windows.ru
5	apis.google.com	activations-windows.ru apis.google.com
4	sonar.semantiqo.com	w.uptolike.com sonar.semantiqo.com
4	mc.yandex.ru	1 redirects w.uptolike.com activations-windows.ru
3	counter.yadro.ru	2 redirects activations-windows.ru
2	cdn3.caltat.com	sonar.semantiqo.com
1	best.aliexpress.com	utl-utils.ru
1	s.click.aliexpress.com	1 redirects
1	utl-utils.ru	w.uptolike.com
1	accounts.google.com	apis.google.com
61	12

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
uptolike.ru
promopult.ru

Subject Issuer	Validity	Valid
activations-windows.ru Let's Encrypt Authority X3	`2020-09-15` - `2020-12-14`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
uptolike.com Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
informer.yandex.ru Yandex CA	`2020-08-27` - `2021-08-27`	a year	crt.sh
sonar.semantiqo.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-12` - `2021-11-11`	2 years	crt.sh
utl-utils.ru Let's Encrypt Authority X3	`2020-06-29` - `2020-09-27`	3 months	crt.sh
ru.aliexpress.com DigiCert Secure Site ECC CA-1	`2020-06-09` - `2021-06-21`	a year	crt.sh
cdn3.caltat.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-12` - `2021-11-11`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://activations-windows.ru/
Frame ID: EF0ED1D9C497F43369324CD36A828953
Requests: 54 HTTP requests in this frame

Frame: https://apis.google.com/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Factivations-windows.ru%2F&width=580&first_party_property=BLOGGER&view_type=FILTERED_POSTMOD&origin=https%3A%2F%2Factivations-windows.ru&search=&hash=&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 1A5898FDA819498B9D510E1AD0265FC5
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Factivations-windows.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 0A9743B023C650F5BF8EC15522428D18
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?30f04ab437e108b3063a546e9a622e97
Frame ID: 93A52EA7B9228DA917EA9021CFBC471A
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?30f04ab437e108b3063a546e9a622e97
Frame ID: 5700594B9A493C8F7F6324E675FB938D
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_dTbSFTo&aff_trace_key=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo&terminal_id=ef616e1c35d843d8838c701454141d42
Frame ID: 8B1AB8730F07FE9F057E044F8D490D1E
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 254C8DE21C1AE6F6544AA060BA11D092
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: 09ED1056FCA571A78984E99908A748BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

61
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

11
IPs

4
Countries

596 kB
Transfer

1229 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=
Title: Uptolike

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=ru

Search URL Search Domain Scan URL

URL: https://promopult.ru/ref/9c0d1fe44f8f79c7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://counter.yadro.ru/hit?t44.17;r;s1600*1200*24;uhttps%3A//activations-windows.ru/;0.6355246278605748 HTTP 302
https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//activations-windows.ru/;0.6355246278605748

Request Chain 51

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Factivations-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600208521167%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916002203%3Aet%3A1600208523%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A493402609766%3Arqn%3A1%3Arn%3A126937234%3Ahid%3A780186773%3Ads%3A135%2C186%2C179%2C1%2C0%2C0%2C0%2C343%2C36%2C%2C%2C%2C847%3Afp%3A793%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600208523%3Au%3A160020852348348637%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows HTTP 302
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Factivations-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600208521167%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916002203%3Aet%3A1600208523%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A493402609766%3Arqn%3A1%3Arn%3A126937234%3Ahid%3A780186773%3Ads%3A135%2C186%2C179%2C1%2C0%2C0%2C0%2C343%2C36%2C%2C%2C%2C847%3Afp%3A793%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600208523%3Au%3A160020852348348637%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows

Request Chain 53

https://s.click.aliexpress.com/e/_dTbSFTo HTTP 302
https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_dTbSFTo&aff_trace_key=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo&terminal_id=ef616e1c35d843d8838c701454141d42

Request Chain 59

https://counter.yadro.ru/id127/reff-id.gif?sid=76a5a60967124310a6fc1505d52fa50a HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=76a5a60967124310a6fc1505d52fa50a

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
activations-windows.ru/ 26 KB
7 KB 501ms
178ms Document
text/html 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 58605e1d9cee8659f8891d0e6c24b1f6cbd8a546d16e8b58c7cf84628576f32b

Request headers

:method: GET
:authority: activations-windows.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 15 Sep 2020 22:22:01 GMT
content-type: text/html; charset=UTF-8
content-length: 7209
server: Jino.ru/mod_pizza
x-pingback: https://activations-windows.ru/xmlrpc.php
link: <https://activations-windows.ru/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 style.css
activations-windows.ru/wp-content/themes/windows24/ 51 KB
8 KB 100ms
97ms Stylesheet
text/css 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: fa0dd8e63481566c03225ec189b90855e0c28d8127e1a4c6bf5a046842c13453

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:41 GMT
server: Jino.ru/mod_pizza
etag: "72cdc0-cc1e-5aa974d8e1785"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 8177

GET
H2 200 polls-css.css
activations-windows.ru/wp-content/plugins/wp-polls/ 3 KB
920 B 100ms
98ms Stylesheet
text/css 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/wp-polls/polls-css.css?ver=2.69
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:24 GMT
server: Jino.ru/mod_pizza
etag: "72ccf0-a94-5aa974c91c139"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 723

GET
H2 200 frontend.css
activations-windows.ru/wp-content/plugins/download-monitor/assets/css/ 5 KB
1 KB 101ms
99ms Stylesheet
text/css 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 425a00fc56a9a37e7bc309b400db941ca9bd5506dd560ad3c846c7f6913d7677

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:22:52 GMT
server: Jino.ru/mod_pizza
etag: "72d079-13e2-5aa9751cd797b"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1173

GET
H2 200 jquery.fancybox-1.3.7.min.css
activations-windows.ru/wp-content/plugins/easy-fancybox/fancybox/ 5 KB
1 KB 101ms
100ms Stylesheet
text/css 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: b88d748af9fa6508e5c8a0b2de25d831e2fa8c653204f6b0c80a93fb345e20ef

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:53 GMT
server: Jino.ru/mod_pizza
etag: "72ce54-122e-5aa974e45041d"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1143

GET
H2 200 style.responsive.css
activations-windows.ru/wp-content/themes/windows24/ 4 KB
1 KB 103ms
101ms Stylesheet
text/css 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/themes/windows24/style.responsive.css?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: aef8e7fe84d1dc4316cb2359c47c3a81053a22b996ea999f482f5595a5ba38cf

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:41 GMT
server: Jino.ru/mod_pizza
etag: "72cdc2-10a0-5aa974d8cfa5d"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1000

GET
H2 200 jquery.js Show response
activations-windows.ru/wp-content/themes/windows24/ 90 KB
32 KB 169ms
167ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/themes/windows24/jquery.js?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:40 GMT
server: Jino.ru/mod_pizza
etag: "72cdb0-169d5-5aa974d81ea4e"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 32775

GET
H2 200 jquery-migrate-1.1.1.js Show response
activations-windows.ru/wp-content/themes/windows24/ 16 KB
6 KB 184ms
182ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/themes/windows24/jquery-migrate-1.1.1.js?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: fd23ab8ce969cdbc761e041f63d763e11a5864a5428e61d006042f5a49464334

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:40 GMT
server: Jino.ru/mod_pizza
etag: "72cdad-3f32-5aa974d7f8504"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 5630

GET
H2 200 script.js Show response
activations-windows.ru/wp-content/themes/windows24/ 35 KB
8 KB 230ms
229ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/themes/windows24/script.js?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 3e025bc89d981eeffe13ae90cbae0d97c42ae415640ca5fd40f0bf58742f3e51

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:40 GMT
server: Jino.ru/mod_pizza
etag: "72cdb3-8dc6-5aa974d848647"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 8475

GET
H2 200 script.responsive.js Show response
activations-windows.ru/wp-content/themes/windows24/ 15 KB
3 KB 231ms
230ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/themes/windows24/script.responsive.js?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: bfd19de136ce5da2fd0fa7be611061cf47ba204a78e90492cc7e087b52459600

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:40 GMT
server: Jino.ru/mod_pizza
etag: "72cdb6-3c74-5aa974d84ad57"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2806

GET
H2 200 Download-knopka8877.gif
activations-windows.ru/wp-content/plugins/download-monitor/templates/ 9 KB
9 KB 99ms
96ms Image
image/gif 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/plugins/download-monitor/templates/Download-knopka8877.gif
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 3a78b8df2d78dcc04c3af77920de5558054e35856dc6ec8aa36d11ea73109f7a

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:21:51 GMT
server: Jino.ru/mod_pizza
etag: "72ce3e-22c9-5aa974e280dfa"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 8905

GET
H2 200 reloader1-214x200.jpg
activations-windows.ru/wp-content/uploads/2016/03/ 13 KB
13 KB 101ms
99ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/uploads/2016/03/reloader1-214x200.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 9ed7f591dd151baa3b4831fde7cd303b4be8754a0deb9209a487a60c25d3e47a

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:47 GMT
server: Jino.ru/mod_pizza
etag: "72d053-3335-5aa97517ec4d7"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 13109

GET
H2 200 reloader2-300x137.jpg
activations-windows.ru/wp-content/uploads/2016/03/ 11 KB
11 KB 101ms
99ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/uploads/2016/03/reloader2-300x137.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 9b4dfdd3624776919e3a3bb3f8c8248f98e520f42cacfb817a71d5780820ab72

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:48 GMT
server: Jino.ru/mod_pizza
etag: "72d05b-2c88-5aa9751892136"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 11400

GET
H2 200 reloader.png
activations-windows.ru/wp-content/uploads/2015/07/ 19 KB
19 KB 101ms
99ms Image
image/png 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/uploads/2015/07/reloader.png
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 2c319808f1b6e71fd0234fff4b67401a4b87fa46acbde51d5669d91447a885d6

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:38 GMT
server: Jino.ru/mod_pizza
etag: "72d009-4c6f-5aa9750f0bd1b"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 19567

GET
H2 200 mstoolkit1.jpg
activations-windows.ru/wp-content/uploads/2015/07/ 25 KB
25 KB 101ms
100ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/uploads/2015/07/mstoolkit1.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 39bbe5203a96a2cd3d0f355e86c51e9be150398b05e2faad5377c4f211a44ef3

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:37 GMT
server: Jino.ru/mod_pizza
etag: "72d000-63a8-5aa9750e94ebe"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 25512

GET
H2 200 mstoolkit2.jpg
activations-windows.ru/wp-content/uploads/2015/07/ 32 KB
32 KB 163ms
162ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/uploads/2015/07/mstoolkit2.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: de45c65312d8ff11be65dead0da5fe96c150a3a0e125c5455e86b813f4b5a4a3

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:38 GMT
server: Jino.ru/mod_pizza
etag: "72d004-7e8e-5aa9750ed7d10"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 32398

GET
H2 200 mstoolkit3.jpg
activations-windows.ru/wp-content/uploads/2015/07/ 43 KB
43 KB 167ms
165ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/uploads/2015/07/mstoolkit3.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 2552259fb77cf7805b8c5396e58de7f315871fedb7c9d75de89a8364a9598c5e

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:38 GMT
server: Jino.ru/mod_pizza
etag: "72d006-aaf2-5aa9750f08a52"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 43762

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: activations-windows.ru
URL: https://activations-windows.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-48kFrp09mP42mPZRaNjcYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9d5cd1be658ea5e8c43387860482a354"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-48kFrp09mP42mPZRaNjcYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 15 Sep 2020 22:22:01 GMT

GET
H2 200 loading.gif
activations-windows.ru/wp-content/plugins/wp-polls/images/ 771 B
934 B 166ms
164ms Image
image/gif 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/plugins/wp-polls/images/loading.gif
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:11 GMT
server: Jino.ru/mod_pizza
etag: "72cf0b-303-5aa974f53119d"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 771

GET
H2 200 comment-reply.min.js Show response
activations-windows.ru/wp-includes/js/ 757 B
613 B 93ms
92ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-includes/js/comment-reply.min.js?ver=4.2.28
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:23:50 GMT
server: Jino.ru/mod_pizza
etag: "72d258-2f5-5aa97553b3307"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 406

GET
H2 200 polls-js.js Show response
activations-windows.ru/wp-content/plugins/wp-polls/ 3 KB
907 B 95ms
92ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/wp-polls/polls-js.js?ver=2.69
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:25 GMT
server: Jino.ru/mod_pizza
etag: "72ccf9-bb2-5aa974c97bc7d"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 700

GET
H2 200 jquery.fancybox-1.3.7.min.js Show response
activations-windows.ru/wp-content/plugins/easy-fancybox/fancybox/ 15 KB
5 KB 96ms
94ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.js?ver=1.5.7
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: d51c8fcb06d5172afd5862af631b29bee084df4340f88ecf29f6ab9aa4c5a7f4

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:53 GMT
server: Jino.ru/mod_pizza
etag: "72ce55-3d55-5aa974e462cfd"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 5400

GET
H2 200 jquery.easing.pack.js Show response
activations-windows.ru/wp-content/plugins/easy-fancybox/ 4 KB
1 KB 95ms
93ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/easy-fancybox/jquery.easing.pack.js?ver=1.3
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: dddf0e4a3bc4994e192c900bd37d74d19960b2bb73825e54c6d4c97f9ff3f078

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:17 GMT
server: Jino.ru/mod_pizza
etag: "72cc94-e41-5aa974c196853"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1013

GET
H2 200 jquery.mousewheel.min.js Show response
activations-windows.ru/wp-content/plugins/easy-fancybox/ 3 KB
1 KB 97ms
94ms Script
application/javascript 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activations-windows.ru/wp-content/plugins/easy-fancybox/jquery.mousewheel.min.js?ver=3.1.12
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 23:21:17 GMT
server: Jino.ru/mod_pizza
etag: "72cca0-ad9-5aa974c196c3b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1254

GET
H2 200 windows-blue-background.jpg
activations-windows.ru/ 116 KB
116 KB 166ms
165ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/windows-blue-background.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 64da364a0a1290689aa2709e1d8c10aff6f72d8d172a5d8016c43a4c0f256252

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:20:35 GMT
server: Jino.ru/mod_pizza
etag: "72ca8b-1d01a-5aa97499cf11c"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 118810

GET
H2 200 header.jpg
activations-windows.ru/wp-content/themes/windows24/images/ 2 KB
2 KB 166ms
165ms Image
image/jpeg 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/themes/windows24/images/header.jpg
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: f384514e16366260e30c35e5440a37191fa1f5d1361f858de67c62cb92bab88d

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:28 GMT
server: Jino.ru/mod_pizza
etag: "72cfb6-63e-5aa97505b8581"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 1598

GET
H2 200 searchicon.png
activations-windows.ru/wp-content/themes/windows24/images/ 368 B
531 B 164ms
163ms Image
image/png 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/themes/windows24/images/searchicon.png
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 54e23835247d73e43e94217012271fbc1167ca100db024cebac3f0a57322abe2

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:28 GMT
server: Jino.ru/mod_pizza
etag: "72cfbf-170-5aa975062867e"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 368

GET
H2 200 vmenublockheadericon.png
activations-windows.ru/wp-content/themes/windows24/images/ 518 B
681 B 164ms
164ms Image
image/png 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/themes/windows24/images/vmenublockheadericon.png
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 43d3dc8908f00cd7cc6bb65903e7dcfefaa402b194aa35b1e1c2e821f555af4b

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:29 GMT
server: Jino.ru/mod_pizza
etag: "72cfc5-206-5aa975066f739"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 518

GET
H2 200 vmenuitemicon.png
activations-windows.ru/wp-content/themes/windows24/images/ 164 B
326 B 164ms
164ms Image
image/png 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/themes/windows24/images/vmenuitemicon.png
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 8acb1b8c8aefd8b0917d652635404c4b3905868490616c058f2976421bf85d6a

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:29 GMT
server: Jino.ru/mod_pizza
etag: "72cfc7-a4-5aa9750674559"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 164

GET
H2 200 postbullets.png
activations-windows.ru/wp-content/themes/windows24/images/ 242 B
404 B 165ms
165ms Image
image/png 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/themes/windows24/images/postbullets.png
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 216a22d88056e1fec47aa1a61ebd3059a0e54684943ee6ed1544655a78244fa3

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:01 GMT
last-modified: Thu, 16 Jul 2020 23:22:28 GMT
server: Jino.ru/mod_pizza
etag: "72cfb9-f2-5aa97505e5c13"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 242

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 286ms
97ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Tue, 15 Sep 2020 22:52:02 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 140 KB
49 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 133698
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50000
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:13:43 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.17;r;s1600*1200*24;uhttps%3A//activations-windows.ru/;0.6355246278605748
https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//activations-windows.ru/;0.6355246278605748

132 B
586 B

101ms
101ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//activations-windows.ru/;0.6355246278605748

Requested by

Host: activations-windows.ru
URL: https://activations-windows.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

28189aac6589c2ef067cb62642a1f56778434bbb67a33c797b0267a905b40869

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 22:22:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Mon, 16 Sep 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 22:22:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//activations-windows.ru/;0.6355246278605748
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 16 Sep 2019 21:00:00 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
339 B 138ms
49ms Image
image/gif 2a00:1450:4003:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_global&action=global&it=blt.1,psi.0&srt=501&e=abc_l0,abc_m0,abc_u0&rt=
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 22:22:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
53 B 139ms
50ms Image
image/gif 2a00:1450:4003:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_module&action=plusone&it=mli.17,mei.12&e=abc_l0,abc_m0,abc_pplusone,abc_u0&rt=
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 22:22:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blockheadericon.png
activations-windows.ru/wp-content/themes/windows24/images/ 518 B
680 B 142ms
141ms Image
image/png 81.177.135.182
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activations-windows.ru/wp-content/themes/windows24/images/blockheadericon.png
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/wp-content/themes/windows24/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.182 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 43d3dc8908f00cd7cc6bb65903e7dcfefaa402b194aa35b1e1c2e821f555af4b

Request headers

Referer: https://activations-windows.ru/wp-content/themes/windows24/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:02 GMT
last-modified: Thu, 16 Jul 2020 23:22:28 GMT
server: Jino.ru/mod_pizza
etag: "72cfb3-206-5aa97505a1e20"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 518

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=comments/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=comments/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc2adc907a546740b187952cd831a89ad0aa33aff42acf1d462fa1b3e6882af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 15114
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5837
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:10:08 GMT

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=comments,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 85 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=comments,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0d9f34bdb1eb24cd939e164cb4aa440943a5b699c60ad3fa419a36bf65994d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 22:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 86522
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29963
x-xss-protection: 0
expires: Tue, 14 Sep 2021 22:20:00 GMT

GET
H3-Q050 404 comments
apis.google.com/_/widget/render/ Frame 1A58 0
0 24ms
22ms Document
text/html 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Factivations-windows.ru%2F&width=580&first_party_property=BLOGGER&view_type=FILTERED_POSTMOD&origin=https%3A%2F%2Factivations-windows.ru&search=&hash=&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YjJXC9RMDLrttom+4KZg4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /_/widget/render/comments?usegapi=1&href=https%3A%2F%2Factivations-windows.ru%2F&width=580&first_party_property=BLOGGER&view_type=FILTERED_POSTMOD&origin=https%3A%2F%2Factivations-windows.ru&search=&hash=&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activations-windows.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=0PoGbaDoAV1lBGhe5CW3X4CpdZ1TJq5d-ffvrVVXMvet4pnc2uKPSUz8usld9lVyyJNFUBQmzmyclJwGl0CT73Ho7LNsfY-Cbs9_K-CJbk5H1GTD9ND3Pwa6kQgS-HqYdp46JFqb3r5XRpSO1eKaeZUokGeQE3-MXmurK_vsPV8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Sep 2020 22:22:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-YjJXC9RMDLrttom+4KZg4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 csi
csi.gstatic.com/ 0
53 B 74ms
50ms Image
image/gif 2a00:1450:4003:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_global&action=global&it=psi.1&e=abc_l0,abc_m0,abc_u0&rt=
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 22:22:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
53 B 74ms
51ms Image
image/gif 2a00:1450:4003:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_module&action=comments___plusone&it=mli.19,mei.1&e=abc_l0,abc_m0,abc_pcomments___plusone,abc_u0&rt=
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 22:22:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 0A97 0
0 67ms
40ms Document
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Factivations-windows.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=comments,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lPBc2qXG+sWqqw8y6JvaQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Factivations-windows.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activations-windows.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=0PoGbaDoAV1lBGhe5CW3X4CpdZ1TJq5d-ffvrVVXMvet4pnc2uKPSUz8usld9lVyyJNFUBQmzmyclJwGl0CT73Ho7LNsfY-Cbs9_K-CJbk5H1GTD9ND3Pwa6kQgS-HqYdp46JFqb3r5XRpSO1eKaeZUokGeQE3-MXmurK_vsPV8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Sep 2020 22:22:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-lPBc2qXG+sWqqw8y6JvaQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 csi
csi.gstatic.com/ 0
44 B 54ms
52ms Image
image/gif 2a00:1450:4003:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_module&action=auth___comments__plusone&it=mli.20,mei.6&e=abc_l0,abc_m0,abc_pauth___comments__plusone,abc_u0&rt=
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 22:22:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 95ms
94ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1600208522231782
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6a5a08fca96fa8335a60a1787ac8bd2f8fa2af88e24d3546e957d3b7deae8375

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 10 Sep 2020 15:05:40 GMT

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 172 KB
42 KB 107ms
107ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=30f04ab437e108b3063a546e9a622e97
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 15 Sep 2020 22:52:02 GMT

GET
H/1.1 200
OK share-counter.html
w.uptolike.com/widgets/v1/ Frame 93A5 0
0 94ms
94ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?30f04ab437e108b3063a546e9a622e97
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=30f04ab437e108b3063a546e9a622e97
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://activations-windows.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: utl_id2=17653537099; utl_dat="CMmX8Z7JLhAAIMnou6fJLijJ6LunyS4wAJhQakoJcWwLsMkqYM29zqY="
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

Server: nginx
Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 15 Sep 2020 22:52:02 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK impression.html
w.uptolike.com/widgets/v1/ Frame 5700 0
0 188ms
93ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?30f04ab437e108b3063a546e9a622e97
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=30f04ab437e108b3063a546e9a622e97
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://activations-windows.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: utl_id2=17653537099; utl_dat="CMmX8Z7JLhAAIMnou6fJLijJ6LunyS4wAJhQakoJcWwLsMkqYM29zqY="
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

Server: nginx
Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 15 Sep 2020 22:52:02 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 269ms
90ms Font
application/font-woff 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: activations-windows.ru
URL: https://activations-windows.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Origin: https://activations-windows.ru
Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 22:22:02 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Tue, 15 Sep 2020 22:29:05 GMT

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 91ms
91ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.858937634762716
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=30f04ab437e108b3063a546e9a622e97
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6718369e603107c60bbcffe3bcae1e32eb955a0e6c62eec1e07e6df216272434

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 10 Sep 2020 15:05:40 GMT

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 141 KB
42 KB 174ms
86ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=30f04ab437e108b3063a546e9a622e97

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

ab5281d1a6c8fcab92f44b16f8478ae9435805a7795cb0f72d41fb19d86533c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 22:22:02 GMT
Content-Encoding: br
Last-Modified: Tue, 15 Sep 2020 12:41:01 GMT
Server: nginx/1.14.2
ETag: "5f5a2dab-a6d2"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 42706
Expires: Tue, 15 Sep 2020 23:22:02 GMT

GET
H2 200 checking.js Show response
sonar.semantiqo.com/c82up/ 21 KB
21 KB 166ms
55ms Script
application/javascript 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/c82up/checking.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.858937634762716

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

1a8f940eb4daad51ed3d1d9a1ba98b6ff0376e3027b8b0afebfbc1b83da604eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:03 GMT
mode: no-cors
last-modified: Tue, 15 Sep 2020 09:13:06 GMT
server: nginx/1.16.1
status: 200
etag: "5f6085a2-5332"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 21298

GET
H/1.1 200
OK / Show response
utl-utils.ru/check/ 26 KB
10 KB 307ms
128ms Script
application/javascript 78.24.221.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://utl-utils.ru/check/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.858937634762716

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

78.24.221.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta15.ru

Software

nginx/1.13.12 /

Resource Hash

4adf03e32d944482243526526c43ed398ee545597af0b24e2c03c45c58ff3fe4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 22:22:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tuesday, 15-Sep-2020 22:22:03 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/23414332/
Redirect Chain

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Factivations-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600208521167%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21...
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Factivations-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600208521167%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A...

167 B
725 B

87ms
43ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Factivations-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600208521167%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916002203%3Aet%3A1600208523%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A493402609766%3Arqn%3A1%3Arn%3A126937234%3Ahid%3A780186773%3Ads%3A135%2C186%2C179%2C1%2C0%2C0%2C0%2C343%2C36%2C%2C%2C%2C847%3Afp%3A793%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600208523%3Au%3A160020852348348637%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows

Requested by

Host: activations-windows.ru
URL: https://activations-windows.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

42904a6637b41214b559d6ad0c1d9222948095eeeb321b25664608ebabf8ab23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 22:22:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15-Sep-2020 22:22:03 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://activations-windows.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Expires: Tue, 15-Sep-2020 22:22:03 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 22:22:03 GMT
Last-Modified: Tue, 15-Sep-2020 22:22:03 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://activations-windows.ru
Strict-Transport-Security: max-age=31536000
Location: /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Factivations-windows.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600208521167%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916002203%3Aet%3A1600208523%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A493402609766%3Arqn%3A1%3Arn%3A126937234%3Ahid%3A780186773%3Ads%3A135%2C186%2C179%2C1%2C0%2C0%2C0%2C343%2C36%2C%2C%2C%2C847%3Afp%3A793%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600208523%3Au%3A160020852348348637%3At%3A%D0%90%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B0%D1%82%D0%BE%D1%80%D1%8B%20Windows
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 15-Sep-2020 22:22:03 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 83ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: activations-windows.ru
URL: https://activations-windows.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 22:22:03 GMT
Last-Modified: Mon, 06 Jul 2020 15:32:05 GMT
Server: nginx/1.14.2
ETag: "5f0343f5-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 15 Sep 2020 23:22:03 GMT

GET
H2

200

ru.htm
best.aliexpress.com/ Frame 8B1A
Redirect Chain

https://s.click.aliexpress.com/e/_dTbSFTo
https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_dTbSFTo&aff_trace_key=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo&terminal_id=ef616e1c35d843d8838c701454141d42

0
0

522ms
519ms

Document
text/html

104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_dTbSFTo&aff_trace_key=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo&terminal_id=ef616e1c35d843d8838c701454141d42

Requested by

Host: utl-utils.ru
URL: https://utl-utils.ru/check/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: best.aliexpress.com
:scheme: https
:path: /ru.htm?aff_platform=portals-promotion&sk=_dTbSFTo&aff_trace_key=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo&terminal_id=ef616e1c35d843d8838c701454141d42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activations-windows.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo%22%2C%22affiliateKey%22%3A%22_dTbSFTo%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222579245253%22%2C%22tagtime%22%3A1600208523493%7D&acs_rt=ef616e1c35d843d8838c701454141d42; acs_usuc_t=x_csrf=fdzocqpdj3ov&acs_rt=ef616e1c35d843d8838c701454141d42; aeu_cid=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo; xman_t=n0fHCs/5LTJIFwqk742hB4TzTkt9fJHikHDKhWo15H+HncmO15+PDgfYl2MybAzC; xman_f=fXofpQV4AVkVoyodwHr1at3oGWD/despTaTQJhDl76V+HMbZpWqa6r9WFYKKcZ+EGtF5h0HdsTT/oygkXyxx4hcHviFeJrhZsMj87wL1Dk24ysbneBV9bg==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

status: 200
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-traffic-affiliateweb-f:prod,de:7001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-language: ru-RU
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0b0a0ae216002085235653366e31e4
timing-allow-origin: *
content-length: 16296
date: Tue, 15 Sep 2020 22:22:04 GMT
set-cookie: ali_apache_id=11.10.10.226.1600208523565.534841.6; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_locale=ru_RU&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo%22%2C%22affiliateKey%22%3A%22_dTbSFTo%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222579245253%22%2C%22tagtime%22%3A1600208523493%7D&acs_rt=ef616e1c35d843d8838c701454141d42; Domain=.aliexpress.com; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Path=/; Secure; SameSite=None intl_locale=ru_RU; Domain=.aliexpress.com; Path=/ aep_usuc_f=site=rus&c_tp=USD&region=US&b_locale=en_US; Domain=.aliexpress.com; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Path=/; Secure; SameSite=None intl_common_forever=fTL/48BWsVEyTJG2qdnnJOaAV8XPiVYXiAN5wnAS2ErfIx7ieau3Pg==; Domain=.aliexpress.com; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Path=/; HttpOnly e_id=pt90; Expires=Fri, 13 Sep 2030 22:22:03 GMT; Path=/; Domain=.aliexpress.com

Redirect headers

status: 302
content-length: 0
x-application-context: global-traffic-holmes-f:production:7001
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
location: https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_dTbSFTo&aff_trace_key=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo&terminal_id=ef616e1c35d843d8838c701454141d42
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 0b0a0ae216002085234898994e324b
timing-allow-origin: *
date: Tue, 15 Sep 2020 22:22:03 GMT
set-cookie: ali_apache_id=11.10.10.226.1600208523489.182460.3; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo%22%2C%22affiliateKey%22%3A%22_dTbSFTo%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222579245253%22%2C%22tagtime%22%3A1600208523493%7D&acs_rt=ef616e1c35d843d8838c701454141d42; Domain=.aliexpress.com; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=fdzocqpdj3ov&acs_rt=ef616e1c35d843d8838c701454141d42; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=fd8263f5eb5d41e28d8ee0e56ea733f9-1600208523493-04131-_dTbSFTo; Domain=.aliexpress.com; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Path=/; Secure; SameSite=None xman_t=n0fHCs/5LTJIFwqk742hB4TzTkt9fJHikHDKhWo15H+HncmO15+PDgfYl2MybAzC; Domain=.aliexpress.com; Expires=Mon, 14-Dec-2020 22:22:03 GMT; Path=/; Secure; SameSite=None; HttpOnly xman_f=fXofpQV4AVkVoyodwHr1at3oGWD/despTaTQJhDl76V+HMbZpWqa6r9WFYKKcZ+EGtF5h0HdsTT/oygkXyxx4hcHviFeJrhZsMj87wL1Dk24ysbneBV9bg==; Domain=.aliexpress.com; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D; Max-Age=2147483647; Expires=Mon, 04-Oct-2088 01:36:10 GMT; Domain=aliexpress.com; Path=/
x-akamai-fwd-auth-sha: 3532EDAE8956FFFE62631D468DD970D292CA0A48D96D1DBC8E32115B24F02C8A
x-akamai-fwd-auth-data: 390363446, 2.16.187.22, 1600208523, 194.99.105.99
x-akamai-fwd-auth-sign: 0yBIBA82CxJ/Ec5NZ7ogGB6SE2a9lMwpY4y14tQyXn9qE3vHUU9oy2rDVtPOUh9ZqR7rMkqndT6GAtkld1I1nYCPajRt/DYeBe9G683z9Ks=

GET
H/1.1 200
OK support.html
w.uptolike.com/widgets/v1/zp/ Frame 254C 0
0 91ms
90ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=30f04ab437e108b3063a546e9a622e97
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://activations-windows.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: utl_id2=17653537099; utl_dat="CMmX8Z7JLhAAIMnou6fJLijJ6LunyS4wAJhQakoJcWwLsMkqYM29zqY="
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

Server: nginx
Date: Tue, 15 Sep 2020 22:22:03 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 15 Sep 2020 22:52:03 GMT
Content-Encoding: gzip

GET
H2 200 /
sonar.semantiqo.com/i/ Frame 09ED 0
0 55ms
54ms Document
text/html 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/i/

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: sonar.semantiqo.com
:scheme: https
:path: /i/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activations-windows.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://activations-windows.ru/

Response headers

status: 200
server: nginx/1.16.1
date: Tue, 15 Sep 2020 22:22:04 GMT
content-type: text/html
last-modified: Tue, 15 Sep 2020 09:13:06 GMT
etag: W/"5f6085a2-a6"
content-encoding: gzip
strict-transport-security: max-age=15768000
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache

GET
H2 200 sls_new.php Show response
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 3 B
382 B 360ms
263ms Script
application/javascript 5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 15 Sep 2020 22:22:05 GMT
mode: no-cors
server: nginx/1.16.1
access-control-allow-origin: *
strict-transport-security: max-age=15768000
content-type: application/javascript

GET
H2 200 ces.php Show response
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 0
161 B 144ms
47ms Script
application/javascript 5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=76a5a60967124310a6fc1505d52fa50a

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:05 GMT
mode: no-cors
referrer-policy: no-referrer
server: nginx/1.16.1
status: 200
strict-transport-security: max-age=15768000
content-type: application/javascript
access-control-allow-origin: *

POST
H2 200 analize.js
sonar.semantiqo.com/c82up/ 0
0 147ms
52ms Fetch
text/html 148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/c82up/analize.js

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://activations-windows.ru/no-referrer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Sep 2020 22:22:05 GMT
content-encoding: gzip
status: 200
server: nginx/1.16.1
mode: no-cors
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/
Redirect Chain

https://counter.yadro.ru/id127/reff-id.gif?sid=76a5a60967124310a6fc1505d52fa50a
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=76a5a60967124310a6fc1505d52fa50a

0
387 B

55ms
55ms

Image
text/html

148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=76a5a60967124310a6fc1505d52fa50a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.166.41.251.148.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://activations-windows.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 22:22:05 GMT
content-encoding: gzip
status: 200
server: nginx/1.16.1
mode: no-cors
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=76a5a60967124310a6fc1505d52fa50a
Date: Tue, 15 Sep 2020 22:22:04 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.w.uptolike.com/	1970-01-20 06:01:20	Name: utl_dat Value: "CMmX8Z7JLhAAIMnou6fJLijJ6LunyS4wAJhQakoJcWwLsMkqYM29zqY="
.w.uptolike.com/	1970-01-20 06:01:20	Name: utl_id2 Value: 17653537099
.google.com/	1970-01-19 16:53:39	Name: NID Value: 204=0PoGbaDoAV1lBGhe5CW3X4CpdZ1TJq5d-ffvrVVXMvet4pnc2uKPSUz8usld9lVyyJNFUBQmzmyclJwGl0CT73Ho7LNsfY-Cbs9_K-CJbk5H1GTD9ND3Pwa6kQgS-HqYdp46JFqb3r5XRpSO1eKaeZUokGeQE3-MXmurK_vsPV8
.activations-windows.ru/	1970-01-19 12:31:20	Name: _ym_isad Value: 2
.activations-windows.ru/	1970-01-19 21:15:44	Name: _ym_d Value: 1600208523
.activations-windows.ru/	1970-01-19 21:15:44	Name: _ym_uid Value: 160020852348348637

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://activations-windows.ru/wp-content/themes/windows24/jquery-migrate-1.1.1.js?ver=4.2.28(Line 21) Message: JQMIGRATE: Logging is active
console-api	warning	URL: https://activations-windows.ru/wp-content/themes/windows24/jquery-migrate-1.1.1.js?ver=4.2.28(Line 40) Message: JQMIGRATE: jQuery is not compatible with Quirks Mode
console-api	log	URL: https://activations-windows.ru/wp-content/themes/windows24/jquery-migrate-1.1.1.js?ver=4.2.28(Line 42) Message: console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
activations-windows.ru
apis.google.com
best.aliexpress.com
cdn3.caltat.com
counter.yadro.ru
csi.gstatic.com
mc.yandex.ru
s.click.aliexpress.com
sonar.semantiqo.com
utl-utils.ru
w.uptolike.com
104.111.216.213
148.251.41.166
2a00:1450:4001:802::200d
2a00:1450:4001:816::200e
2a00:1450:4003:809::2003
2a02:6b8::1:119
5.9.154.76
78.24.221.88
81.177.135.182
88.212.201.216
95.163.114.204
1a8f940eb4daad51ed3d1d9a1ba98b6ff0376e3027b8b0afebfbc1b83da604eb
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
216a22d88056e1fec47aa1a61ebd3059a0e54684943ee6ed1544655a78244fa3
224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67
2552259fb77cf7805b8c5396e58de7f315871fedb7c9d75de89a8364a9598c5e
28189aac6589c2ef067cb62642a1f56778434bbb67a33c797b0267a905b40869
2c319808f1b6e71fd0234fff4b67401a4b87fa46acbde51d5669d91447a885d6
39bbe5203a96a2cd3d0f355e86c51e9be150398b05e2faad5377c4f211a44ef3
3a78b8df2d78dcc04c3af77920de5558054e35856dc6ec8aa36d11ea73109f7a
3e025bc89d981eeffe13ae90cbae0d97c42ae415640ca5fd40f0bf58742f3e51
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
425a00fc56a9a37e7bc309b400db941ca9bd5506dd560ad3c846c7f6913d7677
42904a6637b41214b559d6ad0c1d9222948095eeeb321b25664608ebabf8ab23
43d3dc8908f00cd7cc6bb65903e7dcfefaa402b194aa35b1e1c2e821f555af4b
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
4adf03e32d944482243526526c43ed398ee545597af0b24e2c03c45c58ff3fe4
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e23835247d73e43e94217012271fbc1167ca100db024cebac3f0a57322abe2
58605e1d9cee8659f8891d0e6c24b1f6cbd8a546d16e8b58c7cf84628576f32b
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
64da364a0a1290689aa2709e1d8c10aff6f72d8d172a5d8016c43a4c0f256252
6718369e603107c60bbcffe3bcae1e32eb955a0e6c62eec1e07e6df216272434
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6a5a08fca96fa8335a60a1787ac8bd2f8fa2af88e24d3546e957d3b7deae8375
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8acb1b8c8aefd8b0917d652635404c4b3905868490616c058f2976421bf85d6a
9b4dfdd3624776919e3a3bb3f8c8248f98e520f42cacfb817a71d5780820ab72
9ed7f591dd151baa3b4831fde7cd303b4be8754a0deb9209a487a60c25d3e47a
aa0d9f34bdb1eb24cd939e164cb4aa440943a5b699c60ad3fa419a36bf65994d
ab5281d1a6c8fcab92f44b16f8478ae9435805a7795cb0f72d41fb19d86533c2
aef8e7fe84d1dc4316cb2359c47c3a81053a22b996ea999f482f5595a5ba38cf
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b88d748af9fa6508e5c8a0b2de25d831e2fa8c653204f6b0c80a93fb345e20ef
bfd19de136ce5da2fd0fa7be611061cf47ba204a78e90492cc7e087b52459600
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
d51c8fcb06d5172afd5862af631b29bee084df4340f88ecf29f6ab9aa4c5a7f4
dddf0e4a3bc4994e192c900bd37d74d19960b2bb73825e54c6d4c97f9ff3f078
de45c65312d8ff11be65dead0da5fe96c150a3a0e125c5455e86b813f4b5a4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f384514e16366260e30c35e5440a37191fa1f5d1361f858de67c62cb92bab88d
fa0dd8e63481566c03225ec189b90855e0c28d8127e1a4c6bf5a046842c13453
fc2adc907a546740b187952cd831a89ad0aa33aff42acf1d462fa1b3e6882af1
fd23ab8ce969cdbc761e041f63d763e11a5864a5428e61d006042f5a49464334

activations-windows.ru Open in urlscan Pro 81.177.135.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

61 Requests

100 %HTTPS

36 %IPv6

10 Domains

12 Subdomains

11 IPs

4 Countries

596 kBTransfer

1229 kBSize

6 Cookies

4 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

activations-windows.ru Open in urlscan Pro
81.177.135.182 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

11
IPs

4
Countries

596 kB
Transfer

1229 kB
Size

6
Cookies

61 HTTP transactions
0 data transactions