urlscan.io logo urlscan.io
SecurityTrails logo

windows-office.net Open in urlscan Pro
185.26.122.72  Public Scan

Go To Rescan Add Verdict Report
URL: https://windows-office.net/
Submission Tags: @phishunt_io
Submission: On August 13 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 185.26.122.72, located in Russian Federation and belongs to HOSTLAND, RU. The main domain is windows-office.net.
TLS certificate: Issued by R3 on August 13th 2021. Valid for: 3 months.
This is the only time windows-office.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    185.26.122.72 (Russian Federation)

ASN62082 (HOSTLAND, RU)
PTR: serv72.hostland.ru
windows-office.net
linux-console.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
18 windows-office.net windows-office.net
6 pagead2.googlesyndication.com windows-office.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 mc.yandex.com 2 redirects windows-office.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 mc.yandex.ru 1 redirects windows-office.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 linux-console.net windows-office.net
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
39 12
Subject Issuer Validity Valid
*.windows-office.net
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.linux-console.net
R3		 2021-07-10 -
2021-10-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://windows-office.net/
Frame ID: 4BEFCCA188036F8B07BEC919DD2EDDE4
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: B88413533A74A63BDFB82BD2B60391DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366716774018597&output=html&adk=1812271804&adf=3025194257&lmt=1565145391&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows-office.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628838764591&bpp=5&bdt=100&idt=176&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3021208849776&frm=20&pv=2&ga_vid=903569810.1628838765&ga_sid=1628838765&ga_hid=314230155&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44748451%2C20211866%2C31062297&oid=3&pvsid=3149822697674095&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216
Frame ID: 6EC8234403B65042E2705335CF448EAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A57EC808929872A2D07A30BF55B2E061
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DEB52FD5618DE967E455EE2006CB004
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

39
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

371 kB
Transfer

1097 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9364.C9Q8Dp4nM24JxDuZLQTQOc7Wid_Wq3Dvao8DR3C0mFtbSdcXm2-KPvybE5mlO4RO.Ve95laVZmr1-RKQVYNUtxl-cq_I%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9364.Y4BUgbf0Qzxy7ucgvZFAccMuEtTHHE5wAXsFRB-MTILqtlIxYnDjpfNa_zGhrotR6IysZyvFAUdczyDjpNJVmA%2C%2C.MNg864man-zzXy5cupYpBX5B--w%2C
Request Chain 31
  • https://mc.yandex.com/watch/53965795?wmode=7&page-url=https%3A%2F%2Fwindows-office.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1616367317104%3Ahid%3A342999997%3Az%3A120%3Ai%3A20210813091245%3Aet%3A1628838765%3Ac%3A1%3Arn%3A297192309%3Au%3A1628838765621068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628838764267%3Ads%3A63%2C100%2C57%2C0%2C0%2C0%2C%2C382%2C0%2C%2C%2C%2C607%3Adsn%3A64%2C99%2C57%2C1%2C0%2C0%2C%2C384%2C1%2C%2C%2C%2C607%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628838765%3At%3AMain HTTP 302
  • https://mc.yandex.com/watch/53965795/1?wmode=7&page-url=https%3A%2F%2Fwindows-office.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1616367317104%3Ahid%3A342999997%3Az%3A120%3Ai%3A20210813091245%3Aet%3A1628838765%3Ac%3A1%3Arn%3A297192309%3Au%3A1628838765621068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628838764267%3Ads%3A63%2C100%2C57%2C0%2C0%2C0%2C%2C382%2C0%2C%2C%2C%2C607%3Adsn%3A64%2C99%2C57%2C1%2C0%2C0%2C%2C384%2C1%2C%2C%2C%2C607%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628838765%3At%3AMain

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
windows-office.net/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
f695dd60c104cfcddb205261e50dc594b3d923e3baa7ff1cc939655a9c242d78

Request headers

:method
GET
:authority
windows-office.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 13 Aug 2021 07:12:44 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Wed, 07 Aug 2019 02:36:31 GMT
etag
W/"1009d29-27ee-58f7dcf16881f"
content-encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49916
x-xss-protection
0
server
cafe
etag
16652301563836661712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 07:12:44 GMT
bootstrap.min.css
windows-office.net/vendor/twbs/bootstrap/dist/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-office.net/vendor/twbs/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

:path
/vendor/twbs/bootstrap/dist/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
last-modified
Wed, 22 May 2019 05:21:00 GMT
server
nginx
etag
W/"1028400-22682-5897321828700"
vary
Accept-Encoding
content-type
text/css
cs.png
windows-office.net/flags/ 		439 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/cs.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
3fe11c2a0b4c2b50035c224d2e6c87ba19a05663811c459d4e3a2f780aede957

Request headers

:path
/flags/cs.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d46-1b7-5897a8f046a80"
content-length
439
content-type
image/png
de.png
windows-office.net/flags/ 		545 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/de.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

:path
/flags/de.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d42-221-5897a8f046a80"
content-length
545
content-type
image/png
es.png
windows-office.net/flags/ 		469 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/es.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Request headers

:path
/flags/es.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d4a-1d5-5897a8f046a80"
content-length
469
content-type
image/png
fr.png
windows-office.net/flags/ 		545 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/fr.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842

Request headers

:path
/flags/fr.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d37-221-5897a8f046a80"
content-length
545
content-type
image/png
hi.png
windows-office.net/flags/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/hi.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
3ea27f1b36d2e65dff4b9dc21a64124d08dd53544796168dc30578e65c322594

Request headers

:path
/flags/hi.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 05 Jun 2019 17:04:39 GMT
server
nginx
accept-ranges
bytes
etag
"1009d3f-41f-58a9697bc97c0"
content-length
1055
content-type
image/png
it.png
windows-office.net/flags/ 		420 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/it.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Request headers

:path
/flags/it.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d3a-1a4-5897a8f046a80"
content-length
420
content-type
image/png
ja.png
windows-office.net/flags/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/ja.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
19179b2b19b5f6e613de8c4e404c0b5dd897589d8ef57632d69384809463b194

Request headers

:path
/flags/ja.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 05 Jun 2019 17:04:39 GMT
server
nginx
accept-ranges
bytes
etag
"1009d3c-448-58a9697bc97c0"
content-length
1096
content-type
image/png
ko.png
windows-office.net/flags/ 		583 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/ko.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
988a648a9b0e82f5995dc7d9aaf1f93f55d74b464cecc50a0128f8182f946996

Request headers

:path
/flags/ko.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Sun, 02 Jun 2019 04:30:52 GMT
server
nginx
accept-ranges
bytes
etag
"1009d4e-247-58a4fb6793700"
content-length
583
content-type
image/png
hu.png
windows-office.net/flags/ 		432 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/hu.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
61a2cecf8326a8da732499312a098f89d050d13546f6204e6204de38c550437e

Request headers

:path
/flags/hu.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d2e-1b0-5897a8f046a80"
content-length
432
content-type
image/png
pl.png
windows-office.net/flags/ 		374 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/pl.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f

Request headers

:path
/flags/pl.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d47-176-5897a8f046a80"
content-length
374
content-type
image/png
ro.png
windows-office.net/flags/ 		495 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/ro.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
0f83abcca7f07368819e3268d42f161edabcee4b56329c67de93779c1fba3ec5

Request headers

:path
/flags/ro.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d43-1ef-5897a8f046a80"
content-length
495
content-type
image/png
ru.png
windows-office.net/flags/ 		420 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/ru.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94

Request headers

:path
/flags/ru.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d41-1a4-5897a8f046a80"
content-length
420
content-type
image/png
th.png
windows-office.net/flags/ 		452 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/th.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
9301b5300fa18b50f774512c3549ded45bf41c30359d1824ced7cca0cc75e216

Request headers

:path
/flags/th.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d44-1c4-5897a8f046a80"
content-length
452
content-type
image/png
tr.png
windows-office.net/flags/ 		492 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/tr.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
292d592f7fa1df2fa653ecc1e03d5eb2ae68277c6df264f762aefb8218e23454

Request headers

:path
/flags/tr.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 22 May 2019 14:12:42 GMT
server
nginx
accept-ranges
bytes
etag
"1009d39-1ec-5897a8f046a80"
content-length
492
content-type
image/png
fi.png
windows-office.net/flags/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/fi.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
a7ea544f7d56a4e1f66f5f615f56b0717ad0dc56908c2bf52154037384e495aa

Request headers

:path
/flags/fi.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Wed, 12 Jun 2019 05:26:44 GMT
server
nginx
accept-ranges
bytes
etag
"1009dae-433-58b19a8ae6d00"
content-length
1075
content-type
image/png
zh.png
windows-office.net/flags/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-office.net/flags/zh.png
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
4e9c1b66317b17f8bf57363f405ee2e29ff081f4e64fe8caef9731558443bf0b

Request headers

:path
/flags/zh.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows-office.net
referer
https://windows-office.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
last-modified
Sun, 02 Jun 2019 04:43:32 GMT
server
nginx
accept-ranges
bytes
etag
"1009d36-43e-58a4fe3c5e500"
content-length
1086
content-type
image/png
jquery.min.js
linux-console.net/vendor/components/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linux-console.net/vendor/components/jquery/jquery.min.js
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
last-modified
Wed, 22 May 2019 05:20:00 GMT
server
nginx
etag
W/"204802f-1538f-589731def0000"
vary
Accept-Encoding
content-type
application/javascript
bootstrap.bundle.min.js
linux-console.net/vendor/twbs/bootstrap/dist/js/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linux-console.net/vendor/twbs/bootstrap/dist/js/bootstrap.bundle.min.js
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.26.122.72 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS
serv72.hostland.ru
Software
nginx /
Resource Hash
928f97f310d8f768c5e3d521e3b1ce2cff156f9cc60c5d09fad772f4a2c43f52

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
last-modified
Wed, 22 May 2019 05:20:14 GMT
server
nginx
etag
W/"2048034-1141a-589731ec49f80"
vary
Accept-Encoding
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95570
x-xss-protection
0
server
cafe
etag
10066065015092213272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 07:12:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame B884 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210809/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows-office.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows-office.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 12 Aug 2021 21:06:33 GMT
expires
Thu, 26 Aug 2021 21:06:33 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
36371
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		208 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=windows-office.net&callback=_gfp_s_&client=ca-pub-6366716774018597
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
27f73b3e1b0763441a0d11d649ee95ca3024bf2c19a0328625be169ee0ae98f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwindows-office.net%2F&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-dark%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 07:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=windows-office.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=windows-office.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6EC8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6366716774018597&output=html&adk=1812271804&adf=3025194257&lmt=1565145391&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows-office.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628838764591&bpp=5&bdt=100&idt=176&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3021208849776&frm=20&pv=2&ga_vid=903569810.1628838765&ga_sid=1628838765&ga_hid=314230155&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44748451%2C20211866%2C31062297&oid=3&pvsid=3149822697674095&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64f5b24ea77a1d3d876514ab1d69e4b7290665fbaef43fe428612f2ab4d6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6366716774018597&output=html&adk=1812271804&adf=3025194257&lmt=1565145391&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows-office.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628838764591&bpp=5&bdt=100&idt=176&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3021208849776&frm=20&pv=2&ga_vid=903569810.1628838765&ga_sid=1628838765&ga_hid=314230155&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44748451%2C20211866%2C31062297&oid=3&pvsid=3149822697674095&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows-office.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows-office.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Aug 2021 07:12:45 GMT
server
cafe
content-length
4399
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 07:27:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 13 Aug 2021 07:12:45 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681433796959"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Fri, 13 Aug 2021 07:12:44 GMT
tag.js
mc.yandex.ru/metrika/ 		225 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:44 GMT
content-encoding
br
last-modified
Thu, 12 Aug 2021 09:51:50 GMT
etag
"611112b5-11dd4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73172
expires
Fri, 13 Aug 2021 08:12:44 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9364.C9Q8Dp4nM24JxDuZLQTQOc7Wid_Wq3Dvao8DR3C0mFtbSdcXm2-KPvybE5mlO4RO.Ve95laVZmr1-RKQVYNUtxl-cq_I%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9364.Y4BUgbf0Qzxy7ucgvZFAccMuEtTHHE5wAXsFRB-MTILqtlIxYnDjpfNa_zGhrotR6IysZyvFAUdczyDjpNJVmA%2C%2C.MNg864man-zzXy5cupYpBX5B--w%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9364.Y4BUgbf0Qzxy7ucgvZFAccMuEtTHHE5wAXsFRB-MTILqtlIxYnDjpfNa_zGhrotR6IysZyvFAUdczyDjpNJVmA%2C%2C.MNg864man-zzXy5cupYpBX5B--w%2C
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:45 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9364.Y4BUgbf0Qzxy7ucgvZFAccMuEtTHHE5wAXsFRB-MTILqtlIxYnDjpfNa_zGhrotR6IysZyvFAUdczyDjpNJVmA%2C%2C.MNg864man-zzXy5cupYpBX5B--w%2C
date
Fri, 13 Aug 2021 07:12:45 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: windows-office.net
URL: https://windows-office.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:45 GMT
last-modified
Thu, 12 Aug 2021 09:51:50 GMT
etag
"611112b5-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 13 Aug 2021 08:12:45 GMT
1
mc.yandex.com/watch/53965795/
Redirect Chain
  • https://mc.yandex.com/watch/53965795?wmode=7&page-url=https%3A%2F%2Fwindows-office.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/53965795/1?wmode=7&page-url=https%3A%2F%2Fwindows-office.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%...
335 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/53965795/1?wmode=7&page-url=https%3A%2F%2Fwindows-office.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1616367317104%3Ahid%3A342999997%3Az%3A120%3Ai%3A20210813091245%3Aet%3A1628838765%3Ac%3A1%3Arn%3A297192309%3Au%3A1628838765621068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628838764267%3Ads%3A63%2C100%2C57%2C0%2C0%2C0%2C%2C382%2C0%2C%2C%2C%2C607%3Adsn%3A64%2C99%2C57%2C1%2C0%2C0%2C%2C384%2C1%2C%2C%2C%2C607%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628838765%3At%3AMain
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
637b396cf138b60b63e1ddf7bbb682b2f47170dd1dfa00d4d514abadea1327ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 07:12:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 13-Aug-2021 07:12:45 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windows-office.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
335
x-xss-protection
1; mode=block
expires
Fri, 13-Aug-2021 07:12:45 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Aug 2021 07:12:45 GMT
last-modified
Fri, 13-Aug-2021 07:12:45 GMT
location
/watch/53965795/1?wmode=7&page-url=https%3A%2F%2Fwindows-office.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1616367317104%3Ahid%3A342999997%3Az%3A120%3Ai%3A20210813091245%3Aet%3A1628838765%3Ac%3A1%3Arn%3A297192309%3Au%3A1628838765621068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628838764267%3Ads%3A63%2C100%2C57%2C0%2C0%2C0%2C%2C382%2C0%2C%2C%2C%2C607%3Adsn%3A64%2C99%2C57%2C1%2C0%2C0%2C%2C384%2C1%2C%2C%2C%2C607%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628838765%3At%3AMain
strict-transport-security
max-age=31536000
access-control-allow-origin
https://windows-office.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 13-Aug-2021 07:12:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d21a206e2db186b1aafccdd7df6738802d2865d0d4ae7dba6e11d33e55754f6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 07:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8624
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6366716774018597&plah=windows-office.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 07:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 13 Aug 2021 07:12:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A57E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows-office.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows-office.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 13 Aug 2021 06:20:14 GMT
expires
Sat, 13 Aug 2022 06:20:14 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4DEB 		783 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e5ae53005ae745d03d3695b53d50566928e881f42e26fa8f38ebf8fdb86b768
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qeltBlzN5Jp0VJx+O6jw7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows-office.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows-office.net/

Response headers

expires
Fri, 13 Aug 2021 07:12:45 GMT
date
Fri, 13 Aug 2021 07:12:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qeltBlzN5Jp0VJx+O6jw7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame A57E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 05:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
6034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 05:32:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=3149822697674095&bg=!IiGlIWXNAAbOj6irzo87ACkAdvg8WsvtVHXCHCLBRrsLavTrJYAnh8Gpr6R51q-1ISU7dmom8gzESwIAAACWUgAAAAdoAQeZAoh8EJtJnlzX8-l36UIQgvZpkTyHsf1V1GjC6E09jY6XmfY2K6AQPElRr886pkKX3_VJQlpdlTYt8Ths6l6H9xlX6CmAbSPKmNarJ-lWbrFAFcbSHh7cfKyUXS91C3AnX5TTundnoXXOMXx70pZ8oW23eQbHO770yjUyCcqeV_pPcr1bPoNe_82Mr5OnbxItStWieGF2alkaPi1DKObSUegF_AoxJ5xStxVctcdLVUK_vmD-eY938SqkxH2JlPtt5RolAQlipHLCP9RSONl6oj7f1Fm9Wovtgsgi0dPvGakK5BwHGFJAHUESJn9PQ3oQK2Zz2nbECFNeX9tx7uGIsu-UsV_kYiWI7uPrAMN_QyVORwJMBPAQXQpKekctnSUjJeptQC0Qf2D0QZE_XKcrSI4gQRLp79GNCKqcGeaj1AmWcrgvKg-zntZH4I-yBAjHayM4IWzab9lSUvQmhzmxPyTr7ZTp22zQWcRsx9rNC8ltbCdVTKA1Av0-3xbtGzpgCMq-k2DciUFeun5xhjaPake0CCm6u8uif5jc39msIPVqE1GV5MTjT85966k_q54AvBldwxA54dk5lBbZ3dXvOE896Fsd5vKLYARIHw6AsxXLUqaMCgWQ3t5Ea8atrsc-2fBQHp0WfaF96m0rKubSLF8fr1DCTkLBcIfxZ8ogClYkn8eYVKNf3CL3s0Y5Fy_Gw8XKdWPoqlq7fIzD96SAPTqroX2CgsTfXf6q61L6rPK39Yk4pHrusCf-Asotr4BHHzBwulQUqWZ0YwFEizSgUHLmysjn9uW_fPceHp4Ds9h0rc775piJiyXHsS3uzBLtgXpgasYusy637fGlmeDdX92h3vdZx5nLeLM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows-office.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 07:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| $ function| jQuery object| bootstrap function| ym function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Ya object| yaCounter53965795 object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.windows-office.net/ Name: _ym_isad
Value: 2
.windows-office.net/ Name: _ym_d
Value: 1628838765
.windows-office.net/ Name: _ym_uid
Value: 1628838765621068
.windows-office.net/ Name: __gads
Value: ID=3cd5d161b5342ec4-22024fa8a9c900c8:T=1628838764:RT=1628838764:S=ALNI_MZPIyW3GUaGoELoZBVnAkd-nLKVvw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
linux-console.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
windows-office.net
www.google.com
www.googletagservices.com
142.250.184.194
185.26.122.72
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:6b8::1:119
0f83abcca7f07368819e3268d42f161edabcee4b56329c67de93779c1fba3ec5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19179b2b19b5f6e613de8c4e404c0b5dd897589d8ef57632d69384809463b194
27f73b3e1b0763441a0d11d649ee95ca3024bf2c19a0328625be169ee0ae98f6
292d592f7fa1df2fa653ecc1e03d5eb2ae68277c6df264f762aefb8218e23454
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f
3ea27f1b36d2e65dff4b9dc21a64124d08dd53544796168dc30578e65c322594
3fe11c2a0b4c2b50035c224d2e6c87ba19a05663811c459d4e3a2f780aede957
4e9c1b66317b17f8bf57363f405ee2e29ff081f4e64fe8caef9731558443bf0b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61a2cecf8326a8da732499312a098f89d050d13546f6204e6204de38c550437e
637b396cf138b60b63e1ddf7bbb682b2f47170dd1dfa00d4d514abadea1327ae
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8e5ae53005ae745d03d3695b53d50566928e881f42e26fa8f38ebf8fdb86b768
928f97f310d8f768c5e3d521e3b1ce2cff156f9cc60c5d09fad772f4a2c43f52
9301b5300fa18b50f774512c3549ded45bf41c30359d1824ced7cca0cc75e216
988a648a9b0e82f5995dc7d9aaf1f93f55d74b464cecc50a0128f8182f946996
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7ea544f7d56a4e1f66f5f615f56b0717ad0dc56908c2bf52154037384e495aa
b64f5b24ea77a1d3d876514ab1d69e4b7290665fbaef43fe428612f2ab4d6dbf
c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d21a206e2db186b1aafccdd7df6738802d2865d0d4ae7dba6e11d33e55754f6a
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
f695dd60c104cfcddb205261e50dc594b3d923e3baa7ff1cc939655a9c242d78
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6