ja.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.nex-software.com/what-is-omtsreco-exe
Submission Tags: falconsandbox
Submission: On May 13 via api (May 13th 2021, 1:07:45 pm UTC) from US

Summary HTTP 66 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3032::6815:4aa6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.nex-software.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2021. Valid for: a year.

This is the only time ja.nex-software.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3032::6815:4aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:21f... 2600:9000:21f3:2600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:303... 2606:4700:3034::ac43:cc49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:219... 2600:9000:2190:3000:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2600:9000:219... 2600:9000:2190:800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
10	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:3600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.130.50.33 3.130.50.33	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:219... 2600:9000:2190:8000:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
66	24

19 2606:4700:3032::6815:4aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::ac43:cc49 (United States)

ASN13335 (CLOUDFLARENET, US)

pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:3000:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:3600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.50.33 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-50-33.us-east-2.compute.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2190:8000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

116d4d416bbcba429c6f11a22b2f01a5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	nex-software.com ja.nex-software.com nex-software.com pic.nex-software.com	1 MB
9	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	134 KB
9	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com l.sharethis.com	38 KB
7	googlesyndication.com pagead2.googlesyndication.com 116d4d416bbcba429c6f11a22b2f01a5.safeframe.googlesyndication.com tpc.googlesyndication.com	74 KB
3	zx-adnet.com cdn.zx-adnet.com	20 KB
2	consensu.org stat.optad360.mgr.consensu.org c.sharethis.mgr.consensu.org	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	optad360.io get.optad360.io	202 KB
1	google.com adservice.google.com	313 B
1	google.de adservice.google.de	313 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	nawpush.com na.nawpush.com	379 B
1	cstwpush.com cst.cstwpush.com	60 KB
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz	20 KB
66	16

	Domain	Requested by
13	pic.nex-software.com	ja.nex-software.com
12	nex-software.com	ja.nex-software.com nex-software.com
8	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
5	platform-cdn.sharethis.com	ja.nex-software.com
4	pagead2.googlesyndication.com	cst.wpu.sh securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdn.zx-adnet.com	ja.nex-software.com cdn.zx-adnet.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	counter.yadro.ru	1 redirects ja.nex-software.com
2	get.optad360.io	ja.nex-software.com get.optad360.io
1	116d4d416bbcba429c6f11a22b2f01a5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	l.sharethis.com	platform-api.sharethis.com
1	cdn.jsdelivr.net	get.optad360.io
1	count-server.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	js.wpushsdk.com	cst.wpu.sh
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	na.nawpush.com	cst.wpu.sh
1	platform-api.sharethis.com	ja.nex-software.com
1	cst.cstwpush.com	ja.nex-software.com
1	cst.wpu.sh	1 redirects
1	load5.biz	ja.nex-software.com
1	ja.nex-software.com
66	26

This site contains links to these domains. Also see Links.

Domain
nex-software.com
de.nex-software.com
it.nex-software.com
fr.nex-software.com
ro.nex-software.com
pt.nex-software.com
sv.nex-software.com
no.nex-software.com
nl.nex-software.com
da.nex-software.com
bg.nex-software.com
lt.nex-software.com
lv.nex-software.com
pl.nex-software.com
et.nex-software.com
fi.nex-software.com
hu.nex-software.com
sk.nex-software.com
sl.nex-software.com
uk.nex-software.com
ru.nex-software.com
hr.nex-software.com
cs.nex-software.com
vi.nex-software.com
tr.nex-software.com
th.nex-software.com
id.nex-software.com
hi.nex-software.com
sr.nex-software.com
ms.nex-software.com
ko.nex-software.com
el.nex-software.com
ar.nex-software.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-11` - `2022-05-10`	a year	crt.sh
load4.biz R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
www.cevision.tech GTS CA 1D2	`2021-03-21` - `2021-06-19`	3 months	crt.sh
cstwpush.com R3	`2021-04-22` - `2021-07-21`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
na.nawpush.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
stat.optad360.mgr.consensu.org R3	`2021-02-27` - `2021-05-28`	3 months	crt.sh
js.wpushsdk.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-11` - `2022-03-26`	10 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://ja.nex-software.com/what-is-omtsreco-exe
Frame ID: C402C893ABB5D8CD71DF86FD71D1D3ED
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 8615B64955C730FE7A5802069413D117
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 15C682689B987E680948FD437A7CA4C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 72650FF8F44107D7C0F4B388884E1B1F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

66
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

26
Subdomains

24
IPs

4
Countries

1611 kB
Transfer

2924 kB
Size

3
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://nex-software.com/download/reimage
Title: Windowsのエラーと最適化システムのパフォーマンスを修正するにはここをクリック

Search URL Search Domain Scan URL

URL: https://nex-software.com/que-es-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://de.nex-software.com/was-ist-eine-omtsrecoexe-datei

Search URL Search Domain Scan URL

URL: https://it.nex-software.com/che-cosa-e-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://fr.nex-software.com/qu39est-ce-que-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://ro.nex-software.com/ce-este-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://pt.nex-software.com/o-que-e-um-arquivo-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://sv.nex-software.com/vad-ar-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://no.nex-software.com/hva-er-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://nl.nex-software.com/wat-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://da.nex-software.com/hvad-er-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://bg.nex-software.com/kakvo-e-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://lt.nex-software.com/kas-yra-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://lv.nex-software.com/kas-ir-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://pl.nex-software.com/co-jest-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://et.nex-software.com/mis-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://fi.nex-software.com/mika-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://hu.nex-software.com/mi-az-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://sk.nex-software.com/co-je-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://sl.nex-software.com/kaj-je-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://uk.nex-software.com/sho-take-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://ru.nex-software.com/chto-takoe-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://hr.nex-software.com/sto-je-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://cs.nex-software.com/co-je-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://vi.nex-software.com/omtsrecoexe-la-gi

Search URL Search Domain Scan URL

URL: https://tr.nex-software.com/omtsrecoexe-dosyasi-nedir

Search URL Search Domain Scan URL

URL: https://th.nex-software.com/what-is-omtsreco-exe

Search URL Search Domain Scan URL

URL: https://id.nex-software.com/apa-itu-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://hi.nex-software.com/what-is-omtsreco-exe

Search URL Search Domain Scan URL

URL: https://sr.nex-software.com/shta-je-omtsrecoeke

Search URL Search Domain Scan URL

URL: https://ms.nex-software.com/apa-itu-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://ko.nex-software.com/what-is-omtsreco-exe

Search URL Search Domain Scan URL

URL: https://el.nex-software.com/ti-einai-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://ar.nex-software.com/ma-ho-omtsrecoexe

Search URL Search Domain Scan URL

URL: https://sr.nex-software.com/
Title: ja.nex-software.com - 2021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 34

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-omtsreco-exe;0.6564962753598289 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-omtsreco-exe;0.6564962753598289

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request what-is-omtsreco-exe Show response
ja.nex-software.com/ 36 KB
6 KB 114ms
89ms Document
text/html 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c338d3149fcca167cfb41ac6cc2da9ed9e92959f61ff8df1d025f0b5d508ace

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ja.nex-software.com
:scheme: https
:path: /what-is-omtsreco-exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0a076fe8d40000536329ac5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m8kSWwcmoKzABoLzbYWBDWmiBK6Qj8UN3IKLozMlPqwCUiU7jkGpVC%2Bhi1yE6DPh4D5z7eNZMClx%2BM8g0cnxnCI1b8tqMN4SAiTi0wCwG5a4t%2FLgqZ9WGRnGbzAhyBum"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64ec1c215f345363-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 20 KB
20 KB 93ms
34ms Script
application/javascript 143.198.248.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.64 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d9887c30c5d49f4cd3de242fd97e9e87ead9f2f43f4d5400531f30d2fe360e1e

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 13 May 2021 13:07:27 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 css.css
nex-software.com/template/css/ 6 KB
888 B 25ms
16ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/css.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 566
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe93d0000536343bff000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"180a-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kVfL0QwvvtsHRtkLLlRW1PuTUsZwNibKTESdFIAXWAGjbqkRMv3zD05qlSn7XFtuv2%2BH5q467%2BbwqZiFWiENn9viH5%2FB68XoORzU73iz%2BIXMGq4MzOH6la9F9%2Bc7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c21f8df5363-FRA

GET
H2 200 bootstrap.min.css
nex-software.com/template/css/ 132 KB
18 KB 35ms
26ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/bootstrap.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 566
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe93d000053632aa06000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211f6-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wa1gFdI749YjA1miqpNCU1Qs3DT4%2F4CDXSlUpAh4pHGFjkSIvc%2FZGJqCrppvTH%2FiTP4jyXPO5vWW3BYpHnoSYehk5mbZkrOMxT0%2Fqwz8Wf%2Fno5sEcQu9wM%2FR%2FLnd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c21f8de5363-FRA

GET
H2 200 jquery.bxslider.css
nex-software.com/template/css/ 3 KB
1 KB 28ms
19ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/jquery.bxslider.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2146
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe93c000053632792e000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dfd-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7G3wbx4l%2BKrQbLhuWSo7wHDQi8wMRvaS8E62UmdinrmPnkidXXL9MW1jYqi3xY93tCP9GvLfoUOqRTl5%2FRVXKh34YXbHnArldlnf%2FxnkHNAyzYkFBzOGBC916GVB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c21f8db5363-FRA

GET
H2 200 style.min.css
nex-software.com/template/css/ 30 KB
5 KB 26ms
17ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/style.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2146
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe93d00005363ef2e5000000001
last-modified: Thu, 25 Feb 2021 19:47:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7999-5bc2e6d21c340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BJGkgf9eAAU%2BSR%2F2GwFsWJzQCaWmkUKt5mLQcaDaU2ll5EOJSatNpdH6Jt9NWAulAMhT47MbkKZjr06wMkwAYa51Ha%2FjCe9l8hd1keP9LOPvclBgK2d7IhbWWIBi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c21f8e15363-FRA

GET
H2 200 lang.min.css
nex-software.com/template/css/ 30 KB
20 KB 38ms
29ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/lang.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2146
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe93d0000536357aaa000000001
last-modified: Mon, 24 Feb 2020 17:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"76b8-59f556d479e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P0lQ9uS06nwsCzbr2g%2BawV4gEc81cr%2FGuKskt5e5ZYMf7p8G21XK6nK0MMgBGcaWroGC3%2BLAxBgwDFOQT41SnfVyqBRQ875mrlIVd4%2Fx9TGxhDOaBUOrjSS22Y%2Fh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c21f8e55363-FRA

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 38ms
8ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

869a22e82111ba0c1bd9a0dc3024ae66b0f0c675312a94109133f2a645efef8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Tue, 11 May 2021 19:10:09 GMT
x-timer: S1620911248.695606,VS0,VE1
etag: "58bdb5e5c645560c69a4932a876ee11b25f26785891b84d17b6391df2cb719f7-br"
x-served-by: cache-hhn4070-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 13 May 2021 13:07:27 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19590
x-cache-hits: 1

GET
H/1.1

200
OK

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

59 KB
60 KB

51ms
9ms

Script
text/plain

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d68a718d6ed924d01a6eb2d4ac4b312f67946332eb1cfc62c1bb3dd7635fa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 13:07:27 GMT
Connection: Keep-Alive
Last-Modified: Wed, 12 May 2021 11:23:24 GMT
x-amz-meta-s3cmd-attrs: atime:1620818588/ctime:1620818588/gid:0/gname:root/md5:459921870454e0ca43e08f37ad97abb6/mode:33188/mtime:1620818559/uid:0/uname:root
x-amz-request-id: tx00000000000000772b971-00609d1a78-fc22bc6-fra1a
etag: "459921870454e0ca43e08f37ad97abb6"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1620911247.dop018.fr8.t,1620911247.cds055.fr8.shn,1620911247.cds055.fr8.c
Content-Type: text/plain
Cache-Control: max-age=1017
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60202

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Thu, 13 May 2021 13:07:27 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/ 271 KB
73 KB 40ms
11ms Script
application/javascript 2600:9000:21f3:2600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 12:42:41 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 08:39:38 GMT
server: AmazonS3
age: 1487
etag: W/"17e80f6c6feec0780f80abd32f10552b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: JGqsQsHdkheqXTrfHIUv9W3Oj1XwYAwpy5bemeoY4GA64CSZVKWYtw==

GET
H2 200 what-is-bm-exe-min.jpg
pic.nex-software.com/img/process-information/2739/ 38 KB
39 KB 52ms
41ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2739/what-is-bm-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

991ecbf1cd5f362f0dc65fdbce97140d803392c8629f6cc23a039a7f7dfa142a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39221
cf-request-id: 0a076fe944000053630736b000000001
last-modified: Sun, 09 Feb 2020 22:13:22 GMT
server: cloudflare
etag: "9935-59e2bee478480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kLVqfI3VnSebmlBiUmbFxEZdciMQTpFJ8oNvzv3Htfo5cpP1l%2BTXv50%2FqMdmFAesYMiHx8GFd3sHEo783oBYZV5foDXOh6d2dwJ7VxxcN7gm2%2Bb1Z0bN73iPyOcOIqilqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2208fa5363-FRA

GET
H2 200 what-is-hsmgr-exe-min.jpg
pic.nex-software.com/img/file-info/252/ 37 KB
37 KB 53ms
42ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/252/what-is-hsmgr-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9db6545dbf36edff95d27a0f0753c152d3f39ae51ca7f7bace01083bd78119c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37579
cf-request-id: 0a076fe94100005363e902e000000001
last-modified: Sun, 14 Jul 2019 08:07:12 GMT
server: cloudflare
etag: "92cb-58d9fa17a0c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8ijVi5Chlu3%2FvORCXfLNePlbWmAPfhuseW1WZ8XboRgH30UNfrkhjui32TEyltM5Ee8WFCVq68ADEHqPvKIMsAFdPfzRTOLl5eZhIMV2h1xMxn5e%2FdGrAQndsiEJ76OUsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2209005363-FRA

GET
H2 200 what-is-task-vbs-min.jpg
pic.nex-software.com/img/process-information/1634/ 128 KB
128 KB 25ms
15ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1634/what-is-task-vbs-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c994704d104eaec73c9da83c01ab143e46380cc0828b9cad2293f973438ad1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130692
cf-request-id: 0a076fe9410000536304892000000001
last-modified: Sun, 09 Feb 2020 22:09:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1fe84-59e2be10c1100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cy8CN6SeJEFwXyJ70OFMeUUEZS3kQvy%2B0e4neSjD33TSjhRaTscKg4jajjpRUSFR4Yq%2F2e4w4v4G5T7xw1nnxygSKHneTRuIIV%2BktkzgW3VPISNQ2eE3JcxaVBoL%2BIkL4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2208fc5363-FRA

GET
H2 200 what-is-jhi_service-exe-min.jpg
pic.nex-software.com/img/file-info/235/ 51 KB
52 KB 32ms
21ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/235/what-is-jhi_service-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6b06005c15339e08ffe882d8ce8538be3156f00ccde2b5a1f785bb52b6436d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3672
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52704
cf-request-id: 0a076fe94400005363391aa000000001
last-modified: Sun, 14 Jul 2019 08:07:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cde0-58d9fa0fffa00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FkifhDyFyiAQDaM3T9z7yyPrHakGUL2a1oRYuuyRgxLuhmsMoAainPjbjQCjLJAzlhDA87eln1ll4ax%2FqCJ8j2rujJ8b1jsbtYrQY%2BGZAgjrAGPYoNmryRp7Uat9qsYhww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2208f75363-FRA

GET
H2 200 what-is-spaceman-exe-min.jpg
pic.nex-software.com/img/process-information/1073/ 217 KB
217 KB 46ms
36ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1073/what-is-spaceman-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

790f85a4969432c9672328825a51d1784055f90b78fdaa4e6fb267e76e66344f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 221930
cf-request-id: 0a076fe9400000536314094000000001
last-modified: Sun, 09 Feb 2020 22:09:56 GMT
server: cloudflare
etag: "362ea-59e2be2003500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cE9OnLd7CsgcUoIUcqr7janjMvUf5%2F1eWfjg9NN287znt0NyajHqvzIlFjha9HRAFfEFCZOucAtsUaRKgDV%2BHDxd9WF9ZnVpkcPov2UTYoufcpzGV8H7kV%2FdoGmxM4KuOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2208f45363-FRA

GET
H2 200 what-is-watchdog-exe-min.jpg
pic.nex-software.com/img/process-information/1333/ 39 KB
39 KB 53ms
43ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1333/what-is-watchdog-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61dce4c471639dd33c0728cd1e3c192286096e92e1a233ab2e3a2d14041f8915

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39792
cf-request-id: 0a076fe941000053634ca32000000001
last-modified: Sun, 09 Feb 2020 22:09:06 GMT
server: cloudflare
etag: "9b70-59e2bdf054480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=867%2BbkElUSNod1ZyOFfmpKSD0w9JfeeK2s6weQuDLzaqFuB5uCa9t0SU%2BlsLkN9TORI2FB%2FVdrVIIvetTMtp18CRqJzcOCrtHYlt1k%2FrRBm3ZWkvnT%2BF%2FGA3UkireXb8VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2208fd5363-FRA

GET
H3-29 200 what-is-bitspirit-exe-min.jpg
pic.nex-software.com/img/process-information/3340/ 27 KB
27 KB 62ms
49ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3340/what-is-bitspirit-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a720c78b2df051e70ae7daa070cb781e0cfc58de03d977bac7eabfb7a85c21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27183
cf-request-id: 0a076fe96900004dfa5035f000000001
last-modified: Sun, 09 Feb 2020 22:13:24 GMT
server: cloudflare
etag: "6a2f-59e2bee660900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LXYqrCPBbOYndsgMMDnIBV7w723wfNjYkXVdqwpb0RLgq65gueHKom%2BVoPQtblYgDYJBJhCKah%2FpNP1P52HmttalyPfKldPNpsrjI5UaUrjgT9gmhrqDr4gr8ZVzucv7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c22499a4dfa-FRA

GET
H3-29 200 what-is-fltmgr-min.jpg
pic.nex-software.com/img/file-info/583/ 80 KB
80 KB 63ms
50ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/583/what-is-fltmgr-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f746a923d80a543b847fa37688a18edf8ec81088685e12e137b72d14e9da92a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81475
cf-request-id: 0a076fe96a00004dfa3aa7e000000001
last-modified: Sun, 14 Jul 2019 08:07:18 GMT
server: cloudflare
etag: "13e43-58d9fa1d59980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0FaPZNyw5aWMt66TVmi4Y55Z4dvOeNdWtaAp6P8sK%2B%2FTVROeGmNmomalEYWkrrhnMTqLip4NGgqcevFl2be%2BrKEJ5%2Bot6Ej%2FyMb6IZsbKtEFjSBKFMxy%2FST6vOGvNnQl5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2249a04dfa-FRA

GET
H3-29 200 what-is-shellex-dll-min.jpg
pic.nex-software.com/img/process-information/3579/ 46 KB
47 KB 87ms
74ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3579/what-is-shellex-dll-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f39cd2826daf1ff6d1037c121999a522e25fbd5cd2486c5d2aa01909c205b77

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47323
cf-request-id: 0a076fe96a00004dfa450a9000000001
last-modified: Sun, 09 Feb 2020 22:10:04 GMT
server: cloudflare
etag: "b8db-59e2be27a4700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QiIuNQZFUogWefZlBEg7XKavytI7dS46a6CeGhxFGfavrjPCggG5S%2B4I6PCyXkSDYKpe%2BRFqVtzgChjYkiRbJVfNE36MhmmTcqOcL20%2BQjDnDFgizDa%2BPhDcCDiiJYFqyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c2249a14dfa-FRA

GET
H3-29 200 what-is-serenum-min.jpg
pic.nex-software.com/img/process-information/2805/ 23 KB
23 KB 71ms
59ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2805/what-is-serenum-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f40a4fd646bf1594160c2bda45e9837f855b04293e97caa006965b93b96e06

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23406
cf-request-id: 0a076fe96a00004dfa3218b000000001
last-modified: Sun, 09 Feb 2020 22:10:06 GMT
server: cloudflare
etag: "5b6e-59e2be298cb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lGTPJXWffZRpB4rFkZFfkc%2Fm5Q5ujXiWoG9P8P8nUVhK49qIkmRi%2B6yqgrOif89RopLtAPJWUa505xsfuogeQU%2F%2BIzIef62%2Bse%2BU2TcOmsTo%2Bzru3vK1YXr5wn4KqDHZEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c22499e4dfa-FRA

GET
H3-29 200 what-is-freecell-exe-min.jpg
pic.nex-software.com/img/process-information/1084/ 157 KB
158 KB 67ms
55ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1084/what-is-freecell-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6165670ec9a6764dfe409c7706b29c19a9edad122b11a4856e5489e74836ec8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 160945
cf-request-id: 0a076fe96900004dfa11805000000001
last-modified: Sun, 09 Feb 2020 22:12:22 GMT
server: cloudflare
etag: "274b1-59e2beab3fd80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7CZiZtXWiHZr%2BIDRatYppTzNsnGJQs9ZC6R9vtNz1wtLBPXDct%2BrRoY1z0cQNLPL%2FQg74xoAUfPzlRt3eSM%2FBAiXI9xFviCdBblDVR20FAgrRPlnEtBMNuXPqMRqliXVkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c22499c4dfa-FRA

GET
H3-29 200 what-is-isas-exe-min.jpg
pic.nex-software.com/img/process-information/253/ 24 KB
24 KB 85ms
72ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/253/what-is-isas-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3dc15eba88dbbad064f8ea41ff15d206c940ca6292b555f1ea9cbdbe9c5d04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24324
cf-request-id: 0a076fe96900004dfaec90d000000001
last-modified: Sun, 09 Feb 2020 22:11:46 GMT
server: cloudflare
etag: "5f04-59e2be88eac80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EKo%2BPEgRDsQzhpQ7WF5c40w%2B3x84vQ3xlE0o%2FFRp6yKx1TEDBpynltSFChsSazHGpAusGzuomTVWv0JflRubY6hBBuo0EsO3QeRrO9%2F759qAgHFB4kvNqfM3SvDCrUp%2FRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c22499d4dfa-FRA

GET
H3-29 200 what-is-pev-exe-min.jpg
pic.nex-software.com/img/process-information/741/ 36 KB
37 KB 39ms
26ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/741/what-is-pev-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25d463028655a985857582f68d27ce68cc6896dadcaf58be657e48bbaf2534f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6784
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37100
cf-request-id: 0a076fe96a00004dfa46309000000001
last-modified: Sun, 09 Feb 2020 22:10:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "90ec-59e2be4be1c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GMbyfEmJMvOFGw2I0VxaZlK7U3H9F4KICDFrllIUMK8J17AG5BVzoJ1Sk8Z%2BFEDeURebPrRfHYf%2FmZqiPxFKgiK3al1Liz%2FeLn0Tn%2FP21qhbpCZRgIdSkm%2FyAv5Q2IGw8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c22499f4dfa-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 48ms
15ms Script
text/javascript 2600:9000:2190:3000:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3000:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:02:22 GMT
content-encoding: gzip
age: 305
etag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: wRz-I2Rk1z5S5vcA_jbiN1Q4Oa5U2P7xQO-zX0eHdWO6n9APIq2Q_w==

GET
H2 200 jquery-3.1.1.min.js Show response
nex-software.com/template/js/ 85 KB
29 KB 33ms
25ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery-3.1.1.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1650
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe93d000053634fb08000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"152b5-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vQjsyor4tz4h5RqAuLJ%2Bwqtj%2F2FdnNgVtOEZy3PABKn16lPQgjbgfJb3VrMCfOKTmR4gKh%2BNBhIHOC1NO2a%2BZlYrPTiES4%2FfX85aBIKoUqrKVghFvsmIuUl%2FR9Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c21f8e65363-FRA

GET
H3-29 200 jquery.slicknav.min.js Show response
nex-software.com/template/js/ 8 KB
3 KB 40ms
19ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.slicknav.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1650
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe9630000d70d213d6000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"20df-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=McZKznCh8k1OnyKWhA4Q7N%2BTMy6zIgKpFHWZrhHIZ1bqYdA2hvJIHccJTBMUKwjg%2BJShYTaS09vO1UIaJo4Y5jo69oXLBGfTP%2FWx6y3Ald10QhZ9OYYs7ifhYeuj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c223c2ad70d-FRA

GET
H3-29 200 jquery.bxslider.min.js Show response
nex-software.com/template/js/ 23 KB
6 KB 39ms
19ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.bxslider.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1650
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe9620000d70d4fb59000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bf7-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KYbTKof7JNOrGvz%2BoePamkQI86vBkKzTUaQOjeG7ixx%2BRNpZOAFvQ8TVhENOcyem12F3znh68Wp%2BMowIHgXwkxdVq7teulMvuT0cBZcXl9fl2Cy6nJ%2FjAZDSP2p0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c223c25d70d-FRA

GET
H3-29 200 script.js Show response
nex-software.com/template/js/ 2 KB
1 KB 35ms
16ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/script.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1650
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a076fe9620000d70d608bf000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63c-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VY8%2BpIDcxINUwWGij7J4BHhrpsK1C9UjRxWhFxMhyy3dEmVqqp4Ux27Tf%2FAbMbmz6e1GTb3UEItn0OT6SBEQf7hQXlI4VHHHJAdvAiH6cMrnVwasF9eq3F6wV1lc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64ec1c223c28d70d-FRA

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
240 B 263ms
263ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.1834303631111307

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Tue, 11 May 2021 19:10:09 GMT
x-timer: S1620911248.723002,VS0,VE252
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-hhn4070-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 13 May 2021 13:07:27 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 0

GET
H2 200 1350 Show response
na.nawpush.com/tags/ 240 B
379 B 55ms
17ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1350
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 13 May 2021 13:07:27 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9885e11888dae4819023ae57028a2ee7158ff1addfb6795b4e8dfd971f36981f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49903
x-xss-protection: 0
server: cafe
etag: 2731610590536240358
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 May 2021 13:07:27 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
nex-software.com/template/css/ 18 KB
19 KB 52ms
38ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18728
cf-request-id: 0a076fe9e4000018e59fb4f000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4928-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wkvdKoJnMGP%2F7ajSqaClwlFt6lPuoZ5vLp909qX6DkKARYD4KhiZUSgyHlOzEDF4VobAX9KXay0XWKzn0umaHX%2BNzpZW4JOQ59Q6nxzTdfzshPTIvK9roFDP94fp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c23085018e5-FRA

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
nex-software.com/template/css/ 18 KB
19 KB 63ms
51ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18684
cf-request-id: 0a076fe9e4000018e5db260000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "48fc-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QRxpJkkoayM8OnK83%2BhvWtfhDq%2Bpxbm%2FHFds4xP6NEiq8aAGHNKVQusl9s3lAw0DDfPrhBolvlL3MDltQfQdlYUgauciq1cPluhsnChBq2X8klJdqAHmzqwPK6tr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c23085118e5-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
nex-software.com/template/css/ 19 KB
19 KB 56ms
44ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:27 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18956
cf-request-id: 0a076fe9e3000018e5e4308000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4a0c-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MyR2VIgYM%2BDFem6ae5G%2B1F0B6VhfHI3ZQ%2FKCgXIPdh279E%2B74By7fw3msWEHBUI8cDzJdF89OsvwWYXRrm5fefdpRgAEL7TsUWVjfsFNHML3ubPkdp2ZCjruDUqp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64ec1c23084f18e5-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-omtsreco-exe;0.6564962753598289
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-omtsreco-exe;0.6564962753598289

43 B
496 B

47ms
46ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-omtsreco-exe;0.6564962753598289

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 13:07:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 12 May 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 13:07:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-omtsreco-exe;0.6564962753598289
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 12 May 2020 21:00:00 GMT

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
770 B 92ms
43ms Script
text/javascript 2600:9000:2190:800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "8f8c95d8315dedb8a7c82f24235b706f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 434
x-amz-cf-id: c_gOBXEqtBeaAlDMo1H96fxArbetvAEXmusctfRfWSBW8dAw3mFkbQ==

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 53ms
14ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b34c67107f1b7dd18c382366913a00a08956cc138ebed347df972e81b56ce299

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 13 May 2021 13:07:28 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 42ms
14ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

d59ae9b5e59720baa22412d22c214989d47f7c5826e540707704e3072b2c8a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "870 / 670 of 1000 / last-modified: 1620904231"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21199
x-xss-protection: 0
expires: Thu, 13 May 2021 13:07:28 GMT

GET
H2 200 prebid4.19.0.js Show response
get.optad360.io/sf/ 410 KB
129 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:2600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.19.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:47:51 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 09:52:06 GMT
server: AmazonS3
age: 332378
etag: W/"08b0612ac0c68ebf519b28323f4e2aa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: H3J0Dl_bdoD3KCLm1cDgdCxdsx-2j69Xu69I_4kuC5Gyrjz2oolPzw==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 8615 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210510/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 18:07:36 GMT
expires: Wed, 26 May 2021 18:07:36 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 68392
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 24ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 13 May 2021 14:07:28 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 15C6 2 KB
1 KB 64ms
20ms Document
text/html 2600:9000:206e:3600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Thu, 13 May 2021 12:25:19 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 9ECiA3evSuqejYSoFVHbhlryu0O-nA5ckGLLfB71uPB2QaMUu7MEdA==
age: 2529

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 74 B
401 B 244ms
243ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.nex-software.com/what-is-omtsreco-exe
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.1834303631111307
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 85
x-served-by: cache-hhn4070-HHN
server: Google Frontend
x-timer: S1620911248.181099,VS0,VE235
etag: W/"4a-U3myf635cTml8/jliRIqPS6GEqY"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 245102faef6ad0b5660382bced6cc784
cache-control: max-age=3600,public
function-execution-id: 77n5y29y2iol
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
x-cache-hits: 0

GET
H3-29 200 pubads_impl_2021050601.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 30ms
15ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 08:40:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109330
x-xss-protection: 0
expires: Thu, 13 May 2021 13:07:28 GMT

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 179 B
425 B 482ms
149ms Script
text/javascript 3.130.50.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.50.33 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-50-33.us-east-2.compute.amazonaws.com
Software: / Express
Resource Hash: 1bbef8cdf620e5263df260e3113a467a934301fc65053bf511ebadc82c19ac9a

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 13:07:28 GMT
Cache-Control: public, max-age=900
ETag: c9241af25eb2ce12c3e6e2a209ae53c1
Connection: keep-alive
X-Powered-By: Express
Content-Length: 179
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
680 B 47ms
14ms Image
image/svg+xml 2600:9000:2190:8000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 14 Apr 2021 17:58:45 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2488124
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: FbmMQfGo4-ax3CUU48rENC1QhoUAOoLOLbhr5vP7PZN_-XOkHMESFg==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 47ms
14ms Image
image/svg+xml 2600:9000:2190:8000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Apr 2021 09:16:00 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2173889
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: JcgbxZfaitxGDEmEl3EPce1BnvG1vLt1yQyizH-eF1kBv6oy01o5jQ==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 47ms
14ms Image
image/svg+xml 2600:9000:2190:8000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 17 Apr 2021 16:02:42 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2235887
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: Uw-8yzDhpBYF5h024j2Ug1IGQp3dOc3Y0vF7Xpp0Sbz5esYEEeG5wQ==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
723 B 47ms
14ms Image
image/svg+xml 2600:9000:2190:8000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 May 2021 01:48:15 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 127154
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: 8a240h7HWMBXG6vptyWGW1Isx3ywgjElrfwxtSKPMxVJKFZ66QkvHQ==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
893 B 47ms
14ms Image
image/svg+xml 2600:9000:2190:8000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-omtsreco-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Apr 2021 08:11:19 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2436970
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: BqMcWEfCyBx1LBPcP8EUXZXYK1r1HWfGha6AJczYUA_UdPIphVRLMg==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 9ms
7ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210513

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2df96438ee666a81b5a8d436b66fde66960b0cdace0f645a00b0241be1b3a10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 28098
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 956
etag: W/"69e-TJOdmC6NLOZ1me3iC9Vzngh0KBc"
x-served-by: cache-fra19145-FRA
date: Thu, 13 May 2021 13:07:28 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
341 B 62ms
15ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=ja.nex-software.com&location=%2Fwhat-is-omtsreco-exe&product=unknown&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=omtsreco.exe%E3%81%A8%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&bsamesite=true&consent_cookie_duration=173&consent_duration=173&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Oracle%20MTS%20Recovery%20Service%E3%81%A8%E5%91%BC%E3%81%B0%E3%82%8C%E3%82%8B%E3%83%97%E3%83%AD%E3%82%BB%E3%82%B9%E3%81%AF%E3%80%81Oracle%E3%81%AE%E3%82%BD%E3%83%95%E3%83%88%E3%82%A6%E3%82%A7%E3%82%A2Oracle%20MTS%20Recovery%20Service%EF%BC%88www.oracle.com%EF%BC%89%E3%81%AB%E5%B1%9E%E3%81%97%E3%81%BE%E3%81%99%E3%80%82%20%E8%AA%AC%E6%98%8E%EF%BC%9A%20Omtsreco.exe%E3%81%AFWindows%20OS%E3%81%AB%E5%BF%85%E9%A0%88%E3%81%A7%E3%81%AF%E3%81%AA%E3%81%8F%E3%80%81%E6%AF%94%E8%BC%83%E7%9A%84%E5%95%8F%E9%A1%8C%E3%81%8C%E5%B0%91%E3%81%AA%E3%81%84%E3%81%A7%E3%81%99%E3%80%82%20omtsreco.exe%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%AF%E3%80%81Windows%EF%BC%85PATH%EF%BC%85%E7%92%B0%E5%A2%83%E5%A4%89%E6%95%B0%E3%81%AB%E3%83%AA%E3%82%B9%E3%83%88%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%82%8B%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E3%81%AB%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%EF%BC%88%E3%81%9F%E3%81%A8%E3%81%88%E3%81%B0%E3%80%81%20C%EF%BC%9A%5C%20%EF%BC%89%E3%80%82%20Windows%2010%2F8%2F7%20%2F%20XP%E3%81%AE%E6%97%A2%E7%9F%A5%E3%81%AE%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%B5%E3%82%A4%E3%82%BA%E3%81%AF%E3%80%8157%2C%20603%E3%83%90%E3%82%A4%E3%83%88%EF%BC%88%E3%81%99%E3%81%B9%E3%81%A6%E3%81%AE%E5%87%BA%E7%8F%BE%E3%81%AE45%EF%BC%85%EF%BC%89%E3%80%8169%2C%20632%E3%83%90%E3%82%A4%E3%83%88%E3%80%81%E3%81%8A%E3%82%88%E3%81%B35%E5%80%8B%E3%81%AE%E3%83%90%E3%83%AA%E3%82%A2%E3%83%B3%E3%83%88%E3%81%A7%E3%81%99%E3%80%82%20%E3%83%90%E3%83%83%E3%82%AF%E3%82%B0%E3%83%A9%E3%82%A6%E3%83%B3%E3%83%89%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9OracleMTSRecoveryService%E3%81%A8%E3%81%97%E3%81%A6%E5%AE%9F%E8%A1%8C%E3%81%95%E3%82%8C%E3%81%BE%E3%81%99%E3%80%82%20%E3%81%93%E3%81%AE%E3%83%97%E3%83%AD%E3%82%B0%E3%83%A9%E3%83%A0%E3%81%AB%E3%81%AF%E8%A1%A8%E7%A4%BA%E5%8F%AF%E8%83%BD%E3%81%AA%E3%82%A6%E3%82%A3%E3%83%B3%E3%83%89%E3%82%A6%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%9B%E3%82%93%E3%80%82%20Windows%E3%82%B3%E3%82%A2%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%A7%E3%81%AF%E3%81%82%E3%82%8A%E3%81%BE%E3%81%9B%E3%82%93%E3%80%82%20%E3%82%A2%E3%83%97%E3%83%AA%E3%82%B1%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E3%81%AF%E3%80%81%E3%83%9D%E3%83%BC%E3%83%88%E3%82%92%E4%BD%BF%E7%94%A8%E3%81%97%E3%81%A6LAN%E3%81%BE%E3%81%9F%E3%81%AF%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%8D%E3%83%83%E3%83%88%E3%81%AB%E6%8E%A5%E7%B6%9A%E3%81%97%E3%81%BE%E3%81%99%E3%80%82%20Omtsreco.exe%E3%81%AF%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%8D%E3%83%83%E3%83%88%E3%81%AB%E6%8E%A5%E7%B6%9A%E3%81%A7%E3%81%8D%E3%81%BE%E3%81%99%E3%80%82%20%E3%81%97%E3%81%9F%E3%81%8C%E3%81%A3%E3%81%A6%E3%80%81%E6%8A%80%E8%A1%93%E7%9A%84%E3%81%AA%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E8%A9%95%E4%BE%A1%E3%81%AF%2058%EF%BC%85%E5%8D%B1%E9%99%BA%20%E3%81%A7%E3%81%99%E3%80%82%20%E3%81%9F%E3%81%A0%E3%81%97%E3%80%81%E3%83%A6%E3%83%BC%E3%82%B6%E3%83%BC%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%E3%82%82%E8%AA%AD%E3%82%80%E5%BF%85%E8%A6%81%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%80%82%20%E3%81%93%E3%81%AE%E3%83%90%E3%83%AA%E3%82%A2%E3%83%B3%E3%83%88%E3%81%AE%E3%82%A2%E3%83%B3%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%88%E3%83%BC%E3%83%AB%EF%BC%9A%20Oracle%20Database%2011g%20Express%20Edition%E3%81%A7%20%E5%95%8F%E9%A1%8C%E3%81%8C%E7%99%BA%E7%94%9F%E3%81%97%E3%81%9F%E5%A0%B4%E5%90%88%E3%80%81www.oracle.com%20Web%E3%82%B5%E3%82%A4
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 13:07:28 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ja.nex-software.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 20ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 19ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 B
261 B 152ms
152ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3383157589006774&correlator=450909054184697&output=ldjh&impl=fif&eid=31060784%2C31060990%2C31060998&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210513&iu_parts=121764058%2Cnex-software.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1620911248&dt=1620911248288&dlt=1620911247665&idt=597&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=3561452481&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=1243891104.1620911248&ga_sid=1620911248&ga_hid=1235183775&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

1f3539764e8789fb712e90eecf526e3f5332203d0746464714c8a822a9958370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
116d4d416bbcba429c6f11a22b2f01a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 73ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://116d4d416bbcba429c6f11a22b2f01a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
270 B 269ms
268ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3383157589006774&correlator=450909054184697&output=ldjh&impl=fif&eid=31060784%2C31060990%2C31060998&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210513&iu_parts=121764058%2Cnex-software.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1620911248&dt=1620911248292&dlt=1620911247665&idt=597&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=416&adks=1512492839&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=1243891104.1620911248&ga_sid=1620911248&ga_hid=1235183775&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

d8e3e2d775ac4d25db67dffb20e483c93c7bea6f22e1ab00dcd911b58dd780b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
269 B 466ms
465ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3383157589006774&correlator=450909054184697&output=ldjh&impl=fif&eid=31060784%2C31060990%2C31060998&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210513&iu_parts=121764058%2Cnex-software.com_am_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1620911248&dt=1620911248295&dlt=1620911247665&idt=597&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=1010&adks=3299979222&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=1243891104.1620911248&ga_sid=1620911248&ga_hid=1235183775&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e5630bc5b767d2d193973da86595e442f00d4efb3d584bb9fd1fdfb912e5eb9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
269 B 378ms
377ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3383157589006774&correlator=450909054184697&output=ldjh&impl=fif&eid=31060784%2C31060990%2C31060998&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210513&iu_parts=121764058%2Cnex-software.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1620911248&dt=1620911248298&dlt=1620911247665&idt=597&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=214&adks=1506358736&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=1243891104.1620911248&ga_sid=1620911248&ga_hid=1235183775&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2d7ed7ee1d88a49cc351675f93ff1130b999ce868cdfdb4982aec3dbeb0d90b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
270 B 624ms
624ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3383157589006774&correlator=450909054184697&output=ldjh&impl=fif&eid=31060784%2C31060990%2C31060998&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210513&iu_parts=121764058%2Cnex-software.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1620911248&dt=1620911248301&dlt=1620911247665&idt=597&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=1179&adks=1207021871&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1243891104.1620911248&ga_sid=1620911248&ga_hid=1235183775&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2686c97845c216f78c7f0bacada3150073ea4ac1d9dd6f3af1cb452d8ae17052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
267 B 542ms
542ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3383157589006774&correlator=450909054184697&output=ldjh&impl=fif&eid=31060784%2C31060990%2C31060998&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210513&iu_parts=121764058%2Cnex-software.com_adi_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1620911248&dt=1620911248303&dlt=1620911247665&idt=597&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=266&adks=2151281886&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-omtsreco-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1243891104.1620911248&ga_sid=1620911248&ga_hid=1235183775&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f692f5f9d3914a319f7b1499b5c5fbca6419cea68d49f19d73fecb0c2e2ea158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66a8d5640e2dd4160c1cd52fe19bd43c61a9c6d7daf980b48f32d0cc472fa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7719
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 13:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 13 May 2021 13:07:28 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7265 12 KB
5 KB 22ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 13 May 2021 12:54:27 GMT
expires: Fri, 13 May 2022 12:54:27 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 781
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7265 14 KB
6 KB 7ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:53:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 8025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Fri, 13 May 2022 10:53:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050601&jk=3383157589006774&bg=!REelRwPNAAY59bwoOfU7ACkAdvg8WpxWlriJu-UhIGejSdPO34xZbTCDHP-jwomBZ3XTm80HlFFukAIAAABGUgAAAAtoAQcKAFqbLYMPrvWAzLiV1lbQwd9Q6-elq-5Zme2UVbznAnGzXnT1nz8I25tWSqQLtEnNJ7HAFWERMThSp6at--dc0KFslPOSWLc3MwLTtEPbLkgod_hM3uAEPOhLk-2ZAjwInxyzp1XON5mhh2IfjZh8pn5dBInpwLJSxX5VEZDNg6bHX_RPMFKdZ1FO-FL950-IsJ4HZ9HYSUJESjKcO-GRCSIpZMUSw3ECJk_XZXXoO24qtnr65Ny5vNW6O8OZVODyC162WJe3ZX-LzK0JZrPXeUgoa0ju89t-ijwx1dTa4MRF-7qLfzPykMRCTS92pyQX7ztjIEIcxSpgIGhhssqEc8wlYZ1JNwjSsMvK0zz_iHdUrl4vEhhTpUiI5wpgDmcH6nhXkGp8b9G0ESGmjVWOjgHQ8W9bf4EBtUOXugrs7jEic0h35Lie51QvksYpOkJwP_Fry0NWpziVAURizXseT8sswSG5eBKJzSPwk6TEgyyP99YZcLLhVkufngwPh6sGVym-H6rwH5FNbm73N1Rtlq7ojd_kI4LiA6mSaTdwRH4lJDNRZBphrJ1hfpEQ7MVxZTnBymYltdH5McCR6BhbEspHPG1Mohir6fzGtRhcgCpySk95iIN1p_w80glmrnexVd3mEPCVl-4UwZ77C3jJUd0826DM07CdXIGzHodgGFKL13f-kx_GBjK4BDfgYmS9TqoEXBF5xLuLzLzkwBiE1Ez4Gn0jb_KTjA6B8XQKpvL6SFBI7PwQv4igyhRAjVYnh5Njf6yYDrkxBJ3xqG1SP-ObSeswM4fW2jY7gKJKsWMjv3adR5IIpZirvvu-Tbv5_rxjs_ivDt0oIKro0dVRKlI0Umlq42VKpC3tHNil-uz-EpRBMw1Pud2lIg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 13:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:15:12	Name: test_cookie Value: CheckForPermission
.nex-software.com/	1970-01-20 03:36:47	Name: __gads Value: ID=fed8dd5b852a5745-22f1190b12c8005c:T=1620911248:S=ALNI_MbVPWwk486-Bvtp1IIAt8_wh5p4iw
ja.nex-software.com/	1969-12-31 23:59:59	Name: st_shares_https://ja.nex-software.com/what-is-omtsreco-exe Value: [object Object]

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.2
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js(Line 2) Message: zxnt->domain abuse ->no ads

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

116d4d416bbcba429c6f11a22b2f01a5.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdn.zx-adnet.com
count-server.sharethis.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
get.optad360.io
googleads.g.doubleclick.net
ja.nex-software.com
js.wpushsdk.com
l.sharethis.com
load5.biz
na.nawpush.com
nex-software.com
pagead2.googlesyndication.com
pic.nex-software.com
platform-api.sharethis.com
platform-cdn.sharethis.com
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
tpc.googlesyndication.com
143.198.248.64
151.101.65.195
172.217.23.98
18.196.233.38
18.198.109.212
205.185.216.10
213.174.135.24
2600:9000:206e:3600:c:a9b7:ddc0:93a1
2600:9000:2190:3000:1c:8a07:5e80:93a1
2600:9000:2190:8000:1d:85c3:6640:93a1
2600:9000:2190:800:c:abe:f440:93a1
2600:9000:21f3:2600:11:a4de:2580:93a1
2606:4700:3032::6815:4aa6
2606:4700:3034::ac43:cc49
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a04:4e42:3::621
3.130.50.33
46.4.91.20
88.212.201.204
0c994704d104eaec73c9da83c01ab143e46380cc0828b9cad2293f973438ad1f
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1bbef8cdf620e5263df260e3113a467a934301fc65053bf511ebadc82c19ac9a
1f3539764e8789fb712e90eecf526e3f5332203d0746464714c8a822a9958370
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
2686c97845c216f78c7f0bacada3150073ea4ac1d9dd6f3af1cb452d8ae17052
2d7ed7ee1d88a49cc351675f93ff1130b999ce868cdfdb4982aec3dbeb0d90b0
2df96438ee666a81b5a8d436b66fde66960b0cdace0f645a00b0241be1b3a10f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3f39cd2826daf1ff6d1037c121999a522e25fbd5cd2486c5d2aa01909c205b77
43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4c338d3149fcca167cfb41ac6cc2da9ed9e92959f61ff8df1d025f0b5d508ace
56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
61dce4c471639dd33c0728cd1e3c192286096e92e1a233ab2e3a2d14041f8915
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
790f85a4969432c9672328825a51d1784055f90b78fdaa4e6fb267e76e66344f
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
869a22e82111ba0c1bd9a0dc3024ae66b0f0c675312a94109133f2a645efef8c
900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10
9885e11888dae4819023ae57028a2ee7158ff1addfb6795b4e8dfd971f36981f
991ecbf1cd5f362f0dc65fdbce97140d803392c8629f6cc23a039a7f7dfa142a
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40
b25d463028655a985857582f68d27ce68cc6896dadcaf58be657e48bbaf2534f
b34c67107f1b7dd18c382366913a00a08956cc138ebed347df972e81b56ce299
c0a720c78b2df051e70ae7daa070cb781e0cfc58de03d977bac7eabfb7a85c21
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d3f40a4fd646bf1594160c2bda45e9837f855b04293e97caa006965b93b96e06
d59ae9b5e59720baa22412d22c214989d47f7c5826e540707704e3072b2c8a84
d6165670ec9a6764dfe409c7706b29c19a9edad122b11a4856e5489e74836ec8
d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6
d68a718d6ed924d01a6eb2d4ac4b312f67946332eb1cfc62c1bb3dd7635fa6cf
d8e3e2d775ac4d25db67dffb20e483c93c7bea6f22e1ab00dcd911b58dd780b5
d9887c30c5d49f4cd3de242fd97e9e87ead9f2f43f4d5400531f30d2fe360e1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273
e5630bc5b767d2d193973da86595e442f00d4efb3d584bb9fd1fdfb912e5eb9b
e66a8d5640e2dd4160c1cd52fe19bd43c61a9c6d7daf980b48f32d0cc472fa07
e9db6545dbf36edff95d27a0f0753c152d3f39ae51ca7f7bace01083bd78119c
ea6b06005c15339e08ffe882d8ce8538be3156f00ccde2b5a1f785bb52b6436d
ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7
f692f5f9d3914a319f7b1499b5c5fbca6419cea68d49f19d73fecb0c2e2ea158
f746a923d80a543b847fa37688a18edf8ec81088685e12e137b72d14e9da92a4
f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c
fd3dc15eba88dbbad064f8ea41ff15d206c940ca6292b555f1ea9cbdbe9c5d04
ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

ja.nex-software.com Open in urlscan Pro 2606:4700:3032::6815:4aa6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

58 %IPv6

16 Domains

26 Subdomains

24 IPs

4 Countries

1611 kBTransfer

2924 kBSize

3 Cookies

35 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

26
Subdomains

24
IPs

4
Countries

1611 kB
Transfer

2924 kB
Size

3
Cookies

66 HTTP transactions
1 data transactions