activatewindows7.com Open in urlscan Pro
2606:4700:3035::6818:6c9c Public Scan

URL:
https://activatewindows7.com/
Submission: On May 15 via api (May 15th 2020, 2:47:17 am UTC) from US

Summary HTTP 83 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 25 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3035::6818:6c9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is activatewindows7.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 28th 2020. Valid for: 7 months.

This is the only time activatewindows7.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3035::6818:6c9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::681b:8850	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:207... 2600:9000:2070:e200:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:cf24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.183 54.36.109.183	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
83	26

22 2606:4700:3035::6818:6c9c (United States)

ASN13335 (CLOUDFLARENET, US)

activatewindows7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::681b:8850 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:e200:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Renswoude, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d0889ca6c9ac9a69e485d29cf1525a0a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cf24 (United States)

ASN13335 (CLOUDFLARENET, US)

jstag.interestinglinks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interestinglinks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.183 (Germany)

ASN16276 (OVH, FR)
PTR: p08.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.246 (Renswoude, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	activatewindows7.com activatewindows7.com	316 KB
11	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com stats.vlitag.com	193 KB
7	google-analytics.com www.google-analytics.com	55 KB
6	googlesyndication.com d0889ca6c9ac9a69e485d29cf1525a0a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	12 KB
5	e-planning.net 1 redirects ads.us.e-planning.net sync.e-planning.net u-ams02.e-planning.net	3 KB
5	gstatic.com fonts.gstatic.com	69 KB
3	interestinglinks.net jstag.interestinglinks.net interestinglinks.net	70 KB
3	googletagmanager.com www.googletagmanager.com	97 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	92 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	casalemedia.com 1 redirects ssum.casalemedia.com	761 B
2	criteo.net static.criteo.net	41 KB
2	connectad.io i.connectad.io cdn.connectad.io	709 B
2	doubleclick.net securepubads.g.doubleclick.net	90 KB
2	googletagservices.com www.googletagservices.com	42 KB
2	bidfilter.com cdn.bidfilter.com x.bidfilter.com	12 KB
1	1rx.io 1 redirects sync.1rx.io	326 B
1	contextweb.com 1 redirects bh.contextweb.com	480 B
1	zeotap.com spl.zeotap.com
1	id5-sync.com id5-sync.com	733 B
1	criteo.com bidder.criteo.com	150 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.com adservice.google.com	952 B
1	google.de adservice.google.de	952 B
1	consensu.org vendorlist.consensu.org	18 KB
83	25

	Domain	Requested by
22	activatewindows7.com	activatewindows7.com
7	www.google-analytics.com	activatewindows7.com www.googletagmanager.com
6	assets.vlitag.com	tag.vlitag.com activatewindows7.com
5	fonts.gstatic.com	activatewindows7.com
3	www.googletagmanager.com	tag.vlitag.com jstag.interestinglinks.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ap.lijit.com	2 redirects
2	sync.e-planning.net
2	ssum.casalemedia.com	1 redirects assets.vlitag.com
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	interestinglinks.net	jstag.interestinglinks.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.us.e-planning.net	1 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.googletagservices.com	tag.vlitag.com securepubads.g.doubleclick.net
2	tag.vlitag.com	services.vlitag.com tag.vlitag.com
2	fonts.googleapis.com	activatewindows7.com jstag.interestinglinks.net
1	sync.1rx.io	1 redirects
1	u-ams02.e-planning.net
1	bh.contextweb.com	1 redirects
1	spl.zeotap.com	assets.vlitag.com
1	cdn.connectad.io	assets.vlitag.com
1	id5-sync.com	assets.vlitag.com
1	jstag.interestinglinks.net	activatewindows7.com
1	stats.vlitag.com
1	d0889ca6c9ac9a69e485d29cf1525a0a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	assets.vlitag.com
1	i.connectad.io	assets.vlitag.com
1	logs.vlitag.com	activatewindows7.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	x.bidfilter.com	cdn.bidfilter.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	vendorlist.consensu.org	assets.vlitag.com
1	imasdk.googleapis.com	tag.vlitag.com
1	cdn.bidfilter.com	tag.vlitag.com
1	services.vlitag.com	activatewindows7.com
83	37

This site contains links to these domains. Also see Links.

Domain
templatelens.com
wordpress.org
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-28` - `2020-10-09`	7 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
connectad.io CloudFlare Inc ECC CA-2	`2019-07-18` - `2020-07-17`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
ads.us.e-planning.net Let's Encrypt Authority X3	`2020-03-30` - `2020-06-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.e-planning.net COMODO RSA Domain Validation Secure Server CA	`2018-02-16` - `2021-02-15`	3 years	crt.sh

This page contains 11 frames:

Primary Page: https://activatewindows7.com/
Frame ID: 99FAED51226B3072DD9296E6037D7970
Requests: 65 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3B6DA8EE0AE301CA0C8F7E2BAD2582C1
Requests: 1 HTTP requests in this frame

Frame: https://tag.vlitag.com/passbacktarget/1588932781/?t=iframe&pbID=7&d=5097&z=16225&divID=vi_509716225_711&w=300&h=250
Frame ID: 519715210BA0136FA7A59D278B2AECA6
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-20
Frame ID: B5CAE3D2CEA9A4F2541D31EFBBA3ACF2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 9DF732BC1E1114A2AB0367B844D4CB28
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-109910709-5
Frame ID: 0DE593D575E0921A6380B5F08BF60FA8
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Oswald:500,400
Frame ID: 78A1E1AF876BCBEEEFB91716E41B6B51
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-10
Frame ID: F750A4088B5AA99C2B3F2AF692894C26
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?us_privacy=1---&
Frame ID: 2AF6A564F0E9C2690208AF9831C03BE8
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: D18CED2C29685BACFBD76625D3A2B41D
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D&C=1
Frame ID: D71DD52987A82B97C5081D80B8D87D02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

83
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

37
Subdomains

26
IPs

6
Countries

1113 kB
Transfer

2806 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://templatelens.com/
Title: TemplateLens

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://valueimpression.com/privacy.html#cmpnoscreen
Title: Learn more

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=activatewindows7.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://ads.us.e-planning.net/hb/1/2c995/1/activatewindows7.com/ROS?rnd=0.8583121781342238&e=300x250_0:300x250,250x250,200x200,180x150&ur=https%3A%2F%2Factivatewindows7.com%2F&r=pbjs&pbv=3.20.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Factivatewindows7.com%2F&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/activatewindows7.com/ROS?ct=1&rnd=0.8583121781342238&e=300x250_0:300x250,250x250,200x200,180x150&ur=https%3A%2F%2Factivatewindows7.com%2F&r=pbjs&pbv=3.20.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Factivatewindows7.com%2F&gdpr=0&ccpa=1---

Request Chain 79

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D&C=1

Request Chain 80

https://bh.contextweb.com/bh/rtset?pid=560941&ev=1&rurl=https://sync.e-planning.net/um?uid=%%VGUID%%&dc=66b7ef4184d94c10&fi=3f9bfa3a9169c0d1 HTTP 302
https://sync.e-planning.net/um?uid=fpROOEdYuzBA&ev=1&fi=3f9bfa3a9169c0d1&pid=560941&dc=66b7ef4184d94c10

Request Chain 81

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D3f9bfa3a9169c0d1%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D3f9bfa3a9169c0d1%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=3f9bfa3a9169c0d1&uid=18027632d6e5ab86dca78299

Request Chain 82

https://sync.1rx.io/usersync2/eplanning HTTP 302
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
activatewindows7.com/ 45 KB
8 KB 450ms
400ms Document
text/html 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09901ea5038da2d7a124a97bb406217fb99d5dc77d3791a341fc65d4a75cccd

Request headers

:method: GET
:authority: activatewindows7.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 02:46:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2cc43ef0791effde5bff3e8eb9f2a7cc1589510810; expires=Sun, 14-Jun-20 02:46:50 GMT; path=/; domain=.activatewindows7.com; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 593987e5cb67dfd7-FRA
content-encoding: br
cf-request-id: 02b7d3439d0000dfd7d30ae200000001

GET
H2 200 / Show response
services.vlitag.com/adv1/ 314 B
798 B 160ms
124ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=6220cf0a8759e723ec69bae746090ce4

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3124fd3bd866b808bb0957bf523bc28470be78c9e76e2913da777234ada8aeb0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02b7d3455a0000c2f4c0130200000001
pragma: no-cache
last-modified: Thu, 14 May 2020 22:46:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 593987e89ce4c2f4-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dxepr.css
activatewindows7.com/wp-content/cache/wpfc-minified/13ixm3pq/ 15 KB
2 KB 15ms
10ms Stylesheet
text/css 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/cache/wpfc-minified/13ixm3pq/dxepr.css
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1823d7883c8fbb23030e8a3c41faf7a1c630f1e579529189a6a46103d24adac0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Mar 2020 04:21:07 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593987e85f46dfd7-FRA
cf-request-id: 02b7d3453b0000dfd7d30ca200000001

GET
H2 200 dxepr.css
activatewindows7.com/wp-content/cache/wpfc-minified/8hs96f9y/ 24 KB
2 KB 17ms
12ms Stylesheet
text/css 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/cache/wpfc-minified/8hs96f9y/dxepr.css
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cb7003b21d62e3fe2da970e8e80f4f71815b819c68e02e24b2e8102c4caf089

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Mar 2020 04:21:07 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593987e85f49dfd7-FRA
cf-request-id: 02b7d3453b0000dfd7d30cb200000001

GET
H2 200 dxepr.css
activatewindows7.com/wp-content/cache/wpfc-minified/35kykch/ 62 KB
11 KB 19ms
14ms Stylesheet
text/css 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/cache/wpfc-minified/35kykch/dxepr.css
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb67b9a2570a16396d13cdb99a3d2f723e2010452d71ae9394a25b07c95112f

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Mar 2020 04:21:07 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593987e85f4bdfd7-FRA
cf-request-id: 02b7d3453b0000dfd7d30cc200000001

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 22ms
18ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43a4c5b6b1f34f6aadb0ec198fb90e93d566883cd63ed19e7e546f79679913ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://activatewindows7.com/
Origin: https://activatewindows7.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 02:46:50 GMT
server: ESF
date: Fri, 15 May 2020 02:46:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 02:46:50 GMT

GET
H2 200 dxepr.css
activatewindows7.com/wp-content/cache/wpfc-minified/8tmlgmws/ 55 KB
9 KB 20ms
16ms Stylesheet
text/css 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/cache/wpfc-minified/8tmlgmws/dxepr.css
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f930e9c4ee316cfeaa2fc7d28c9aff2b242814a1b67f55c0372466306f93d1

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Mar 2020 04:21:07 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593987e86f4edfd7-FRA
cf-request-id: 02b7d3453c0000dfd7d30cd200000001

GET
H2 200 dxepr.css
activatewindows7.com/wp-content/cache/wpfc-minified/dr6b2k5i/ 2 KB
569 B 15ms
11ms Stylesheet
text/css 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/cache/wpfc-minified/dr6b2k5i/dxepr.css
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf17492bee535ea7a009282713746df89a50c35b2d9e9a51864b076d87397766

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Mar 2020 04:21:07 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593987e86f51dfd7-FRA
cf-request-id: 02b7d3453c0000dfd7d30ce200000001

GET
H2 200 jquery.js Show response
activatewindows7.com/wp-includes/js/jquery/ 95 KB
32 KB 22ms
19ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Feb 2020 14:41:51 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e86f53dfd7-FRA
cf-request-id: 02b7d3453c0000dfd7d30cf200000001

GET
H2 200 jquery-migrate.min.js Show response
activatewindows7.com/wp-includes/js/jquery/ 10 KB
4 KB 16ms
13ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e86f57dfd7-FRA
cf-request-id: 02b7d3453c0000dfd7d30d0200000001

GET
H2 200 front-end.js Show response
activatewindows7.com/wp-content/plugins/social-pug/assets/js/ 2 KB
729 B 18ms
15ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/plugins/social-pug/assets/js/front-end.js?ver=4.9.13
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52de1ee891d34f81d4e655a9d4b8eabc6678f58a2f817c123de0c66054e8c36b

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Oct 2018 08:59:32 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e86f59dfd7-FRA
cf-request-id: 02b7d3453c0000dfd7d30d1200000001

GET
H2 200 enquire.js Show response
activatewindows7.com/wp-content/themes/allium/js/ 10 KB
3 KB 13ms
11ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/themes/allium/js/enquire.js?ver=2.1.6
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9ffd212b49ebb3c4972bf0596b49e6e82d8df757a3a989d4cff99b20d64526

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 03:22:04 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fbbdfd7-FRA
cf-request-id: 02b7d345610000dfd7d30d3200000001

GET
H2 200 fitvids.js Show response
activatewindows7.com/wp-content/themes/allium/js/ 3 KB
1 KB 12ms
10ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/themes/allium/js/fitvids.js?ver=1.1
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 03:22:04 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fbddfd7-FRA
cf-request-id: 02b7d345610000dfd7d30d4200000001

GET
H2 200 hover-intent.js Show response
activatewindows7.com/wp-content/themes/allium/js/ 5 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/themes/allium/js/hover-intent.js?ver=r7
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6448707333e2cd315212bb14e3ec42b201f2a08cc7bf8aad63de93149dd86479

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 03:22:04 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fbfdfd7-FRA
cf-request-id: 02b7d345610000dfd7d30d5200000001

GET
H2 200 superfish.js Show response
activatewindows7.com/wp-content/themes/allium/js/ 7 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/themes/allium/js/superfish.js?ver=1.7.10
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c94aadfbe04dda0b0b5e2caa901efbab78ea6092ca3fa63d849c7e66688269f

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 03:22:04 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fc0dfd7-FRA
cf-request-id: 02b7d345610000dfd7d30d6200000001

GET
H2 200 custom.js Show response
activatewindows7.com/wp-content/themes/allium/js/ 5 KB
1 KB 14ms
12ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/themes/allium/js/custom.js?ver=1.0
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 526de1df499ec6af5ca31bddf53c5582c5b23dd9c77bf22e9d3c36ab3c4c2b35

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 03:22:04 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fc1dfd7-FRA
cf-request-id: 02b7d345620000dfd7d30d7200000001

GET
H2 200 post-ratings.js Show response
activatewindows7.com/wp-content/plugins/post-ratings/ 1 KB
610 B 14ms
13ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/plugins/post-ratings/post-ratings.js?ver=2.4
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0eb3c3711b93793d354526077b5d1977474aa190525ee940ed3ef49f1b2d37

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 17:04:44 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fc2dfd7-FRA
cf-request-id: 02b7d345620000dfd7d30d8200000001

GET
H2 200 bj-lazy-load.min.js Show response
activatewindows7.com/wp-content/plugins/bj-lazy-load/js/ 2 KB
698 B 14ms
13ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/plugins/bj-lazy-load/js/bj-lazy-load.min.js?ver=2
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 13:25:44 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fc3dfd7-FRA
cf-request-id: 02b7d345620000dfd7d30d9200000001

GET
H2 200 wp-embed.min.js Show response
activatewindows7.com/wp-includes/js/ 1 KB
719 B 12ms
11ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-includes/js/wp-embed.min.js?ver=4.9.13
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Feb 2020 14:41:51 GMT
server: cloudflare
age: 6997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e89fc4dfd7-FRA
cf-request-id: 02b7d345620000dfd7d30da200000001

GET
H2 200 / Show response
tag.vlitag.com/v3/1589450850/ 244 KB
57 KB 25ms
15ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=6220cf0a8759e723ec69bae746090ce4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c73620662b8f2efe47d0655168236d6f8f5ac19525fb3471bf951f95b497412

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 59932
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-sv: 1.210
cache-control: public, max-age=31536000, immutable
cf-request-id: 02b7d345ec0000c2f4c0132200000001
cf-ray: 593987e97e79c2f4-FRA

GET
H2 200 wp-emoji-release.min.js Show response
activatewindows7.com/wp-includes/js/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.13
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Feb 2020 14:41:51 GMT
server: cloudflare
age: 6998
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593987e9ea15dfd7-FRA
cf-request-id: 02b7d3462e0000dfd7d30e6200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6632
date: Fri, 15 May 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 02:56:19 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Origin: https://activatewindows7.com

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2603992
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v5/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Origin: https://activatewindows7.com

Response headers

date: Wed, 15 Apr 2020 02:32:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:39 GMT
server: sffe
age: 2592855
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11552
x-xss-protection: 0
expires: Thu, 15 Apr 2021 02:32:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Origin: https://activatewindows7.com

Response headers

date: Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2600677
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:22:14 GMT

GET
H2 200 fa-solid-900.woff2
activatewindows7.com/wp-content/themes/allium/webfonts/ 77 KB
77 KB 19ms
19ms Font
font/woff2 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewindows7.com/wp-content/themes/allium/webfonts/fa-solid-900.woff2
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://activatewindows7.com/wp-content/cache/wpfc-minified/35kykch/dxepr.css
Origin: https://activatewindows7.com

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 03:22:04 GMT
server: cloudflare
age: 5797
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593987ea1a6adfd7-FRA
content-length: 79100
cf-request-id: 02b7d3464b0000dfd7d30e8200000001

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
fonts.gstatic.com/s/nunitosans/v5/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v5/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Origin: https://activatewindows7.com

Response headers

date: Tue, 14 Apr 2020 19:35:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:56 GMT
server: sffe
age: 2617907
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11488
x-xss-protection: 0
expires: Wed, 14 Apr 2021 19:35:04 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=872135947&t=pageview&_s=1&dl=https%3A%2F%2Factivatewindows7.com%2F&ul=en-us&de=UTF-8&dt=Windows%20product%20key%20and%20MS%20product%20key&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=936792193&gjid=1831797201&cid=2091009574.1589510811&tid=UA-159409329-1&_gid=1255406182.1589510811&_r=1&z=1011650784

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 02:46:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp.min.css
assets.vlitag.com/plugins/cmpv3/static/delivery/ 14 KB
3 KB 20ms
12ms Stylesheet
text/css 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmpv3/static/delivery/cmp.min.css

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256418
cf-ray: 593987ead843c2f4-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jan 2020 16:49:30 GMT
server: cloudflare
etag: W/"5e1df11a-36a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=16070400
cf-request-id: 02b7d346c60000c2f4c0139200000001
x-robots-tag: noindex, nofollow
expires: Tue, 12 May 2020 04:03:13 GMT

GET
H2 200 cmp_en.js Show response
assets.vlitag.com/plugins/cmpv3/js/ 160 KB
31 KB 21ms
14ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmpv3/js/cmp_en.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256418
cf-polished: origSize=275470
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Thu, 16 Jan 2020 18:08:39 GMT
server: cloudflare
etag: W/"5e20a6a7-4340e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 12 May 2020 04:03:13 GMT
cache-control: max-age=16070400
cf-request-id: 02b7d346c60000c2f4c013a200000001
cf-ray: 593987ead844c2f4-FRA
cf-bgj: minify

GET
H2 200 bidfilter.js Show response
cdn.bidfilter.com/ 34 KB
11 KB 40ms
15ms Script
application/javascript 2606:4700:3036::681b:8850
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfilter.com/bidfilter.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8850 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 4766
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02b7d346e40000d6dd4d007200000001
last-modified: Tue, 21 Apr 2020 19:06:19 GMT
server: cloudflare
etag: W/"8662-5a3d1b5e920c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 593987eb0b18d6dd-FRA

GET
H2 200 prebid-v3.20.0.js Show response
assets.vlitag.com/prebid/default/ 322 KB
93 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2939080aec6fb6e8c1b46b72acb2d2ee556528dfd9054bff1af58bb1c52d573c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 153244
cf-polished: origSize=329471
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Wed, 13 May 2020 08:12:41 GMT
server: cloudflare
etag: W/"5ebbabf9-506ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Wed, 13 May 2020 08:42:46 GMT
cache-control: max-age=16070400
cf-request-id: 02b7d346cc0000c2f4c013b200000001
cf-ray: 593987eae854c2f4-FRA
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
15 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "516 / 75 of 1000 / last-modified: 1589472768"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14447
x-xss-protection: 0
expires: Fri, 15 May 2020 02:46:51 GMT

GET
H2 200 viPlayer_v30.js Show response
assets.vlitag.com/plugins/vlPlayer/ 11 KB
4 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v30.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bcbd644c9fafc624a562ed4172710f4b95dcb9b98a8cc360ecdc145d2fd70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1802852
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 24 Apr 2020 05:54:49 GMT
server: cloudflare
etag: W/"5ea27f29-2a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-request-id: 02b7d346cc0000c2f4c013c200000001
cf-ray: 593987eae857c2f4-FRA
expires: Fri, 24 Apr 2020 06:29:19 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 264 KB
90 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21eecef24071930fe32a70e72af2a611f8fe2f97ab49b997eb720ead5ed7bbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91718
x-xss-protection: 0
expires: Fri, 15 May 2020 02:46:51 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 96 KB
18 KB 49ms
18ms XHR
application/json 2600:9000:2070:e200:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmpv3/js/cmp_en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:e200:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f83825b0e9eab327cbdfe081e61e14825792653b4ed064b223be3e8435235541

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 May 2020 16:44:07 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 36165
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 May 2020 16:00:38 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: oryAqtW55oj7QvuzASYlO.XAkJkJoBG.
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C3
content-type: application/json; charset=utf-8
x-amz-cf-id: IRTkwqvPxEaHZlolYEZlWo29I3NhgI1k5f8R2fw0WdiuzceNeCiEKw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=activatewindows7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
952 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=activatewindows7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020050602.js Show response
securepubads.g.doubleclick.net/gpt/ 243 KB
88 KB 232ms
80ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 17:23:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89224
x-xss-protection: 0
expires: Fri, 15 May 2020 02:46:51 GMT

GET
H2 200 b Show response
x.bidfilter.com/ 248 B
765 B 541ms
516ms XHR
application/json 2606:4700:3036::681b:8850
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidfilter.com/b?V=0&S=1046
Requested by: Host: cdn.bidfilter.com
URL: https://cdn.bidfilter.com/bidfilter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8850 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d53a59c5ebddcf4c58d9e2b5d1e2b4c8122b7ec288650fdfd2dc09efe6bfdb

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 593987eb8a1b1f55-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02b7d3473600001f55e42a9200000001

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 24ms
10ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200515

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97b07feb23dad62680b4ef509986e5a0399f977409b1579774f37a066aed137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 02b7d3473a0000061435b1c200000001
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"53e-QfDBz8TkkChhIGe/j5V2bSH7lB0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 593987eb9ad60614-FRA

GET
H2 200 /
logs.vlitag.com/sub/ 0
115 B 129ms
122ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=activatewindows7.com&h=activatewindows7.com
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
cf-ray: 593987eb8977c2f4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0
cf-request-id: 02b7d347360000c2f4c0140200000001

GET
H2 200 yes.svg
assets.vlitag.com/plugins/cmpv3/static/delivery/btns0/ 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/plugins/cmpv3/static/delivery/btns0/yes.svg

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1317499
cf-ray: 593987eba9b1c2f4-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jan 2020 16:51:16 GMT
server: cloudflare
etag: W/"5e1df184-91f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=16070400
cf-request-id: 02b7d3474b0000c2f4c0141200000001
x-robots-tag: noindex, nofollow
cf-bgj: h2pri

GET
H2 200 Free-Windows-8-Product-Key-2020-100-Working.jpg
activatewindows7.com/wp-content/uploads/2020/03/ 42 KB
42 KB 96ms
95ms Image
image/jpeg 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatewindows7.com/wp-content/uploads/2020/03/Free-Windows-8-Product-Key-2020-100-Working.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcdabc0ee896de5ed249436f1f1750161eb0d1283445f54531a31a975e160c40

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 13 Mar 2020 14:20:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593987ed4ef8dfd7-FRA
content-length: 43103
cf-request-id: 02b7d3484e0000dfd7d3104200000001

GET
H2 200 Free-Windows-10-Product-Key-2020-100-Working-700x525.jpg
activatewindows7.com/wp-content/uploads/2020/03/ 34 KB
35 KB 92ms
91ms Image
image/jpeg 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatewindows7.com/wp-content/uploads/2020/03/Free-Windows-10-Product-Key-2020-100-Working-700x525.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9c28cf1f817caf09f79d952f4c5ddbd12c9392cdb01f86b81cd935c79062ee

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 13 Mar 2020 11:45:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593987ed4ef9dfd7-FRA
content-length: 35289
cf-request-id: 02b7d3484e0000dfd7d3105200000001

GET
H2 200 Windows-7-Product-Key-Free-2020-100-Working.jpg
activatewindows7.com/wp-content/uploads/2020/03/ 76 KB
76 KB 92ms
92ms Image
image/jpeg 2606:4700:3035::6818:6c9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activatewindows7.com/wp-content/uploads/2020/03/Windows-7-Product-Key-Free-2020-100-Working.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6c9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a98693803984f19ff49f63dad1e03880ffe03fade88173dbf5743d6174abc2b9

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 13 Mar 2020 14:13:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593987ed4efbdfd7-FRA
content-length: 77708
cf-request-id: 02b7d3484e0000dfd7d3106200000001

POST
H2 200 v2 Show response
i.connectad.io/api/ 95 B
709 B 172ms
155ms XHR
application/json 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b6bfe98487fa068e2495ef708dfb30b4c17af3c19d620af24d93e2edc9ec8d5

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 May 2020 02:46:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://activatewindows7.com
cache-control: no-cache, private
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 593987fe7fd81f35-FRA
content-type: application/json
cf-request-id: 02b7d3530700001f358600a200000001

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
150 B 188ms
61ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.20.0-pre&cb=54749309697
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 15 May 2020 02:46:54 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://activatewindows7.com
timing-allow-origin: *
vary: Origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/activatewindows7.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/activatewindows7.com/ROS?rnd=0.8583121781342238&e=300x250_0:300x250,250x250,200x200,180x150&ur=https%3A%2F%2Factivatewindows7.com%2F&r=pbjs&pbv=3.20.0-pre...
https://ads.us.e-planning.net/hb/1/2c995/1/activatewindows7.com/ROS?ct=1&rnd=0.8583121781342238&e=300x250_0:300x250,250x250,200x200,180x150&ur=https%3A%2F%2Factivatewindows7.com%2F&r=pbjs&pbv=3.20....

1 KB
2 KB

65ms
65ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/activatewindows7.com/ROS?ct=1&rnd=0.8583121781342238&e=300x250_0:300x250,250x250,200x200,180x150&ur=https%3A%2F%2Factivatewindows7.com%2F&r=pbjs&pbv=3.20.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Factivatewindows7.com%2F&gdpr=0&ccpa=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.245 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 74b9194a4b0e9b5857bd2c9f40200124554555f0e6c5e9cf5715923528fbbe2d

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:54 GMT
server: openresty
status: 200
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://activatewindows7.com
expires: Fri, 15 May 2020 02:46:54 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1483
x-sid: AMS-610

Redirect headers

date: Fri, 15 May 2020 02:46:54 GMT
server: openresty
status: 302
location: /hb/1/2c995/1/activatewindows7.com/ROS?ct=1&rnd=0.8583121781342238&e=300x250_0:300x250,250x250,200x200,180x150&ur=https%3A%2F%2Factivatewindows7.com%2F&r=pbjs&pbv=3.20.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Factivatewindows7.com%2F&gdpr=0&ccpa=1---
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://activatewindows7.com
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-610

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 110ms
110ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3996832579209357&correlator=3377377060373594&output=ldjh&impl=fifs&adsid=NT&eid=21065782%2C21066065&vrg=2020050602&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200515&iu_parts=21766281334%2C5097_Activatewindows7.com%2C5097_Activatewindows7.com_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&prev_scp=hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_adslot%3D16225%26vli_adtype%3Ddisplay%26up_bid%3Dtrue%26hb_pb%3D0.01&eri=1&cust_params=hb_domain%3Dactivatewindows7.com&cookie_enabled=1&bc=31&abxe=1&lmt=1589510814&dt=1589510814729&dlt=1589510810929&idt=788&frm=20&biw=1585&bih=1200&oid=3&adxs=1072&adys=323&adks=2618793649&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Factivatewindows7.com%2F&dssz=32&icsg=4381414785020&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=2091009574.1589510811&ga_sid=1589510815&ga_hid=872135947&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

c46cdb8fa83b79ff1dec40b0e6bebc1fe346ab976a88f4c01de889aa2d164ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2365
x-xss-protection: 0
google-lineitem-id: 5271233743
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305024515
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://activatewindows7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d0889ca6c9ac9a69e485d29cf1525a0a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
39ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d0889ca6c9ac9a69e485d29cf1525a0a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3B6D 0
0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589369616634380"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Fri, 15 May 2020 02:46:54 GMT

GET
H2 200 / Show response
tag.vlitag.com/passbacktarget/1588932781/ Frame 5197 363 B
470 B 224ms
224ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passbacktarget/1588932781/?t=iframe&pbID=7&d=5097&z=16225&divID=vi_509716225_711&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8cb20b6058f58cdf06f34952b32b47b3611617f566ac811a01f347bfc8f3d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
x-sv: 157.114
cache-control: public, max-age=31536000, immutable
cf-ray: 59398800f81ec2f4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-request-id: 02b7d3549c0000c2f4c01d7200000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame B5CA 82 KB
32 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-20

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

696f34493585bd72725602f6b6e1dbe9bdd6fa4e0b38f661e565982e51bd7512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:54 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33149
x-xss-protection: 0
last-modified: Fri, 15 May 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 May 2020 02:46:54 GMT

GET
H2 200 /
stats.vlitag.com/pi/ 0
217 B 130ms
121ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNPwyyKZwA-ZqYB-PZya-MqeB-UyqyABMttaPPRzNhqllwqe0RrNZAaKRmNTUYYZRrcorNco_ZAaKTUYYZ_KTTRrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 593988010837c2f4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0
cf-request-id: 02b7d354a80000c2f4c01d8200000001

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 36ms
17ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9163dd22096025a76bf36bc0daec0f6e3f3135942ccaf8d3ee98ffb805b085e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 02:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5563
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Fri, 15 May 2020 02:46:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B5CA 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6635
date: Fri, 15 May 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 02:56:19 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame B5CA 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1353796367&t=pageview&_s=1&dl=https%3A%2F%2Factivatewindows7.com%2F&ul=en-us&de=UTF-8&dt=noBid_activatewindows7.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=activatewindows7.com&cm=noBid&cc=Default&_u=IEBAAUAB~&jid=513335343&gjid=1825824581&cid=67296648.1589510815&tid=UA-128776493-20&_gid=1397799500.1589510815&_r=1&gtm=2ou561&z=1667328179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 02:46:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 9DF7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activatewindows7.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://activatewindows7.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 15 May 2020 00:03:01 GMT
expires: Sat, 15 May 2021 00:03:01 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9833
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tag.js Show response
jstag.interestinglinks.net/ Frame 5197 6 KB
2 KB 173ms
128ms Script
application/javascript 2606:4700:e6::ac40:cf24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jstag.interestinglinks.net/tag.js?id=10
Requested by: Host: activatewindows7.com
URL: https://activatewindows7.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16bd90ec555a9d70b5b231616e26ca5ddf1ce0d9fc20cf846eac4a181e6a41fc

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 59398802a8750621-FRA
cf-request-id: 02b7d355aa00000621d62a1200000001

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
233 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=3996832579209357&bg=!w8ClwNhYMHAP66W64LYCAAAAS1IAAAAPmQF8olS4r5Rwn6Qzc-ADgg3F9UY8AKAMlpAWqHThbuWaVWgNzjRM53dwY-dsw52rmpe21Az91kwTOjivb48tgi9-GnCFRoGp-2wUqiTerWw2h3UeGncpCXrLXNyqmtCbE2JOQx1J3__c3oKf3-8HSi63gLmjKAZglFrvWUlB6iQB3G0BXPG8IO6CUvTcHqhOMouEZ5EdlzHUm-who3V7dwbuIm87Gb12RUZs81-LHkMqe-XTZHH2XRNGVqzKlxp5xTgPd4BzR5tuT2Y6D_S75ezDlaaQG0NUD2Id8K1X_g_Byes-yVLliCewM-2Rtd1-ArVlOe3dIV4VRgcqVXtBIH33gQlgLivcu77AU2R7LddzUkucEzKgykhlrdjeM754VKpfbNV2q09-EPlFEAhsk_Wb5FWvu1xa2Qq7LjSBEYZGDd2aFxS7ZUwreG1KT2r2XWoRgDQe2RerdxPTCSYSskROLf8Wr3m1gc-wdgu2uT49KF4GxPQQv15qhbSpSu4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 02:46:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0DE5 82 KB
32 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109910709-5

Requested by

Host: jstag.interestinglinks.net
URL: https://jstag.interestinglinks.net/tag.js?id=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21c11b4d660fbbbe66afbd3c3f46b7468c60c1f21d67ae578500eec7b92fb302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33120
x-xss-protection: 0
last-modified: Fri, 15 May 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 May 2020 02:46:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 78A1 3 KB
640 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:500,400

Requested by

Host: jstag.interestinglinks.net
URL: https://jstag.interestinglinks.net/tag.js?id=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d09fee9e969a05cf4b10a6e113d196e6970e61441ad2b186c7b32b4a3b46640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 02:46:55 GMT
server: ESF
date: Fri, 15 May 2020 02:46:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 02:46:55 GMT

GET
H2 200 952250770-25-Forgotten-Cars-From-The-Past.jpg
interestinglinks.net/static/link-thumb/ Frame 78A1 38 KB
39 KB 26ms
11ms Image
image/jpeg 2606:4700:e6::ac40:cf24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interestinglinks.net/static/link-thumb/952250770-25-Forgotten-Cars-From-The-Past.jpg
Requested by: Host: jstag.interestinglinks.net
URL: https://jstag.interestinglinks.net/tag.js?id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f7d17996d279ca48436642923573ce8b68467e8ad3b90fbcb742f4b20f3e11

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
cf-cache-status: HIT
last-modified: Mon, 04 May 2020 04:49:24 GMT
server: cloudflare
age: 6844
etag: "5eaf9ed4-99a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5939880399ae0621-FRA
content-length: 39331
cf-request-id: 02b7d3564200000621d62a9200000001

GET
H2 200 457552814-suv.jpg
interestinglinks.net/static/link-thumb/ Frame 78A1 29 KB
29 KB 25ms
10ms Image
image/jpeg 2606:4700:e6::ac40:cf24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interestinglinks.net/static/link-thumb/457552814-suv.jpg
Requested by: Host: jstag.interestinglinks.net
URL: https://jstag.interestinglinks.net/tag.js?id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d935e939f553fe080f835969fbb24820234ebf5aa6592c1de91044a44147c329

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 03:00:05 GMT
server: cloudflare
age: 5541
etag: "5ea79c35-7210"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5939880399b00621-FRA
content-length: 29200
cf-request-id: 02b7d3564200000621d62aa200000001

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v31/ Frame 78A1 25 KB
25 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: activatewindows7.com
URL: https://activatewindows7.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:500,400
Origin: https://activatewindows7.com

Response headers

date: Thu, 23 Apr 2020 17:39:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:42 GMT
server: sffe
age: 1847270
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25376
x-xss-protection: 0
expires: Fri, 23 Apr 2021 17:39:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0DE5 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109910709-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6636
date: Fri, 15 May 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 02:56:19 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 0DE5 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=117709022&t=pageview&_s=1&dl=https%3A%2F%2Factivatewindows7.com%2F&ul=en-us&de=UTF-8&dt=Widget%20ID%3A%2010_activatewindows7.com_na_na&sd=24-bit&sr=1600x1200&vp=&je=0&cn=na&cs=activatewindows7.com&cm=Widget%20ID%3A%2010&cc=na&_u=AACAAUAB~&jid=1904154073&gjid=2087376659&cid=67296648.1589510815&tid=UA-109910709-5&_gid=1397799500.1589510815&_r=1&gtm=2ou561&z=1696499853

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 02:46:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F750 82 KB
32 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-10

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1589450850/?q=6220cf0a8759e723ec69bae746090ce4&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf8ebc84f19f5c650ebaa24b5eaa642eb585e0eb9fccce723e687741b0db7b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33149
x-xss-protection: 0
last-modified: Fri, 15 May 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 May 2020 02:46:55 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame B5CA 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1353796367&t=pageview&_s=2&dl=https%3A%2F%2Factivatewindows7.com%2F&ul=en-us&de=UTF-8&dt=Nobid_Outstream_activatewindows7.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=activatewindows7.com&cm=Nobid_Outstream&cc=Default&_u=KEBAAUAB~&jid=&gjid=&cid=67296648.1589510815&tid=UA-128776493-20&_gid=1397799500.1589510815&gtm=2ou561&z=1507289363

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 21:06:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 538850
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 13ms
12ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1319712
cf-ray: 593988048ce5c2f4-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=16070400
cf-request-id: 02b7d356d70000c2f4c01f5200000001
x-robots-tag: noindex, nofollow
cf-bgj: h2pri

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 67 KB
21 KB 55ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:56 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:42 GMT
server: nginx
etag: W/"5ea153d6-10c8e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 16 May 2020 02:46:56 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 67 KB
21 KB 37ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 02:46:56 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:42 GMT
server: nginx
etag: W/"5ea153d6-10c8e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 16 May 2020 02:46:56 GMT

GET
H/1.1 200 359.json Show response
id5-sync.com/g/v1/ 191 B
733 B 215ms
53ms XHR
text/json 54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/359.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

764ab4806be8207d54ba9ef7d5c887913b3041c02dc53b2c30660b2ae16ff110

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 15 May 2020 02:46:56 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://activatewindows7.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8
Transfer-Encoding: chunked

GET
H2 200 connectmyusers.php
cdn.connectad.io/ Frame 2AF6 0
0 26ms
19ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=1---&
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activatewindows7.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=b3NferMR3SF68lRsBwaVhVXRia0xpKejsww8VTr9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://activatewindows7.com/

Response headers

status: 200
date: Fri, 15 May 2020 02:46:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db875a5ee689d656b7083b5f770e585c61589510817; expires=Sun, 14-Jun-20 02:46:57 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59398812fbfd1f35-FRA
content-encoding: gzip
cf-request-id: 02b7d35fdb00001f358606c200000001

GET
H2 200 /
spl.zeotap.com/ Frame D18C 0
0 48ms
30ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://activatewindows7.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://activatewindows7.com/

Response headers

status: 200
date: Fri, 15 May 2020 02:46:57 GMT
content-type: text/html
set-cookie: __cfduid=d50b26bdca6d065664ff9398299d9a70f1589510817; expires=Sun, 14-Jun-20 02:46:57 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=606ea6b3-255f-4adb-7400-fd51da6c52f4; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=606ea6b3-255f-4adb-7400-fd51da6c52f4; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=e%D1%FC%7D.H%8Ee%ED%60%5D%29%E7%0C%83%AC%18%15%E6%05%2Fg%2A%EBo%82%17+8%86%9F%26%1A%A8%22%19%C5%E9M%F1%D3%BA%BF%AF%E6%3B%AB%F1%D6%9F%2F%BB0%1D%89%85%F9k%97D%A7%3F%9B%05%18%11%8D%DD%07%DF%C4%82%EF%8A%85%5C%FE%ACX%A0%D9w%9E%EB%85Ti7%D2x%04%8D%D0%86_%2A%DDM%29_%5E%5C%2A%1EH%FAAM%AF%E8W%CA%86%D3%C8%DE%DF%A2a%C7%D6%85T%B1%0F+%92%BD%9CT%01%80l%7BR%07%5B%EF%E0M%7C%03n%FF%83%195%A3s%95%10%B1w%09%AC+%B2%B5%98%A8%11%3B%5C%BC5%FAh%EC%18O%1Crn%09; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers: *
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 593988130f0b1f15-FRA
content-encoding: br
cf-request-id: 02b7d35fe900001f15a6afa200000001

GET
H/1.1

200
OK

Cookie set usermatch
ssum.casalemedia.com/ Frame D71D
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D&C=1

0
0

90ms
70ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D&C=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://activatewindows7.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=Xr4CoblQJrgAAA9HU1cAAAAn; CMPS=3215
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://activatewindows7.com/

Response headers

Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html
Expires: Fri, 15 May 2020 02:46:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 15 May 2020 02:46:58 GMT
Content-Length: 1718
Connection: keep-alive
Set-Cookie: CMID=Xr4CoblQJrgAAA9HU1cAAAAn;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 May 2021 02:46:57 GMT CMPS=3215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Aug 2020 02:46:57 GMT CMPRO=1109;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Aug 2020 02:46:57 GMT CMST=Xr4CoV6+AqEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 May 2020 02:46:57 GMT CMRUM3=275ebe02a10b40&035ebe02a105a0&b05ebe02a105a00&045ebe02a105a0&bf5ebe02a105a0&585ebe02a105a0&2e5ebe02a105a0&2d5ebe02a105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 May 2021 02:46:57 GMT

Redirect headers

Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3f9bfa3a9169c0d1%26uid%3D&C=1
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Expires: Fri, 15 May 2020 02:46:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 15 May 2020 02:46:57 GMT
Connection: keep-alive
Set-Cookie: CMID=Xr4CoblQJrgAAA9HU1cAAAAn;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 May 2021 02:46:57 GMT CMPS=3215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Aug 2020 02:46:57 GMT

GET
H2

200

um
sync.e-planning.net/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560941&ev=1&rurl=https://sync.e-planning.net/um?uid=%%VGUID%%&dc=66b7ef4184d94c10&fi=3f9bfa3a9169c0d1
https://sync.e-planning.net/um?uid=fpROOEdYuzBA&ev=1&fi=3f9bfa3a9169c0d1&pid=560941&dc=66b7ef4184d94c10

42 B
103 B

70ms
62ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=fpROOEdYuzBA&ev=1&fi=3f9bfa3a9169c0d1&pid=560941&dc=66b7ef4184d94c10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 02:46:58 GMT
server: openresty
content-type: image/gif

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
status: 302
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://sync.e-planning.net/um?uid=fpROOEdYuzBA&ev=1&fi=3f9bfa3a9169c0d1&pid=560941&dc=66b7ef4184d94c10
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5cd76f6687-9h488
expires: -1

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D3f9bfa3a9169c0d1%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D3f9bfa3a9169c0d1%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=3f9bfa3a9169c0d1&uid=18027632d6e5ab86dca78299

42 B
103 B

291ms
62ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=3f9bfa3a9169c0d1&uid=18027632d6e5ab86dca78299
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 02:46:58 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 15 May 2020 02:46:58 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=3f9bfa3a9169c0d1&uid=18027632d6e5ab86dca78299
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

um
sync.e-planning.net/
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

42 B
104 B

189ms
63ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://activatewindows7.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 02:46:58 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 15 May 2020 02:46:48 GMT
Server: nginx
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.activatewindows7.com/	1970-01-19 09:31:50	Name: _gat Value: 1
.activatewindows7.com/	1970-01-19 09:33:17	Name: _gid Value: GA1.2.1255406182.1589510811
.activatewindows7.com/	1970-01-20 03:03:02	Name: _ga Value: GA1.2.2091009574.1589510811
.activatewindows7.com/	1970-01-19 10:15:02	Name: __cfduid Value: d2cc43ef0791effde5bff3e8eb9f2a7cc1589510810

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://activatewindows7.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v3.20.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activatewindows7.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
assets.vlitag.com
bh.contextweb.com
bidder.criteo.com
cdn.bidfilter.com
cdn.connectad.io
cdn.jsdelivr.net
d0889ca6c9ac9a69e485d29cf1525a0a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
i.connectad.io
id5-sync.com
imasdk.googleapis.com
interestinglinks.net
jstag.interestinglinks.net
logs.vlitag.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
services.vlitag.com
spl.zeotap.com
ssum.casalemedia.com
static.criteo.net
stats.vlitag.com
sync.1rx.io
sync.e-planning.net
tag.vlitag.com
tpc.googlesyndication.com
u-ams02.e-planning.net
vendorlist.consensu.org
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidfilter.com
tpc.googlesyndication.com
178.250.2.131
198.148.27.140
2.18.234.21
213.19.147.150
216.58.212.130
2600:9000:2070:e200:1:af78:4c0:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:37ce
2606:4700:20::681a:eee
2606:4700:3035::6818:6c9c
2606:4700:3036::681b:8850
2606:4700::6810:5914
2606:4700:e6::ac40:cf24
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:815::2001
2a00:1450:4001:815::200a
2a00:1450:4001:817::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:821::200a
2a00:1450:4001:824::2008
2a02:2638:1::3
5.178.65.245
5.178.65.246
54.36.109.183
72.251.249.13
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
0cb7003b21d62e3fe2da970e8e80f4f71815b819c68e02e24b2e8102c4caf089
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
16bd90ec555a9d70b5b231616e26ca5ddf1ce0d9fc20cf846eac4a181e6a41fc
1823d7883c8fbb23030e8a3c41faf7a1c630f1e579529189a6a46103d24adac0
1c73620662b8f2efe47d0655168236d6f8f5ac19525fb3471bf951f95b497412
1cb67b9a2570a16396d13cdb99a3d2f723e2010452d71ae9394a25b07c95112f
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
21c11b4d660fbbbe66afbd3c3f46b7468c60c1f21d67ae578500eec7b92fb302
21eecef24071930fe32a70e72af2a611f8fe2f97ab49b997eb720ead5ed7bbe4
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2939080aec6fb6e8c1b46b72acb2d2ee556528dfd9054bff1af58bb1c52d573c
2c8cb20b6058f58cdf06f34952b32b47b3611617f566ac811a01f347bfc8f3d1
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3124fd3bd866b808bb0957bf523bc28470be78c9e76e2913da777234ada8aeb0
39d53a59c5ebddcf4c58d9e2b5d1e2b4c8122b7ec288650fdfd2dc09efe6bfdb
43a4c5b6b1f34f6aadb0ec198fb90e93d566883cd63ed19e7e546f79679913ce
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b6bfe98487fa068e2495ef708dfb30b4c17af3c19d620af24d93e2edc9ec8d5
526de1df499ec6af5ca31bddf53c5582c5b23dd9c77bf22e9d3c36ab3c4c2b35
52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd
52de1ee891d34f81d4e655a9d4b8eabc6678f58a2f817c123de0c66054e8c36b
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
5c94aadfbe04dda0b0b5e2caa901efbab78ea6092ca3fa63d849c7e66688269f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6448707333e2cd315212bb14e3ec42b201f2a08cc7bf8aad63de93149dd86479
696f34493585bd72725602f6b6e1dbe9bdd6fa4e0b38f661e565982e51bd7512
6a9ffd212b49ebb3c4972bf0596b49e6e82d8df757a3a989d4cff99b20d64526
6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf
74b9194a4b0e9b5857bd2c9f40200124554555f0e6c5e9cf5715923528fbbe2d
764ab4806be8207d54ba9ef7d5c887913b3041c02dc53b2c30660b2ae16ff110
797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6
80bcbd644c9fafc624a562ed4172710f4b95dcb9b98a8cc360ecdc145d2fd70f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d09fee9e969a05cf4b10a6e113d196e6970e61441ad2b186c7b32b4a3b46640
9163dd22096025a76bf36bc0daec0f6e3f3135942ccaf8d3ee98ffb805b085e1
9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a97b07feb23dad62680b4ef509986e5a0399f977409b1579774f37a066aed137
a98693803984f19ff49f63dad1e03880ffe03fade88173dbf5743d6174abc2b9
a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92
aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c
b09901ea5038da2d7a124a97bb406217fb99d5dc77d3791a341fc65d4a75cccd
b8f7d17996d279ca48436642923573ce8b68467e8ad3b90fbcb742f4b20f3e11
bf17492bee535ea7a009282713746df89a50c35b2d9e9a51864b076d87397766
c46cdb8fa83b79ff1dec40b0e6bebc1fe346ab976a88f4c01de889aa2d164ed4
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf8ebc84f19f5c650ebaa24b5eaa642eb585e0eb9fccce723e687741b0db7b4f
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d6f930e9c4ee316cfeaa2fc7d28c9aff2b242814a1b67f55c0372466306f93d1
d935e939f553fe080f835969fbb24820234ebf5aa6592c1de91044a44147c329
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ea0eb3c3711b93793d354526077b5d1977474aa190525ee940ed3ef49f1b2d37
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f83825b0e9eab327cbdfe081e61e14825792653b4ed064b223be3e8435235541
fb9c28cf1f817caf09f79d952f4c5ddbd12c9392cdb01f86b81cd935c79062ee
fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2
fcdabc0ee896de5ed249436f1f1750161eb0d1283445f54531a31a975e160c40

activatewindows7.com Open in urlscan Pro 2606:4700:3035::6818:6c9c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

83 Requests

99 %HTTPS

68 %IPv6

25 Domains

37 Subdomains

26 IPs

6 Countries

1113 kBTransfer

2806 kBSize

4 Cookies

4 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

activatewindows7.com Open in urlscan Pro
2606:4700:3035::6818:6c9c Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

37
Subdomains

26
IPs

6
Countries

1113 kB
Transfer

2806 kB
Size

4
Cookies

83 HTTP transactions
1 data transactions