windowexeallkiller.com Open in urlscan Pro
115.71.236.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://windowexeallkiller.com/
Submission Tags: falconsandbox
Submission: On January 21 via api (January 21st 2021, 5:12:37 am UTC) from US

Summary HTTP 32 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 32 HTTP transactions. The main IP is 115.71.236.95, located in Korea, Republic Of and belongs to GNJ-AS-KR DAOU TECHNOLOGY, KR. The main domain is windowexeallkiller.com.

This is the only time windowexeallkiller.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	115.71.236.95 115.71.236.95	45996 (GNJ-AS-KR...) (GNJ-AS-KR DAOU TECHNOLOGY)
4	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
32	10

4 115.71.236.95 (Korea, Republic Of)

ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR)

windowexeallkiller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com	713 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
5	google.com apis.google.com accounts.google.com	102 KB
4	windowexeallkiller.com windowexeallkiller.com	56 KB
2	facebook.net connect.facebook.net	59 KB
2	youtube.com www.youtube.com
1	facebook.com www.facebook.com
32	7

	Domain	Requested by
5	2.bp.blogspot.com	windowexeallkiller.com
4	platform.twitter.com	windowexeallkiller.com platform.twitter.com
4	apis.google.com	windowexeallkiller.com apis.google.com
4	windowexeallkiller.com	windowexeallkiller.com
3	4.bp.blogspot.com	windowexeallkiller.com
3	3.bp.blogspot.com	windowexeallkiller.com
2	connect.facebook.net	windowexeallkiller.com connect.facebook.net
2	www.youtube.com	windowexeallkiller.com
2	1.bp.blogspot.com	windowexeallkiller.com
1	syndication.twitter.com	windowexeallkiller.com
1	accounts.google.com	apis.google.com
1	www.facebook.com	connect.facebook.net
32	12

This site contains links to these domains. Also see Links.

Domain
www.superdownloads.com.br
windowexe.tistory.com
www.youtube.com
www.paypal.me
www.virustotal.com

Subject Issuer	Validity	Valid
*.apis.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://windowexeallkiller.com/
Frame ID: 3EDE58F3DF4C48ACB71F56786BE11BF7
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
Frame ID: 88C8B132A668ED62DE0AF54F10D0B86A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
Frame ID: E141DC1E385D72B2E43B330BAA11F8A9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b6d0700b80338%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff14b48148c527d8%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count
Frame ID: F198A8D9CDCD1F25BD7196912E787B8F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwindowexeallkiller.com
Frame ID: 72F55EB88BED4CC9AA65E4A8E030D197
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__
Frame ID: 7BA4153176809CD225471DE8E7D07940
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__
Frame ID: 4545B611B3D4ADB1007DB92602A82520
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 0C03BA63572F3760A52200E0FEB26A3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

32
Requests

47 %
HTTPS

80 %
IPv6

7
Domains

12
Subdomains

10
IPs

4
Countries

962 kB
Transfer

1340 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.superdownloads.com.br/download/85/windowexeallkiller/
Title: Português

Search URL Search Domain Scan URL

URL: http://windowexe.tistory.com/503
Title: 한국어

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=NjB21XQMztE&feature=youtu.be
Title: How to remove Pokki TaskBar Toolbar(Desk Band Class) introdution video

Search URL Search Domain Scan URL

URL: https://www.paypal.me/1357924
Title: Donate via Paypal

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/1e7dee7674f42eeb314d0cd626a6b7595a6dd4f7bbb2af6abaa8aeaf9dd5a748/analysis/1383313623/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/356955f237d6cebcb9724bce244337ee187879045aa01cae22286d58c3b82408/analysis/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/1adb097e4acded1d36ce54424c6f5a3a8f13c10543e63d8f5a4adfe6ea4648ff/analysis/1479976104/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/e2921c260cddae44b66b037f4dd62a6e107705312ecc83fc28836b2d3682e66b/analysis/1508501460/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/60d07658864c1dfe15bad0abad2659d462593b68a73f9d6b7aff2ac6cf1e9369/detection
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: http://windowexe.tistory.com/
Title: [Blog]

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage HTTP 307
https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Request Chain 19

http://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage HTTP 307
https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Request Chain 21

http://connect.facebook.net/en-US/all.js HTTP 307
https://connect.facebook.net/en-US/all.js

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
windowexeallkiller.com/ 34 KB
34 KB 876ms
602ms Document
text/html 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache / PHP/5.3.3
Resource Hash: 81220e938c21c19a6fe245005f84d39c5bbeeca7f932c8a99610108b80d6bac8

Request headers

Host: windowexeallkiller.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:17 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: PHPSESSID=lrivakrq7glf8ivmbcn3n80l23; path=/ f33d2ed86bd82d4c22123c9da444d8ab=MTYxMTIwNTkzNw%3D%3D; expires=Fri, 21-Jan-2022 05:12:17 GMT; path=/ 96b28b766b7e0699aa91c9ff3d890663=deleted; expires=Wed, 22-Jan-2020 05:12:16 GMT; path=/ 2a0d2363701f23f8a75028924a3af643=MTk0Ljk5LjEwNS45OQ%3D%3D; expires=Fri, 22-Jan-2021 05:12:17 GMT; path=/
Expires: 0
Last-Modified: Thu, 21 Jan 2021 05:12:17 GMT
Cache-Control: pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK style.css
windowexeallkiller.com/ 1 KB
2 KB 618ms
593ms Stylesheet
text/css 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/style.css
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache /
Resource Hash: af8e6b9dfc8804585365ba105e3c940e9412c2c3e88c89d9b0f9666558512340

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:18 GMT
Last-Modified: Tue, 17 Sep 2013 22:15:25 GMT
Server: Apache
ETag: "c2c1a-518-4e69ba8505940"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1304

GET
H/1.1 200
OK common.js Show response
windowexeallkiller.com/js/ 5 KB
5 KB 598ms
573ms Script
text/javascript 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/js/common.js
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache /
Resource Hash: 51955abe453072a1fe4f841f27c6a2ddc83c7928ebe46e54630398cc69615d63

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:18 GMT
Last-Modified: Fri, 22 Nov 2013 03:29:01 GMT
Server: Apache
ETag: "c2657-12ae-4ebbb9d851940"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 4782

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 45ms
25ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90364f9e89de88e01f85441ad4f682cef06a7d643a338d423019076a403b32f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8mkXXEmLdXK6EIfj4c8ulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "ce489fde74c25a877295fbc1287705bd"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-8mkXXEmLdXK6EIfj4c8ulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 21 Jan 2021 05:12:18 GMT

GET
H/1.1 200
OK 11_2014_07_09_11_47_24.png.png
1.bp.blogspot.com/-lZSXWRiJu_A/U7ytmKXU2lI/AAAAAAAAASE/fZdiNr4CdUc/s1600/ 52 KB
53 KB 208ms
201ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-lZSXWRiJu_A/U7ytmKXU2lI/AAAAAAAAASE/fZdiNr4CdUc/s1600/11_2014_07_09_11_47_24.png.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6ed124718ff6f7ffa6e1412ab22b0f85907d44f8dbcec3f375f2238adc934b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v132"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="11_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 53444
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-08-14_034908.png
2.bp.blogspot.com/-b1gWa0LKdAM/U-w0X98-z2I/AAAAAAAAAUk/7Lxehvx-c50/s1600/ 55 KB
55 KB 192ms
184ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-b1gWa0LKdAM/U-w0X98-z2I/AAAAAAAAAUk/7Lxehvx-c50/s1600/2014-08-14_034908.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f3abfc6f43035f1bb8c13e5a37265193212625404a111e2f2108dc532299caec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v14a"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-14_034908.png"
Timing-Allow-Origin: *
Content-Length: 55979
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-08-16_010036.png
2.bp.blogspot.com/-1B-bC89LgmA/U_ESj9c8iyI/AAAAAAAAAWI/uNibwLJM3p4/s1600/ 56 KB
57 KB 191ms
183ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-1B-bC89LgmA/U_ESj9c8iyI/AAAAAAAAAWI/uNibwLJM3p4/s1600/2014-08-16_010036.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

daf2452ecc085566e719ec0bb9a2f79de444c0d7ba3d143c206df255dcfcec5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v163"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-16_010036.png"
Timing-Allow-Origin: *
Content-Length: 57663
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 33_2014_07_09_11_47_24.png
3.bp.blogspot.com/-A8zOI2MoPx4/U8FNQ7oHQkI/AAAAAAAAATg/DQFfDVcJ2bY/s1600/ 53 KB
54 KB 186ms
177ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-A8zOI2MoPx4/U8FNQ7oHQkI/AAAAAAAAATg/DQFfDVcJ2bY/s1600/33_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8aa40b79aaff55e661f4023bf92c35c4a971ec3a5f718b57ba2b409f97fa7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v139"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="33_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 54557
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-08-29_031303.png
4.bp.blogspot.com/-G0Gf-vfMl9Q/U_9yhZXkaWI/AAAAAAAAAWo/MhxD4167_VY/s1600/ 71 KB
71 KB 184ms
176ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-G0Gf-vfMl9Q/U_9yhZXkaWI/AAAAAAAAAWo/MhxD4167_VY/s1600/2014-08-29_031303.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f8b4fc0f12b8f21f11ba86f377223540ef8684a907b680caa1cf90a5e5269a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v16b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-29_031303.png"
Timing-Allow-Origin: *
Content-Length: 72608
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-08-08_060053.png
4.bp.blogspot.com/-5BOBB21IMWw/U-RbXggXadI/AAAAAAAAAUQ/7aO3ydj-rSY/s1600/ 57 KB
58 KB 183ms
175ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-5BOBB21IMWw/U-RbXggXadI/AAAAAAAAAUQ/7aO3ydj-rSY/s1600/2014-08-08_060053.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2106095d181bd24bd54ebd41dc1890af1e0490ad12166c4bc26fb01729db80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v146"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-08_060053.png"
Timing-Allow-Origin: *
Content-Length: 58450
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-08-08_061418.png
3.bp.blogspot.com/-_gxjl4bhyIE/U-RbXl2drFI/AAAAAAAAAUM/bcyGFKov6Bc/s1600/ 62 KB
62 KB 185ms
177ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-_gxjl4bhyIE/U-RbXl2drFI/AAAAAAAAAUM/bcyGFKov6Bc/s1600/2014-08-08_061418.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

28f314a7885095bf4e64dae07b4fc797dd0b071c7d78ade945b89089307f6390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v145"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-08_061418.png"
Timing-Allow-Origin: *
Content-Length: 63430
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 55_2014_07_09_11_47_24.png
1.bp.blogspot.com/-MowMDXwnAAM/U7ytm6Vko2I/AAAAAAAAASU/3bzW1S5fD3I/s1600/ 50 KB
51 KB 187ms
181ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-MowMDXwnAAM/U7ytm6Vko2I/AAAAAAAAASU/3bzW1S5fD3I/s1600/55_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6f32124df8f78b2486c7e050a8577e952d46a5a30271db844f08d029dc3cb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v12f"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="55_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 51703
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-07-09_120009.png
2.bp.blogspot.com/-vYLA9NZtlt0/U7ywa1605BI/AAAAAAAAATQ/3WhNzj0ustk/s1600/ 60 KB
60 KB 184ms
177ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-vYLA9NZtlt0/U7ywa1605BI/AAAAAAAAATQ/3WhNzj0ustk/s1600/2014-07-09_120009.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2112af6cf9cff1b7c86febf3c3a18bc343e4acb64bfbc697333cbe6234339bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v135"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-07-09_120009.png"
Timing-Allow-Origin: *
Content-Length: 61185
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 2014-07-27_155257.png
2.bp.blogspot.com/-sUwSBqXi49o/U9SiYwrOnaI/AAAAAAAAAT8/Bs9Wg98RWzQ/s1600/ 51 KB
51 KB 168ms
163ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-sUwSBqXi49o/U9SiYwrOnaI/AAAAAAAAAT8/Bs9Wg98RWzQ/s1600/2014-07-27_155257.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49075f942f185144553f5a07b52853c24ae006880b15e1d793a2629c2b0346d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v140"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-07-27_155257.png"
Timing-Allow-Origin: *
Content-Length: 51934
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 77_2014_07_09_11_47_24.png
2.bp.blogspot.com/-nDWIX7UeKOE/U7ytnXdxOeI/AAAAAAAAASg/HCK1M3m45pw/s1600/ 57 KB
57 KB 181ms
178ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-nDWIX7UeKOE/U7ytnXdxOeI/AAAAAAAAASg/HCK1M3m45pw/s1600/77_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11e479851f1b6d158670bd8f1be2fddcc67b591f4d1fdf8260063627d66fa323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v12c"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="77_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 58100
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 88_2014_07_09_11_47_24.png
3.bp.blogspot.com/-Rm38cCmg6Ek/U7ytnlvJ3RI/AAAAAAAAASk/QBvoV7IjcKk/s1600/ 45 KB
46 KB 190ms
188ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-Rm38cCmg6Ek/U7ytnlvJ3RI/AAAAAAAAASk/QBvoV7IjcKk/s1600/88_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6f73766ac9162bf52ec4d41684bd6c65d1e6e937e8a713c1103e70346ccbedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v12e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="88_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 46263
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK 99_2014_07_09_11_47_24.png
4.bp.blogspot.com/-vlCVobPaiX4/U7ytn5m0oMI/AAAAAAAAASo/Cj4Og65ShWQ/s1600/ 38 KB
39 KB 190ms
188ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-vlCVobPaiX4/U7ytn5m0oMI/AAAAAAAAASo/Cj4Og65ShWQ/s1600/99_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2caf7fbd1fb272777a83b8386d9360e2454c3563a7a6ce6b41eca0bdcbd72c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v12d"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="99_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 39055
X-XSS-Protection: 0
Expires: Fri, 22 Jan 2021 05:12:19 GMT

GET
H/1.1 200
OK wrest.js Show response
windowexeallkiller.com/js/ 15 KB
15 KB 299ms
299ms Script
text/javascript 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/js/wrest.js
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache /
Resource Hash: 4250de59fb6fcf91557da76a53487364e2bde3c936d981ae8eff2cea3a944e34

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:18 GMT
Last-Modified: Mon, 09 Apr 2012 10:51:57 GMT
Server: Apache
ETag: "e2a15-3cb3-4bd3ccb84ad40"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 15539

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/ 138 KB
49 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e51f1f53f9449e241d46c551d63b14e91cb113480b04fd4e0e49d3b8c96505e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 18 Jan 2021 20:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 23:44:49 GMT
server: sffe
age: 205368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49563
x-xss-protection: 0
expires: Tue, 18 Jan 2022 20:09:31 GMT

GET
H2

200

g8Wwgk2N0tc
www.youtube.com/embed/ Frame 88C8
Redirect Chain

http://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

0
0

99ms
99ms

Document
text/html

2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/g8Wwgk2N0tc?feature=player_detailpage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 21016
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Jan 2021 05:12:19 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=F4rBFcxQ_IA; path=/; domain=.youtube.com; secure; expires=Tue, 20-Jul-2021 05:12:19 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=F4rBFcxQ_IA; path=/; domain=.youtube.com; secure; expires=Tue, 20-Jul-2021 05:12:19 GMT; httponly; samesite=None YSC=nOTSYWDBEUY; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 05:42:19 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
Non-Authoritative-Reason: HSTS

GET
H2

200

4Z2CTpjyYX0
www.youtube.com/embed/ Frame E141
Redirect Chain

http://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

0
0

112ms
112ms

Document
text/html

2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/4Z2CTpjyYX0?feature=player_detailpage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-length: 21155
cache-control: no-cache
x-content-type-options: nosniff
content-encoding: br
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
date: Thu, 21 Jan 2021 05:12:19 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=x98uF8inUX4; path=/; domain=.youtube.com; secure; expires=Tue, 20-Jul-2021 05:12:19 GMT; httponly; samesite=None YSC=QZbEmxKubCE; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 05:42:19 GMT VISITOR_INFO1_LIVE=x98uF8inUX4; path=/; domain=.youtube.com; secure; expires=Tue, 20-Jul-2021 05:12:19 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 93ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B73) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 233
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (amb/6B73)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2

200

all.js Show response
connect.facebook.net/en-US/
Redirect Chain

http://connect.facebook.net/en-US/all.js
https://connect.facebook.net/en-US/all.js

3 KB
2 KB

62ms
61ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en-US/all.js

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85953df67bc26348c672765e73de82fdf1e252a3fa16aba79fa3b2feda390bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HzMqDFCp1YMccVJ/yoFfxg==
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Jan 2021 05:32:19 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: dT6xm0xgWsKgckmCDLqeIY84Aqc3eTEv64NCVnBGblvo9aINS6IWWYOyoNa2fZ12OokWoxonLQcJL0MxTjwzRA==
x-fb-trip-id: 917726464
x-fb-content-md5: 83805fca63a3d4ce34aa36433d1191d0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 21 Jan 2021 05:12:19 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ccdc796aa3e1b7e30ab2e8718c551305"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en-US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 189 KB
57 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=4fb69a6a35a55bfcec5fdd595288fe67&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en-US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd283edcc4104f8dce54aec640815eca55d97d864eb0987bd76abec728f12433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://windowexeallkiller.com
Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: H9Q5u/Ge7dfiyhw3ldA6IQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 57981
x-fb-rlafr: 0
x-fb-debug: N4BEx0XUsc7tX4mkAIbD1AyvLiKtLhdoFPQbMRhQTu39QVDhtzQCmXu5cVTj+hUEhZUjO0kxospcz2oZHkV/uw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 391a1de2097d8b4447c0f3db082f7702
x-frame-options: DENY
date: Thu, 21 Jan 2021 05:12:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d69459ee442fff8ad0f595abf1956b12"
timing-allow-origin: *
expires: Fri, 21 Jan 2022 03:50:19 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame F198 0
0 102ms
102ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b6d0700b80338%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff14b48148c527d8%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4fb69a6a35a55bfcec5fdd595288fe67&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b6d0700b80338%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff14b48148c527d8%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: mNuoHUXzDLyRXYZT92CsUpefzRyXNFVNNg1tapkTjy/XGjbd/xFj9pksNPq4LQJz7vzmGlWBLfPruXhXbhJVTg==
date: Thu, 21 Jan 2021 05:12:19 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 72F5 0
0 14ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwindowexeallkiller.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://windowexeallkiller.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2884987
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Jan 2021 05:12:19 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BAC)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/ 97 KB
34 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8522e975610248422c56a2e37c845e45402019a5dc0eb99f05e4c303e6302cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 00:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 23:44:49 GMT
server: sffe
age: 189045
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34301
x-xss-protection: 0
expires: Wed, 19 Jan 2022 00:41:34 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 7BA4 0
0 24ms
22ms Document
text/html 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HsvoF+c2DADVaa7XV4QrIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=207=CjJqubXKqq3r10xoK0gmGcAGznvCla6P017Y6iiZzczuQqUnFMTcPstZu9Ae0Ocfm9cKhgg0YgQuKfHwHRAY-hB3Rnu4iWi4x7aVqPYAjzOn3FtQt-yze_nZ1pffxI-yZbo3RSdtdf3INFnwzedtUUVuof3Co6mWfQCf4cgm_zc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 21 Jan 2021 05:12:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-HsvoF+c2DADVaa7XV4QrIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 4545 0
0 107ms
42ms Document
text/html 2a00:1450:4001:81c::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6BO2/P1av8KO0n710Emz1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=207=CjJqubXKqq3r10xoK0gmGcAGznvCla6P017Y6iiZzczuQqUnFMTcPstZu9Ae0Ocfm9cKhgg0YgQuKfHwHRAY-hB3Rnu4iWi4x7aVqPYAjzOn3FtQt-yze_nZ1pffxI-yZbo3RSdtdf3INFnwzedtUUVuof3Co6mWfQCf4cgm_zc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 21 Jan 2021 05:12:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-6BO2/P1av8KO0n710Emz1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK button.63c51c903061d0dbd843c41e8a00aa5a.js Show response
platform.twitter.com/js/ 7 KB
3 KB 14ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B73) /
Resource Hash: e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:12:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (amb/6B73)
Age: 2885757
Etag: "62d4b0301f07768d13f3ee5de8633739+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 0C03 0
0 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B73) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://windowexeallkiller.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2885753
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Jan 2021 05:12:19 GMT
Etag: "076dccdedb34f3771be52190b917884e+gzip"
Last-Modified: Thu, 01 Oct 2020 21:49:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B73)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12263

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
383 B 172ms
171ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwindowexeallkiller.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1611205939972%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ed20a2b%3A1601588405575%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Thu, 21 Jan 2021 05:12:20 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5f68db8326393d46de7a07dc33a2f3c3
x-transaction: 001a5b3700bf1920
expires: Tue, 31 Mar 1981 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 19:56:57	Name: NID Value: 207=CjJqubXKqq3r10xoK0gmGcAGznvCla6P017Y6iiZzczuQqUnFMTcPstZu9Ae0Ocfm9cKhgg0YgQuKfHwHRAY-hB3Rnu4iWi4x7aVqPYAjzOn3FtQt-yze_nZ1pffxI-yZbo3RSdtdf3INFnwzedtUUVuof3Co6mWfQCf4cgm_zc
windowexeallkiller.com/	1970-01-19 15:34:52	Name: 2a0d2363701f23f8a75028924a3af643 Value: MTk0Ljk5LjEwNS45OQ%3D%3D
.youtube.com/	1970-01-19 19:52:37	Name: VISITOR_INFO1_LIVE Value: x98uF8inUX4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: QZbEmxKubCE
windowexeallkiller.com/	1970-01-20 00:19:01	Name: f33d2ed86bd82d4c22123c9da444d8ab Value: MTYxMTIwNTkzNw%3D%3D
windowexeallkiller.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lrivakrq7glf8ivmbcn3n80l23

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
apis.google.com
connect.facebook.net
platform.twitter.com
syndication.twitter.com
windowexeallkiller.com
www.facebook.com
www.youtube.com
104.244.42.136
115.71.236.95
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:802::2001
2a00:1450:4001:802::200e
2a00:1450:4001:808::2001
2a00:1450:4001:817::200e
2a00:1450:4001:81c::200d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
11e479851f1b6d158670bd8f1be2fddcc67b591f4d1fdf8260063627d66fa323
2112af6cf9cff1b7c86febf3c3a18bc343e4acb64bfbc697333cbe6234339bd2
28f314a7885095bf4e64dae07b4fc797dd0b071c7d78ade945b89089307f6390
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2caf7fbd1fb272777a83b8386d9360e2454c3563a7a6ce6b41eca0bdcbd72c72
3e51f1f53f9449e241d46c551d63b14e91cb113480b04fd4e0e49d3b8c96505e
4250de59fb6fcf91557da76a53487364e2bde3c936d981ae8eff2cea3a944e34
49075f942f185144553f5a07b52853c24ae006880b15e1d793a2629c2b0346d3
51955abe453072a1fe4f841f27c6a2ddc83c7928ebe46e54630398cc69615d63
6ed124718ff6f7ffa6e1412ab22b0f85907d44f8dbcec3f375f2238adc934b11
81220e938c21c19a6fe245005f84d39c5bbeeca7f932c8a99610108b80d6bac8
8522e975610248422c56a2e37c845e45402019a5dc0eb99f05e4c303e6302cf0
85953df67bc26348c672765e73de82fdf1e252a3fa16aba79fa3b2feda390bd8
8aa40b79aaff55e661f4023bf92c35c4a971ec3a5f718b57ba2b409f97fa7767
90364f9e89de88e01f85441ad4f682cef06a7d643a338d423019076a403b32f0
a6f73766ac9162bf52ec4d41684bd6c65d1e6e937e8a713c1103e70346ccbedc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af8e6b9dfc8804585365ba105e3c940e9412c2c3e88c89d9b0f9666558512340
cd283edcc4104f8dce54aec640815eca55d97d864eb0987bd76abec728f12433
daf2452ecc085566e719ec0bb9a2f79de444c0d7ba3d143c206df255dcfcec5f
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e2106095d181bd24bd54ebd41dc1890af1e0490ad12166c4bc26fb01729db80c
f3abfc6f43035f1bb8c13e5a37265193212625404a111e2f2108dc532299caec
f6f32124df8f78b2486c7e050a8577e952d46a5a30271db844f08d029dc3cb7d
f8b4fc0f12b8f21f11ba86f377223540ef8684a907b680caa1cf90a5e5269a67

windowexeallkiller.com Open in urlscan Pro 115.71.236.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

47 %HTTPS

80 %IPv6

7 Domains

12 Subdomains

10 IPs

4 Countries

962 kBTransfer

1340 kBSize

6 Cookies

10 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windowexeallkiller.com Open in urlscan Pro
115.71.236.95 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

47 %
HTTPS

80 %
IPv6

7
Domains

12
Subdomains

10
IPs

4
Countries

962 kB
Transfer

1340 kB
Size

6
Cookies

32 HTTP transactions
0 data transactions