ja.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.nex-software.com/
Submission: On August 16 via manual (August 16th 2021, 6:46:29 am UTC) from JP

Summary HTTP 201 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 29 domains to perform 201 HTTP transactions. The main IP is 2606:4700:3032::6815:4aa6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.nex-software.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2021. Valid for: a year.

This is the only time ja.nex-software.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3032::6815:4aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:203... 2600:9000:2038:8400:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::ac43:89ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2606:4700:303... 2606:4700:3034::ac43:cc49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.96.36 65.9.96.36	16509 (AMAZON-02) (AMAZON-02)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2600:9000:20e... 2600:9000:20eb:f000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:a600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	3.124.181.115 3.124.181.115	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6 9	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
27	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
10	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
22	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.90.104.248 104.90.104.248	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	52.214.0.210 52.214.0.210	16509 (AMAZON-02) (AMAZON-02)
2	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
201	43

13 2606:4700:3032::6815:4aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2038:8400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:89ba (United States)

ASN13335 (CLOUDFLARENET, US)

www.cookieconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3034::ac43:cc49 (United States)

ASN13335 (CLOUDFLARENET, US)

pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.36 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vasgenerete.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:a600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.181.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.34 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

video.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.0.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-0-210.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

video.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	291 KB
32	nex-software.com ja.nex-software.com nex-software.com pic.nex-software.com	2 MB
30	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	251 KB
27	2mdn.net s0.2mdn.net	362 KB
24	seenthis.se video.seenthis.se t.seenthis.se	2 MB
11	moatads.com z.moatads.com mb.moatads.com px.moatads.com	104 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	googletagservices.com www.googletagservices.com	177 KB
5	google.com adservice.google.com www.google.com	697 B
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	43 KB
3	zx-adnet.com cdn.zx-adnet.com	20 KB
2	teads.tv sync.teads.tv	344 B
2	consensu.org stat.optad360.mgr.consensu.org c.sharethis.mgr.consensu.org	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	optad360.io get.optad360.io	484 KB
1	yahoo.com ads.yahoo.com	446 B
1	createjs.com code.createjs.com	63 KB
1	google.pl adservice.google.pl	600 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	vasgenerete.site vasgenerete.site	239 B
1	nawpush.com na.nawpush.com	355 B
1	cookieconsent.com www.cookieconsent.com	47 KB
1	cstwpush.com cst.cstwpush.com	60 KB
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz	20 KB
201	29

	Domain	Requested by
27	s0.2mdn.net	ja.nex-software.com s0.2mdn.net 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com googleads.g.doubleclick.net ja.nex-software.com www.googletagservices.com
19	pic.nex-software.com	ja.nex-software.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
13	video.seenthis.se	s0.2mdn.net video.seenthis.se
12	nex-software.com	ja.nex-software.com nex-software.com
11	t.seenthis.se	s0.2mdn.net video.seenthis.se
10	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net ja.nex-software.com www.googletagservices.com
9	px.moatads.com	3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
9	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	ja.nex-software.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com ja.nex-software.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
4	3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ade.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	cdn.zx-adnet.com	ja.nex-software.com cdn.zx-adnet.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects ja.nex-software.com
2	get.optad360.io	ja.nex-software.com get.optad360.io
1	mb.moatads.com	z.moatads.com
1	ads.yahoo.com	googleads.g.doubleclick.net
1	code.createjs.com	s0.2mdn.net
1	z.moatads.com	s0.2mdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	l.sharethis.com	platform-api.sharethis.com
1	js.wpushsdk.com	cst.wpu.sh
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	vasgenerete.site	cst.wpu.sh
1	na.nawpush.com	cst.wpu.sh
1	platform-api.sharethis.com	ja.nex-software.com
1	www.cookieconsent.com	ja.nex-software.com
1	cst.cstwpush.com	ja.nex-software.com
1	cst.wpu.sh	1 redirects
1	load5.biz	ja.nex-software.com
1	ja.nex-software.com
201	44

This site contains links to these domains. Also see Links.

Domain
hi.nex-software.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-11` - `2022-05-10`	a year	crt.sh
load4.biz R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
blog.ippachi.com GTS CA 1D4	`2021-07-13` - `2021-10-11`	3 months	crt.sh
cstwpush.com R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
na.nawpush.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
vasgenerete.site R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
stat.optad360.mgr.consensu.org R3	`2021-08-07` - `2021-11-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
js.wpushsdk.com R3	`2021-07-05` - `2021-10-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.seenthis.se R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://ja.nex-software.com/
Frame ID: 37EBEF862DFF7DEB08B75E0F4FD35AA3
Requests: 63 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: A23727D72D638BFD5DE9265CEEF33504
Requests: 1 HTTP requests in this frame

Frame: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34FFDB5D307F70B66FB47F387D9606BC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0oUc7stsovU06xiDTFNwVJFTEGhAaLGxYozvELw_zeVmEB8YGTTIG2TLHSXu_5MqgX4R9sNtc8jCXbiMAEsnYol20dy3IYkNFtn0WFincXEvLetwC4R87-WeU8n-WCplzfDk9FHtso_z7vCWcxp_MOUEzHqmm37SUE6lqIChAf1rZzsiGSNfLPTb5yf0TRUpsLWZU5IbpgNZbz_cCgu9ahA8aIo82TkP98UYZjyVNEvDfqR74D2cNYS8z2_1Z9NISZhkfFwZRVx5hxq5ZGBHcIeSFh14yvSh7ufNRdoLNGHCAvS3NWAzK_cyf41-vC00iXd7CqXkWFSSU5Ns-eJWCqyS4CV88tVZi1aOuWA&sai=AMfl-YRnNiEZV_zcHqp1CNndjnfWvx1ft3pPi2VrrNUe3TQVL-7aiaUBLB5giB4Y4oMNw9_W7IdvMLgnKaDrJdeD31tqEnDqIW1RFDElfOF6IOEkAQuOFsU0duItmsCcZCHl&sig=Cg0ArKJSzOjtxneXHY4yEAE&adurl=
Frame ID: C86E57B90DB5B30932FDFC66249FB7A0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E6CF9B7786DD31E6EFB83C3CA816AE46
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5FE8A550E5E9D5C7B7701274B6E5140
Requests: 1 HTTP requests in this frame

Frame: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F82972A5FFD491B9C8BD3DC66817057
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK_wxOACGPOA57EBMAE&v=APEucNX6hqwUoUyUN5HwvCOUAyXv4AH1u-xEG4kjkv1wV-8IRKpYv4THqd3ZsvNPkeEEntcgezIMkvls4D8PwIBlzLEEQvn15OzBSmD4pKk-ETUjAhgTsDa4HCaZlvbRiwzirkSrDYvfTNdgnExYvetXKdCwUh0hTPeKU1-QmYXol3C3lbg5SglgpJhCWK9MhFb2m8xN1AYQTPJEwf2T7XfJGCEPO-I1_g
Frame ID: 364279C34F6E843877E7AECCC35705AC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 03F4B155CC08E2D7616DDBD5D20E0676
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/806470185313909614/index.html
Frame ID: 06BEA4D59B0BFEB6D9A3D37F93B8400F
Requests: 25 HTTP requests in this frame

Frame: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E72A72DB0664A955D928BAEB73596D84
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg
Frame ID: 50364E4E376E77AB88FD6859DCCCDEAB
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
Frame ID: EE498AA40353FD7E0E659ADAD20F4E5E
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5622AF809A3B620B1322B94DA8FE0886
Requests: 3 HTTP requests in this frame

Frame: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B4A509AD7866AB2C2F7DC8F7DA314EE8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPahSxC09N8BGOGZoKgBMAE&v=APEucNUH7IhA0RLeeyq2Dlbj1SAoMOpK6XMl-snFnPvmGegTXLFNNLR3BGLKPPOyMebPPdvs5CBiS94XLb9KyVVsRvB2_3OVmQSxUzvdlwkNfEtQEKPPiKbglHNK6gepi19URa1avVTvcXpGs2j8bF0zCgqCoVcjU_bUlsUcpCZC9CH0cEPOFCEjduRfJqGx_6Uv833aB5UBcqVCWv9eseuatq_GFECBsg
Frame ID: 1143AB6556F9D6A1D54A8B95946D0D04
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
Frame ID: 732AB123B12A5B687AB9FD2C973B23BD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 89E45BA576898D90C5F0788A78193316
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

201
Requests

100 %
HTTPS

47 %
IPv6

29
Domains

44
Subdomains

43
IPs

6
Countries

6082 kB
Transfer

8832 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hi.nex-software.com/
Title: ja.nex-software.com - 2021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 40

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/;0.11022307003523513 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/;0.11022307003523513

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1&C=1

Request Chain 82

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRoJs17uIHcrRDQd2nJYXwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJdB1xOVLNWUCiLS0T0OuAw&google_cver=1

Request Chain 84

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5OTg3MzIyNTAzODQxNTMyMw%3D%3D

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECR1KmOg5etmidl-lDf_mmk&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECR1KmOg5etmidl-lDf_mmk&google_cver=1

Request Chain 114

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDIxMjhmYTQtMTA2OC0yNjI1LWUxNmItMjUzZTc0N2IzOGFh

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFOz0k39DN39XTZlXGYrtwQ&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESED5ldxNfYbLV380gBBv6x8Y&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESED5ldxNfYbLV380gBBv6x8Y&google_cver=1&__user_check__=1&sync_id=a4e24c10-fe5d-11eb-ac1b-1669d4c90506

Request Chain 144

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=a4d85807-fe5d-11eb-a5e3-153cf9b00406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTRkODU3ZDYtZmU1ZC0xMWViLWE1ZTMtMTUzY2Y5YjAwNDA2

201 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ja.nex-software.com/ 44 KB
8 KB 68ms
39ms Document
text/html 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb026e62db375ae917b9f8b5161063d4c7307500ce2ee0d5a221dfee83e60d11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ja.nex-software.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0owCyAqI83Ab%2FqK1LriBsoxQD9E5zR20WPOIYRX555Ztx%2FrKJ6KqEvlTcYAXE9KDke5K%2FigCytjDIZeZW%2Fi%2FT2FmEDRGgxkWQG1y734vU2HiES6oOqOeEK4miHZTwCd%2FC%2BIrtG8vNXk2LFYDlddIlpY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67f8b431a95a1f35-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 20 KB
20 KB 164ms
55ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

013c47e14f03aff976d0a5fa49c4ed1697985b4808f3cd10944bc6dd0156fd61

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 06:46:08 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 css.css
nex-software.com/template/css/ 6 KB
890 B 24ms
15ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/css.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3517
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"180a-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqEXZfZWTc0AJsYL1kUJB7uDgQ8pefV3jA8mmf35PcW4%2FFCjfLhhd1RSJggkA%2BbfwXQFgKRA9BT5%2BXHtTj7APTGL%2BHTMB%2FiGbUF94tDXxYNN5V7ooFuBQeUKy5bMPr40b3mGFM3v5GSj43xv1IOF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b431fa161f35-FRA

GET
H2 200 bootstrap.min.css
nex-software.com/template/css/ 132 KB
20 KB 29ms
20ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/bootstrap.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3517
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211f6-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ma0q1XSskzJ%2Fei74VUwATeY2VXppjpeJ7XfNYD4DkUtxWIPdTPNmgHMIoSYBcbkgUnLsEobDCHoD0LDECJG%2BZCUV5s%2BJMqbVIUik3dXFlYZsHkTQmMQ%2Fm3ICAK6HKiYAWDOglQmXO9TtImev9tP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b431fa1c1f35-FRA

GET
H2 200 jquery.bxslider.css
nex-software.com/template/css/ 3 KB
1 KB 24ms
15ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/jquery.bxslider.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3517
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dfd-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQXwHco4dEI%2FlbSvlke8G9%2FdBN6UfJCpU49iQNJX5YzOM7BvlGPLzFpbSD8lBiHoDoLwuzLrckP6jtY2v6%2FJ4x9Mr%2BNLZUSlbTKeSXNg8qncTqSyPeQowZvpgnpxjMsH5O%2B5zaPEdIoc0VF9BjJK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b431fa1e1f35-FRA

GET
H2 200 style.min.css
nex-software.com/template/css/ 30 KB
5 KB 28ms
19ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/style.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4082
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Feb 2021 19:47:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7999-5bc2e6d21c340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WHhmPTrG9JT7uWtUl0H7RyR8wcuQYsZfD7BBgx2UTfLUvftmQIsCFB83fIMQphEgqYv6cSem5sT7xJr8ozxyEE0FAAnGJUjRMKUgPG7gn41QmHyFQ90KdfzvEg%2F5z%2FClDQSnXRtn%2FLN%2FRxJoY1c"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b431fa171f35-FRA

GET
H2 200 lang.min.css
nex-software.com/template/css/ 30 KB
20 KB 46ms
37ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/lang.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2539
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Feb 2020 17:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"76b8-59f556d479e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qXEVmJHTSGqWMhR0nGYVqWUdCcnvLGbYxpnrwPmZVso6LQh%2B3ngpFMoaglGRLHi5dCeJFAsk24cZTcdI02scFKyF43iGEqa8iIy7%2FSmh8Lijf7YtToNuoSWFQQhl7iwb7TyVYWZCkJteg8eh2qz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b431fa1b1f35-FRA

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 364ms
251ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1629096369.089823,VS0,VE198
etag: "e7092a49da41c66a6052dee2ef78d95b28e7c6b43d1cf74ea2c023b98a214134-br"
x-served-by: cache-hhn4059-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Mon, 16 Aug 2021 06:46:09 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19568
x-cache-hits: 0

GET
H/1.1

200
OK

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

59 KB
60 KB

272ms
66ms

Script
text/plain

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d58f45d43c64a9e74e1c5dbcfd0e1a4f9470b3e0370acefc41cfc0413dbdf09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 06:46:09 GMT
Connection: Keep-Alive
Last-Modified: Wed, 04 Aug 2021 12:36:23 GMT
x-amz-meta-s3cmd-attrs: atime:1628080568/ctime:1628080568/gid:0/gname:root/md5:bb2330a82b6a96ad7073331187d2577a/mode:33188/mtime:1628080524/uid:0/uname:root
x-amz-request-id: tx00000000000001bce829f-006119fd02-153a4853-fra1a
etag: "bb2330a82b6a96ad7073331187d2577a"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1629096369.dop109.lo4.t,1629096369.cds072.lo4.shn,1629096369.cds072.lo4.c
Content-Type: text/plain
Cache-Control: max-age=353
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60414

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Mon, 16 Aug 2021 06:46:09 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/ 271 KB
73 KB 126ms
41ms Script
application/javascript 2600:9000:2038:8400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:8400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:03:51 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 08:39:38 GMT
server: AmazonS3
age: 2539
etag: W/"17e80f6c6feec0780f80abd32f10552b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45e951df17063864957163fe2b8687d3.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: kYcZFPCqli3tT7gAx3eDiyq6fHTI29MgnZEBsZHBa4X6ZcRtwwoTvw==

GET
H2 200 cookie-consent.js Show response
www.cookieconsent.com/releases/4.0.0/ 165 KB
47 KB 46ms
20ms Script
text/javascript 2606:4700:3035::ac43:89ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cookieconsent.com/releases/4.0.0/cookie-consent.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:89ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

145e535a116897a926b998fab94438d6902bbd6309aede144d4f4980e35832e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 16 Aug 2021 04:56:51 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"3366d8b458ebb9f3968e9c480f458c2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zhgu%2FNkEtM4iyzEAb6dIjmGgIvIi7S8hQwphhN7V6SAwC4RVSSz62OfGRqSLxFSimUKOVvPg4hgE6iPUxgsQwQ%2FyTe%2FxlLgCJ%2Be6utCfiNM20tyXXQk5xhUT%2FtIYsCTIRlPl%2FmGEjfHsW%2Bk%2BUb%2B6V8Vz5XY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, immutable, max-age=3600
cf-ray: 67f8b4321aeac2d6-FRA
expires: Mon, 16 Aug 2021 06:56:51 GMT

GET
H2 200 what-is-ie4uinit-exe-min.jpg
pic.nex-software.com/img/file-info/258/ 35 KB
35 KB 64ms
46ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/258/what-is-ie4uinit-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da29fee5e1029fbe8c55baf492094205039cd7b36debc52027985fe84404356d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35406
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:08 GMT
server: cloudflare
etag: "8a4e-58d9fa13d0300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ph%2FKoDErre70DsBP0LRV%2FJtPS6k%2BquGIEO920LHSt6NZ5TgB%2BuPdz%2BeM5LKIabX3lt0S9rChhLt6%2Fqj0GD99oOUR9oKwUnIZ8mjjiCvspH9IL%2BeOL%2FMikGlc6SY9WEhAUVK0FCP6g%2F4pxNzc3krJ7ErgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b4320a411f35-FRA

GET
H2 200 what-is-devenv-exe-min.jpg
pic.nex-software.com/img/file-info/443/ 144 KB
144 KB 65ms
47ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/443/what-is-devenv-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd0fdda1290d5bd464a32769870b4538383a07e833e309246c32f41582f4463

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 147362
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:26 GMT
server: cloudflare
etag: "23fa2-58d9fa24fab80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sKNPIUWxXrZuaIZjJQHHcKYs%2B7jAFiKvNE2tU0NkKZe8ka3HyEZcEC1f61I98BScwlMpIHuh8HQ1JWWzb%2B%2FLYJ0Vxal9JrKs6QeoieRUebrl%2BeCG6vZDyAaPsWVI7wsDchVqrCDjtiZrSWwvS6L0XeVow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b4320a3c1f35-FRA

GET
H2 200 what-is-slimdrivers-exe-min.jpg
pic.nex-software.com/img/file-info/867/ 76 KB
76 KB 71ms
54ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/867/what-is-slimdrivers-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d158259cc06b0c43a8552bb97823725b1223c0e3792648f4792a4577a732329

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77379
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:22 GMT
server: cloudflare
etag: "12e43-58d9f9e7f1b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYuSeZnaKHRtQ7DazJjSsfdopMn%2FFNNd2BRy4GDiMKbj1Di34tYrSCmGYqJu8rOYA1dAKE3ziPayFiW0h2qDDiKXCtvkb6RTq2ZplSrm0SRSrVIEIYuzrkCyHIiCBk7FJyVZzRowtd38WGTRneClEPSTVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b4320a3f1f35-FRA

GET
H2 200 what-is-aswstm-min.jpg
pic.nex-software.com/img/file-info/961/ 57 KB
58 KB 70ms
53ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/961/what-is-aswstm-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c54d0cbc6aa05c659ec675db06e6903fd48f61954471fce250e5f82fe788de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58517
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:40 GMT
server: cloudflare
etag: "e495-58d9fa3254b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvnpMUBvn8JSgJJZr%2Fu7ZYNyISUvK7l0wihgFJoZUIEAoE2mI%2BjSQUKJUhLXK0Pldip%2BVqHM%2FT9WswoOWWjme2CePYFCsxbltRCieQ02%2Blm7EgJvIikdDkTxbiA4CNbOgV262yaqzBrvTExuoKdp2y8PwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b4320a451f35-FRA

GET
H2 200 what-is-originwebhelperservice-min.jpg
pic.nex-software.com/img/file-info/845/ 134 KB
135 KB 57ms
40ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/845/what-is-originwebhelperservice-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b305086f3feeb2339f1350d03d2ee8687b1d46cd9803b961cca8e2b42ebb5857

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 137317
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:42 GMT
server: cloudflare
etag: "21865-58d9f9fb04880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Q0WmgZ1ScNZnzpfruTBIX4PurbBTDZsRIGSdSlB%2BxBfg6dweOy6IKbVKrVw8eFsLQYcNqQDFuaatnSvk2%2B1ffQVFcPnDDTGs3Epfs35WATJoXO3xUyVrDnlzVqJNxxrv4dWpYI5j1xMirOjaOuMQJltQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b4320a401f35-FRA

GET
H2 200 what-is-windows10upgraderapp-min.jpg
pic.nex-software.com/img/file-info/545/ 34 KB
35 KB 66ms
49ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/545/what-is-windows10upgraderapp-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b5272b8bdf44fc50c9d2069f1de9b5537dad69f47ba5f61cca799d937426f41

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35146
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:02 GMT
server: cloudflare
etag: "894a-58d9f9d4dee80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSxKACqq4tHwDQbqSs87X2VUpmLM6Y4C1XN29eqpFwdUNntmB6BgmvqIskOHhbTr%2BIt1zA5pS2rGh4gS7s68c%2F5JzeKUQ8PpGWlXIecPdnrRn%2BDryjVGQf4YHyGW3UzDWD3xhenBQBmp3j%2FP0Oo5rvoR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b4320a461f35-FRA

GET
H3-29 200 what-is-usoclient-exe-min.jpg
pic.nex-software.com/img/file-info/730/ 68 KB
69 KB 63ms
62ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/730/what-is-usoclient-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f7f049c381e190fa11bd2c78ea8cc331fc4ee4809c48e6948ac0164344f4168

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 69822
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:06 GMT
server: cloudflare
etag: "110be-58d9f9d8af780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gao3aOVAiwnUXgF1CAXOpio2So81%2FfUYvCl%2BGw1QxTQ99dl1bahgqT%2BQsm2LRHlKY%2B4tNJ0832lyYvIfZHVtGSprRYAAGqQK1%2BTy%2FgPlDUxU8WwdZCExPrFaHtCAfO%2FOajGzUpyRrAu3OHFGPDlAiCUpwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259984a9e-FRA

GET
H3-29 200 what-is-wermgr-exe-min.jpg
pic.nex-software.com/img/file-info/66/ 95 KB
96 KB 67ms
65ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/66/what-is-wermgr-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1d72a01e5670415dce8eff586d0691396984166599b7b31ac72bdfde7002e5c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 97534
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:02 GMT
server: cloudflare
etag: "17cfe-58d9f9d4dee80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDtCIq9h226VtHx7TlOL469dp%2FrtPY4fRwJAS1xWlzuzZZR1vgbbUqWq4rQ1kIacTpg8%2BUFW2btcbSV4uMZHWu508BpmxnlQsnx5BgIjqFRg7zda3WROP17speI%2Bg%2FP9uZ7Yu8PJ648w3kha3EM02J%2Fuqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b432599b4a9e-FRA

GET
H3-29 200 what-is-gdcagent-exe-min.jpg
pic.nex-software.com/img/file-info/403/ 48 KB
49 KB 66ms
65ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/403/what-is-gdcagent-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8388a1fd88a90138582aae4dac1544ca29833315f487053edf847c16c9b7871b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 49363
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:16 GMT
server: cloudflare
etag: "c0d3-58d9fa1b71500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOPgISAUsKnJkAXtLEfDFSGHTTPRNFSqbLPJ32cD25Pz2i0zWOu%2FCVkOwFS4OZX4UUZZUPONK6ZCuoBfW9SBcd7AUZCiFAD4xGJGaIr4VNC8T13FzFXe%2Fzf6ezYiLdf4DZ0i1735Pdzf14590BjoKOq%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b432599f4a9e-FRA

GET
H3-29 200 what-is-minion-exe-min.jpg
pic.nex-software.com/img/process-information/1584/ 23 KB
23 KB 47ms
45ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1584/what-is-minion-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291c932d41dd3ce6478e66e9284b67268c30e269ccc5ac04678c3d7ff27db04a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23395
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:11:20 GMT
server: cloudflare
etag: "5b63-59e2be701f200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMaMDjAohqfgPbBImUQ8fUR%2BG0pHO%2F1JKxusoNNq4fgaGnmZ7kXeN60Lo589EJ1VYb2shp23PUb%2B3Gu6E1VpoFe0IQp867KUyOfXazDq3YAFNZfSWv2Q2C0vVab4X%2B9cDKCbMuU23isA8iIoBvZ3tlQ3MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259a44a9e-FRA

GET
H3-29 200 what-is-bitlord-exe-min.jpg
pic.nex-software.com/img/process-information/2460/ 208 KB
209 KB 72ms
71ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2460/what-is-bitlord-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70661de1d9b628d37ce7fe84c67b132a5e42db6a1e53810f054ae9f069456e93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 213149
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:13:24 GMT
server: cloudflare
etag: "3409d-59e2bee660900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96sCqi6NCgmmG%2BqIX8W0UT4yJDTuYe%2BoNTx1%2FGLwXgVKhBBXj%2BbcHXQrXKJXgFJOxB5%2F36i2wepEeIRlnlsX0KUdJdib59H5qIamhEaRSi20wt%2BWpDZLi7n3UPSfViBImDCbj9cqJbdtrr%2FJm8dldS2vJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259a74a9e-FRA

GET
H3-29 200 what-is-io-min.jpg
pic.nex-software.com/img/process-information/3633/ 14 KB
15 KB 36ms
34ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3633/what-is-io-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62dbb252e989c20a21ba61d700c59a7725a7908aa15f934e49f6b53e0cd111f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14666
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:11:48 GMT
server: cloudflare
etag: "394a-59e2be8ad3100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR1KXMc6106A513sI7yB0HFsIrJwTjj6NvvUtur1cV7lLgYox9FaE1gyDPwk6q8IJrdH6ki%2FwrMiX687SFxXdjTvfACgpglKCtcuKGGJLdYvZbxBJtOEwobXmJ%2FOSNl8pxNop1gMxB5cwHuGlTtwcYo%2F%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259aa4a9e-FRA

GET
H3-29 200 what-is-systemsettingsbroker-min.jpg
pic.nex-software.com/img/file-info/560/ 49 KB
49 KB 15ms
13ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/560/what-is-systemsettingsbroker-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9340e29946511cf6151c47367404bc9d560d0e8986c7441526074442845cdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 49665
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:14 GMT
server: cloudflare
etag: "c201-58d9f9e050980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yta9S5VAqAEuJd8WzX08sB0Oo7zZW50DFTdVOYMs5tUs1kyRxUwpXWyPeOsRrDdj%2B%2F3ml5w1Y%2FLOb87F6j1Y2cFOsNWqOYMsJnGGCecHbFsx6iDpxVLRz5006b4Y%2BDoUpR7PDW4LYB%2F375LjntDeFlo%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259ad4a9e-FRA

GET
H3-29 200 what-is-beep-min.jpg
pic.nex-software.com/img/process-information/1837/ 34 KB
35 KB 45ms
44ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1837/what-is-beep-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c54994951ef8e5c137e1575dae014e6671c3924a1e4fef3f01d8026e47e1af6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34766
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:13:26 GMT
server: cloudflare
etag: "87ce-59e2bee848d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkN3fSZ5SERmSZB1r%2BsA8RSUDRJNf%2F2j%2BWw7B9LXp9RyxdxnhDL7pkLStTAkHNL2Yq1v6QkGRQGA4xJ83SUiPzBvh1TpGP83lHIzqjCJUdWzW1ZvVC7RbnTnnDpuKAwDWioDfLefOD7%2FdcD27m8vnrVeMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259b04a9e-FRA

GET
H3-29 200 what-is-bluestacks-exe-min.jpg
pic.nex-software.com/img/process-information/2073/ 286 KB
287 KB 78ms
77ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2073/what-is-bluestacks-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc51e26c297a8a915063a06cc143df43ee2e89f7fe50d45d206e349a90ae2ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 293329
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:13:22 GMT
server: cloudflare
etag: "479d1-59e2bee478480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ny378gKhzjukUCM6qhG0RRaiOkcieRlPEipMFcY0wHM3BrKOUl%2Ba0m6KfE4jFqLGgHb1cQumoh5CUDCxhQEbhSd5tK%2FaUf488yeT3Hsgk%2B32Ec%2Bks2LEYl9MVoBnZJ0fDhZknzmIOCU4aCBoIEZZjDiUvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259b44a9e-FRA

GET
H3-29 200 what-is-msfeedssync-exe-min.jpg
pic.nex-software.com/img/file-info/102/ 30 KB
31 KB 52ms
51ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/102/what-is-msfeedssync-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c59b55e48b935c88372c03750774b0ff484e36a0d4308ecafb2101b54b2f2df3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30991
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:52 GMT
server: cloudflare
etag: "790f-58d9fa048df00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDEhoGX28eJnzDxBuIdCFetrfkAjjn%2F7fBkffTi70Y52GNq4YCP5KDO7DhsKSx5HR1PL4sxYEpqs3aB4rDu%2B7IqATheFSSxbOy1E25A%2BlqC3EfKQDN6y2NLvIiTRLyJKUQRqGx7d8tDz4hndZwwzLW68YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259b74a9e-FRA

GET
H3-29 200 what-is-nyxlauncher-exe-min.jpg
pic.nex-software.com/img/process-information/2809/ 38 KB
39 KB 57ms
56ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2809/what-is-nyxlauncher-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fb768082a19556d5b0235b767751dead7a2b26f4b454b0cb069db6d0165dc1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38809
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:10:54 GMT
server: cloudflare
etag: "9799-59e2be5753780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgZRcjO2VMKyHEz%2F5cOkdcI5giE1DUK5tMdxiQ0qCWl8BIZ7b6N8fPXOwV2XHYdQr97gu%2Fse1a%2F9TKtjPILVXm0G8r3gufI1LD1U3tzTdktQN3U5k2WhKEBGpsyg3FQFhwM4zND5r6RhyQI8fJWFuoPAzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259ba4a9e-FRA

GET
H3-29 200 what-is-hxtsr-exe-min.jpg
pic.nex-software.com/img/file-info/9/ 378 KB
378 KB 53ms
51ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/9/what-is-hxtsr-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5ab9be3852796e9320aea55e9610e41c412c004da656345f472da1bb0604ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 386879
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:10 GMT
server: cloudflare
etag: "5e73f-58d9fa15b8780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Wrw%2BwTgctQ7wxZi9fCvytA3e3rLzAlffEL2DAHNEip2Ku0B4tox%2FmFPer%2FbrYa%2BHujw8PaToiAraDwCqt%2FTXxqaSbVM6DEu4IDss4LTcQ0rumgI%2BudadaZY6cB2grTjfXT9P8Ve%2FYq6lqo%2FO23JiVNzOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259bc4a9e-FRA

GET
H3-29 200 what-is-applicationframehost-min.jpg
pic.nex-software.com/img/file-info/301/ 451 KB
451 KB 88ms
86ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/301/what-is-applicationframehost-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0869f832627e4803ae35569eeb6ab8b126e78f3cb8e3677065b35977ad5410

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 461428
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:44 GMT
server: cloudflare
etag: "70a74-58d9fa3625400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWjW%2BBadP60F%2BV8dQCY7S6nYHdR0ZNVWjzibAIuIhGz3MrxItO24XO6P5QlKI1sPsFQ%2BI40sugmz8T97C9ClttFZkERagVxdKMVUgHIvcBgUcHc12IDHRjII2Hz0ZJ9m7Vbb7Ky%2Fg5Q92ovlXV9NFzZh%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b43259bf4a9e-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 185 KB
42 KB 168ms
61ms Script
text/javascript 65.9.96.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5f326d425eb729c44346ed04c6d645df7674684679d2a835ab07e538c7f8a2e0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:38:38 GMT
content-encoding: gzip
age: 451
etag: W/"2e4d1-HFFNdJQug8j8qBzOmH/AL75+DmM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 3R-_5XcMHm9cNkpI4AV2qycX99B624RMPoYdSxQbyQ_c_tchrLGkow==

GET
H2 200 jquery-3.1.1.min.js Show response
nex-software.com/template/js/ 85 KB
31 KB 45ms
38ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery-3.1.1.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4082
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"152b5-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WOODm%2BV2%2B8ptwgYII1rJlzBd6IRPwxDf%2BJdBvzxWkLtBPGRbjiNece3cv4xYLCa97EkLHZsWomq5zyLFLRX1vTw1edGoC7y7z1yeLMLmahMglYBeasLvrSp6L9lMbiVqhUIADAaDXHNkEIuHZw5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b431fa211f35-FRA

GET
H3-29 200 jquery.slicknav.min.js Show response
nex-software.com/template/js/ 8 KB
3 KB 35ms
22ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.slicknav.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2540
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"20df-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g145%2BpMQ26z%2F5siX2mohCtVFoGbAN4R%2FKcj7bPEVwLbRO4VVkba7HSHJLzb7mVzhd1eUq8SNFLGXIgM8LiaI0bO0kgL4DlZGfNYswE7wApf%2FObE1RJU4wt122fWw6stSRIN8l9WsUda6KKyUYbRS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b43229344a9e-FRA

GET
H3-29 200 jquery.bxslider.min.js Show response
nex-software.com/template/js/ 23 KB
7 KB 43ms
29ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.bxslider.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bf7-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqwZ0fe%2FyOmTo%2BQmcGdqG7HKZatLm5TgRmRimwswurvwAknfVtu1bSLH%2FsHHDtCVvZWRu1M7UqSuqwosHOamQX8GYhRs6lVGwDeMZLm4%2FSuxsbR%2BXEllr1SJwVB5WD6CIHen3RYzaOtyzWxAIDU1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b43229374a9e-FRA

GET
H3-29 200 script.js Show response
nex-software.com/template/js/ 2 KB
1 KB 36ms
23ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/script.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63c-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq0abzArnDNU8A8dH8jsBapjCvZJvWrs5EakJEe811kKfD5jqVxTkswtoektb9WCTQjf6eKDYGf0s884AeES9N5dm5bSClYhfpzqdur14CNUPyHD3xf9h4Avw8mn0xnkd3h1oN6y568mrWOpP4vc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 67f8b43229334a9e-FRA

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
232 B 299ms
299ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1629096369.358263,VS0,VE244
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-hhn4059-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Mon, 16 Aug 2021 06:46:09 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 0

GET
H2 200 1350 Show response
na.nawpush.com/tags/ 240 B
355 B 157ms
51ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1350
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 06:46:09 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
vasgenerete.site/npc/sdk/ 0
239 B 163ms
52ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vasgenerete.site/npc/sdk/wp-banners.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
last-modified: Wed, 04 Aug 2021 11:35:07 GMT
server: nginx/1.18.0
etag: "610a7b6b-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 16 Aug 2021 07:46:09 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
nex-software.com/template/css/ 18 KB
19 KB 59ms
35ms Font
application/octet-stream 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18728
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4928-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSzeDQXK%2FumJtS%2FHznNaEMOFy2YAmP1qOEPXUL0aioyqixQmVsWlMWXlFdXoJWoQ%2BEUuED6NVbKJtRpmqn7S9REdbd%2FbvktOzAY2uuCy6%2FZYIiNGfZj%2FhugeBIFo5hhXrpVZd3W4OghpeYTpxt2N"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b435bdf91766-FRA

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
nex-software.com/template/css/ 18 KB
19 KB 67ms
43ms Font
application/octet-stream 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18684
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "48fc-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKZZGVva1K1bATn7KUbyfdhcXZYWQz0tjoqd4bIL5FYOuNEDhbyyk2e6jwiO7NSK1DlK4qiycSLBrSB7DONSDKLrEvq1Nsx7j4KsezaJdHmaBgZef%2BXVxWzWe%2BGlpP2necVu2eQd%2FmUJTGKMJTOK"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b435bdfc1766-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
nex-software.com/template/css/ 19 KB
19 KB 37ms
36ms Font
application/octet-stream 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:09 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18956
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4a0c-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs7pvoqtcMY4783v9FB7hqWgAkoLNUcKBlmxAaObHfaP65AauhvB8%2BIKw7P03T1SPaU0wa6GWYFphL2KqCdKptduA2%2FXLyN8ZkJiI3CcYWQUc0wBGIwy3T5LuqCO4P06n3ZNSSTONg%2FuaoOVTFJx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67f8b435ee3a1766-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/;0.11022307003523513
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/;0.11022307003523513

43 B
528 B

91ms
90ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/;0.11022307003523513

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/;0.11022307003523513
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 15 Aug 2020 21:00:00 GMT

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
785 B 48ms
13ms Script
text/javascript 2600:9000:20eb:f000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:45:50 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
age: 29
etag: "8f8c95d8315dedb8a7c82f24235b706f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 434
x-amz-cf-id: exJYM-BuA2QlhJZfNe2B4J5_NTyHLjn-SozotEjb1TrasVpHt-P-0Q==

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 198ms
64ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3686dfcc387ce3016d755449af77eede88cc7e1bd34aa42b9ac8b9431b45b1ef

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 06:46:10 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 176ms
66ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e35c1775ceb9036ac2013fdcf19121a8431707a62eb1c470efaca60c88856c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "960 / 295 of 1000 / last-modified: 1628892660"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25211
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H2 200 prebid4.19.0.js Show response
get.optad360.io/sf/ 410 KB
411 KB 44ms
43ms Script
application/javascript 2600:9000:2038:8400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.19.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:8400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 19:09:21 GMT
via: 1.1 45e951df17063864957163fe2b8687d3.cloudfront.net (CloudFront)
last-modified: Thu, 17 Dec 2020 09:52:06 GMT
server: AmazonS3
age: 214609
etag: "08b0612ac0c68ebf519b28323f4e2aa2"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 420147
x-amz-cf-id: iyH7zEaaVTQvqb8YGrTuTobJUst4R8VE9ke2zZVwpwtiJKa5-lW1qA==

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame A237 2 KB
1 KB 32ms
9ms Document
text/html 2600:9000:2127:a600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:a600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Mon, 16 Aug 2021 05:55:32 GMT
cache-control: max-age=3600, public
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: xP4aIst-O5SDYd9pd2jlK0Zvxya67bkLehI9g5HsIfuSh-7NdgHQOw==
age: 3037

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 8 KB
3 KB 170ms
53ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 / PHP/7.1.28
Resource Hash: f64872de90e08a3d7ea1d1ffff973fc88f983afd6d7d545d447fea5305c6fdc1

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 16 Aug 2021 07:46:10 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 74 B
402 B 458ms
457ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.nex-software.com/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 85
x-served-by: cache-hhn4059-HHN
server: Google Frontend
x-timer: S1629096370.926178,VS0,VE404
etag: W/"4a-U3myf635cTml8/jliRIqPS6GEqY"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 22044056726cfe396ca7a12aa4c99eba
cache-control: max-age=3600,public
function-execution-id: b4kk23apjysb
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: PL
x-cache-hits: 0

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
341 B 265ms
72ms XHR
text/plain 3.124.181.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=ja.nex-software.com&location=%2F&product=unknown&url=https%3A%2F%2Fja.nex-software.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E6%9C%80%E3%82%82%E4%BA%BA%E6%B0%97%E3%81%AE%E3%81%82%E3%82%8B%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%AB%E9%96%A2%E3%81%99%E3%82%8B%E3%81%99%E3%81%B9%E3%81%A6%E3%81%AE%E6%83%85%E5%A0%B1&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&bsamesite=true&consent_cookie_duration=84&consent_duration=84&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 06:46:10 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ja.nex-software.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210816

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f63a3da4ba9f0a93a6509906f8ee1b39dcdffe20ed2b31fc0b604169ea547238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 12840
x-jsd-version: 1.0.1070
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 943
etag: W/"69f-XrguupYa8/EbdB9IajjY8mWMj8E"
x-served-by: cache-fra19143-FRA
x-jsd-version-type: version
date: Mon, 16 Aug 2021 06:46:10 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 pubads_impl_2021081001.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 120ms
63ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117457
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
78 B 114ms
58ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ee513a593bfdf11b5ad487228634ca0278032204b4c885e835a721fd4529587c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
600 B 41ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 B
261 B 977ms
976ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4197298942757962&correlator=1046523405421551&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=121764058%2Cnex-software.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1629096370&dt=1629096370396&dlt=1629096368946&idt=1369&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=2311623395&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=1417177299.1629096370&ga_sid=1629096370&ga_hid=668054558&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

93ef8443d5c6e17b6e801b95c8fd0a96a24a1267db0b66908576e4d9f3a2f561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34FF 6 KB
3 KB 60ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 16 Aug 2021 06:46:10 GMT
expires: Tue, 16 Aug 2022 06:46:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 465ms
465ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4197298942757962&correlator=1046523405421551&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=121764058%2Cnex-software.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1629096370&dt=1629096370403&dlt=1629096368946&idt=1369&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=414&adks=1840644434&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=1417177299.1629096370&ga_sid=1629096370&ga_hid=668054558&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7501152e7411c9cf6303c77270c724f050ac6f11ad8fa9d3d7c3518f7c80627a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7424
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
16 KB 306ms
305ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4197298942757962&correlator=1046523405421551&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=121764058%2Cnex-software.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1629096370&dt=1629096370405&dlt=1629096368946&idt=1369&frm=20&biw=1600&bih=1200&oid=3&adxs=283&adys=1493&adks=3664884548&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=1417177299.1629096370&ga_sid=1629096370&ga_hid=668054558&ga_fc=false&fws=128&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3602ada3b04ba395ede4bcb36e3c1625f7730e87f7edf9572695f1d76b4410ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16331
x-xss-protection: 0
google-lineitem-id: 5757924216
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138358914350
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
27 KB 679ms
679ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4197298942757962&correlator=1046523405421551&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=121764058%2Cnex-software.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1629096370&dt=1629096370409&dlt=1629096368946&idt=1369&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=1349&adks=4030217455&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1417177299.1629096370&ga_sid=1629096370&ga_hid=668054558&ga_fc=false&fws=128&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3181cc549116d3f2aa52fab012eedeb13afb329a8bcac11786da6992655f621b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27735
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
8 KB 848ms
848ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4197298942757962&correlator=1046523405421551&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=121764058%2Cnex-software.com_adi_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1629096370&dt=1629096370412&dlt=1629096368946&idt=1369&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=466&adks=3810687761&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1417177299.1629096370&ga_sid=1629096370&ga_hid=668054558&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

981d66de3c2b8d93bafa96289154932abe4f71eae41ab0ca0f13774b0e2193c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7684
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C86E 0
0 72ms
71ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0oUc7stsovU06xiDTFNwVJFTEGhAaLGxYozvELw_zeVmEB8YGTTIG2TLHSXu_5MqgX4R9sNtc8jCXbiMAEsnYol20dy3IYkNFtn0WFincXEvLetwC4R87-WeU8n-WCplzfDk9FHtso_z7vCWcxp_MOUEzHqmm37SUE6lqIChAf1rZzsiGSNfLPTb5yf0TRUpsLWZU5IbpgNZbz_cCgu9ahA8aIo82TkP98UYZjyVNEvDfqR74D2cNYS8z2_1Z9NISZhkfFwZRVx5hxq5ZGBHcIeSFh14yvSh7ufNRdoLNGHCAvS3NWAzK_cyf41-vC00iXd7CqXkWFSSU5Ns-eJWCqyS4CV88tVZi1aOuWA&sai=AMfl-YRnNiEZV_zcHqp1CNndjnfWvx1ft3pPi2VrrNUe3TQVL-7aiaUBLB5giB4Y4oMNw9_W7IdvMLgnKaDrJdeD31tqEnDqIW1RFDElfOF6IOEkAQuOFsU0duItmsCcZCHl&sig=Cg0ArKJSzOjtxneXHY4yEAE&adurl=

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame C86E 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:41:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame C86E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:36:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C86E 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C86E 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQ-i9u-2bu05RmiAblwAtYGJV_sKhV78PU53uKrvaTy3o7K-B2bj9QxXRyL8WId1mhamIWUH22LydKMr26iKM-t9hjvQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 12418489814663234122
tpc.googlesyndication.com/simgad/ Frame C86E 70 KB
71 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12418489814663234122

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2cd5f280a099d1b3f357935bddc5f44d8e71d288ee045a4ff26cd9bb5ca0613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 05:00:51 GMT
x-content-type-options: nosniff
age: 179119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72123
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 09:21:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Aug 2022 05:00:51 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f116e120ba1b6dda6d5451bb53923ab79fd0961a2cdd79af32be4feb416401a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8544
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C86E 0
0 72ms
71ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfDvAfKW0G7kIW5FMJdB-YOKl1fncUzLymnl-nkZDrALasVbLTnTVAPB09gb9kZqkOP1BzcwPzHGWzh0lSHsXwan08xR7nWfVU3ACUst7PNBpVCQKN4szhx5Ei4zHMg9RLDQ_W4ueISQo2-p_pBBEb7FkLPcs-NhNzzg-Et3KNCJcL9X4ztCQDTHx-PGT_RdvSrkiArJ7-cgJMUdVbuqB61X3erJuNgAOFOeNmOIVoY0QMqdJqZ755L4LHFUmuaKc0TR-VJPVbDisFgH8Hbu5vPIIc2ZEvIc_3uwi9DE9E4Jt7MYVa5X5quKWDgCAzd_9VELuT1YyUMZywSO2AGYNAWg&sai=AMfl-YQ3-r3_-IGPjkkmKQNGGrl2eS4_rssFD1AskPDe1KRPvitR1D2xjsT-0IQF3YpONy5Ou_d5gQn6mjo61KgsMRdUZb_VcJkFEL8Brp0YHcXs4bmg4yrIt3FJISkMIB0v&sig=Cg0ArKJSzH22dUyl8_1ZEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
DATA 200
OK truncated
/ Frame C86E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04a81e4e6251a61b0abff929ff9db4c6b738b25c87688e7f1a809f487deec095

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E6CF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 16 Aug 2021 01:17:40 GMT
expires: Tue, 16 Aug 2022 01:17:40 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A5FE 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee6f24b4864f96d6e9f11c71c7bdbd69807dc9e88459109111d04b5c5e1606e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hDuxSLJehY6kHBe/SjwItA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

expires: Mon, 16 Aug 2021 06:46:10 GMT
date: Mon, 16 Aug 2021 06:46:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hDuxSLJehY6kHBe/SjwItA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js Show response
pagead2.googlesyndication.com/bg/ Frame E6CF 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9db938215f2ff34f7d14783a3dfeaa79c4d787d7c2db6eeb5fbb9fd48450056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13302
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:48:26 GMT

GET
H3-29 200 container.html Show response
3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F82 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 16 Aug 2021 06:46:10 GMT
expires: Tue, 16 Aug 2022 06:46:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3642 624 B
449 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK_wxOACGPOA57EBMAE&v=APEucNX6hqwUoUyUN5HwvCOUAyXv4AH1u-xEG4kjkv1wV-8IRKpYv4THqd3ZsvNPkeEEntcgezIMkvls4D8PwIBlzLEEQvn15OzBSmD4pKk-ETUjAhgTsDa4HCaZlvbRiwzirkSrDYvfTNdgnExYvetXKdCwUh0hTPeKU1-QmYXol3C3lbg5SglgpJhCWK9MhFb2m8xN1AYQTPJEwf2T7XfJGCEPO-I1_g

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMrY-L4CEK_wxOACGPOA57EBMAE&v=APEucNX6hqwUoUyUN5HwvCOUAyXv4AH1u-xEG4kjkv1wV-8IRKpYv4THqd3ZsvNPkeEEntcgezIMkvls4D8PwIBlzLEEQvn15OzBSmD4pKk-ETUjAhgTsDa4HCaZlvbRiwzirkSrDYvfTNdgnExYvetXKdCwUh0hTPeKU1-QmYXol3C3lbg5SglgpJhCWK9MhFb2m8xN1AYQTPJEwf2T7XfJGCEPO-I1_g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUln0atZHqHkV19qaUeWr0MfMx-FvA1aGvUS3sQoNH6fdDgMOC4oaJ7Phc7M_nI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 16 Aug 2021 06:46:10 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F82 60 KB
25 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJuVuwyD3eaI3wA-FPIiyd3aPWv7sDcoPUnj8zvdaBp_0jAJdsc8MQtHKFdZlgmpLYx26Ym_usZb7ZuUFcHPkjzSQ4ltBISC5bbbM5W_HAWIr3zpxqfF_9iYGbNCO5MNJ5qtHpgX4sdMWVGt3sqVWMglIuVg&dbm_d=AKAmf-D3aAkpSes2-kvNZvowd_CPVghii-n7-5y5CMwMLY6wGCIkMZFvIA6d8fMODppD1fD4Qs4ZqdcuM8JCjPb0411Yr58Td0BHcJeXFNnqA2c-p1p4pzidcN7dS-FdAUb5mNkSa_lwgGjLrPOdUvvJT6CLgWtDFPPILJ-oQDPqfGX63ZSP3q4JsV8o066ujgTTaMCwjinqsrcAmDtNxAnOeM4v_2HkT_xdSQvBcsPMW9Fdk0wOB6ZVkbIemJdJ7EWTL70o9w1AJemJOkFyx0nanv7g76wTmat24KINwthi_H4Moj6bEgR347pC-VnswxK138graoEMoRtO2ny0EVIPYStlpTJdf7w1x8je-vkDekMPsgeMVrf9gCNOyofmfTO_xutLwn6jbATCoHyohuPlKYjj577jygdUUEUTEqQjJdBRnMI0GFsM_cGuUS9yUGWgWT7ho3WL0ApmdvJYnxoc6kLrVjAe7dDzVdRYao1FOcIqLEsux9pO56Hg2y92LieI8M00062krRIZhM3ZzNjiy1qXgVHXe9PSQwIoufOzK-NdHP5AI4f-ZY1x4-h8yIIE07Gybc0XkcZLG5TWhRP7D667h3D9mqNJG-NIlWb7paVzQlgt0HaounADaAMe23Xm9ta47yvdCQc62dG6Xs0c7_R9P5ATR31lH27FC4UToXfCcL0VCes9W9goJ7UolVJsuJmaijkX7QwRKWNhw7LI7RvmDbkB226O8WAUnddr7fyFMoYDUTeVZZVng10wMc4YFrRg6hioyoy8Wm-4LXSJFBpBZ8G5tMEl4q8HzXs9abzu5gKjRbKn2HmHYpoULPRL2t1fIhocgdIcpw5S3tTbrOfrpv1FqE1EjJAu3FkcFhPEjGiNn5ivVnCFjEMgvZIi8I4pE8zzYC2NvVGLmKAuXgiGno4TWbDBKUuIzcK8rV_S9j3WrDvRsxgpPo2l9yUg5O9DDV18Obm8a2-TJdJ0BSvnl8slO_8vuJUb4CgaZQsh9uzQgEFwIArcVsBiJlCiqiZ9M8YWEZAozdmgVA1vTgfMqLwhmxCarPcE9NxMEPTs3mE7-xB4q07M6xCsK7iLPRtW3VNwKp6J8anqB9ONl21CjVaAjKlj1emlm8MCZeje-GtfyRXyuZpakklNCnzztwW4KO3XpF5ND-xMcbkxZHKxBEsw68TXcunFiWKEvNIXBtO1rcGBO4fwpuK6x5cmeJestNZk2aqNjw47iAUf80CQf-H-1DBBBnE9D01a9AJhB0qOt5Y8rQhyynf8-L5jqnH4B3sTO1gvc-Tq7V2RA3czq1JqT1NHUO1ltb5HMfDBpzve5uwIQywvL44BTBHfYVHdD-5WxDxSyAW5YR7hJTv06ipFky0KwI9xbfXCOVSd_ch_KKqZDVqwo2dtjp2fbOb0V5VwoLg0er45DubJgCqgCy9ggsjPQbXjxg40_AB1ikHfjXcLLth9H0iQ7DqrPgCKygxF3xXcKWfjOl7maXBWjGtKccZAKsqY0Pn_cwHrChK1-xw-dsAZhYevgkaEgBne-Qkre7u_cT9jMkxK-lyA3yiePSPslJEeNRZHWX2bIkRKSUz20NLDfrH4puVGaA86YxT3l7SPHueXsyoothcWFGgLH2kHXJ_TWP-hu04zYsaTV58yI9NpeI4CJu18aaDK9tgnchqy-eYb65RtsIPmP7fNMLX_tH61hiAjcVQzvO_l_hwWbUhh9LWsGz5rUSTMNIgYe9TBVUmbalktZQTtkniTVHyIWJx8QS4hlzBO_kJ4w6jrg1jH_a4cYLa5NnGl2c7EDj3fknHZ2LbO4IA7RpHoMsSOGmIqUC8CTIsaYLcLP_aUIGWbsrX7zyXVCMEM2xbGpuFUBxFU2olQeVXPEte8qu2oIh4364YZPKChluT7u_FzW3KCfWxbZF-4AHrPWJ5Jx441HWRCUxxbVvyXqEdsDVUBpJT14P-L13V60q7yu22shwR3YT7L-mlGUiUiAbNQ7NgMt6vJbuEYbvdl5p9PT7tZDmeuDt5HEGP1eE6G9g3zyIF1FhdayXCwkV9g_jv1G_-4A0-TICfhhNd1KMlGpu0xzGoOAyXTdRxRsxFd05qQbcURM95ckmy5H5yPkIM_b_5LZ2MZO6X4pbvKomXOYb_8YCvYGGa9yblHc3uAT3Xgw7CqSPgo2UhMu35ndlhIwHuxi4SBkNLzrwm738iKGI7zywu1DMCvLQjUmi-RFJyFw4T53kzhZGa6NMFajHba_lqm6uFt2sfHPotKK6jtwrkZKIsf8-KX3SKCWuOaGgoDD1juvl0HFhD3haXvJcw8hoUhdhXt9Cog_klckFk-MpmyNP2478Zzlx4DDdEH4q3wK04vPGVxcJ39WdwWuOOwMw0z87ebttA5B07WAKDqRcFibwApUzaJeTf_kknllKFE950jVNZI8HAVr9Al3NW7JjAcSmnkPcgYJEWrWCun3icbB4WSsdeLpSTJurg6cOZritjfdkDVWD16qUFn-ehI1OjUB14-yU5xsJcb0tgP7dM047y16fOwkfrSmleTmMK-vuxJj74u69o9eMfVYT9l54X-zzo130LNFG-Fs-161DueKGtOwU7reHQp1qrDSccjCgENVAhks3UIXOyVkr3-fgQS8vm__xN6Ad6J6muIKoYLujjy9w8bs8JDdvyJdtT34YBM3XsOsl849PNyRD3E0PDMd_60C4L_Js4dC8EhNkhFrsXSWsWs_Frf9TrrAzHhH7iYfLmETKvXK3np6ggrdzNI4f6nsuvgpqPQZMR1qbkPaUs9sy77vnyl7VDCc2hSnSfhKCsh53xh-0WJcpVrt4Bn31LKrGCBxOnmCiTTDG5Lyh3E76tOm015WOoeXc_reY_uKd7vjy6uJggoSVd4A3s9_oTYznl50YZ3Pln953qyWfoqkzhbAfxVygCyjJcrsMsZIFS23qs8TYNnp7U6_09R8Ygpdf6RdcBHGEGHXBz1sYicaYi8dZ4gPV6oYofEQjMEDZQeKnem1z0iUQ3Fld_Q7TGQylY3XWRChHmjFcn2NZhLpDlI6HLLJUZxTuY1ewXrS1JGR-YzvIcoOiwHg9vQGDVnLDSXezHlhS6w5tUQsUA5E8dTylkkJgeUIKysiaXbm4dDm6DSNj3NaTHSwASOgdAg4-seAVq8bD4wtrflq6aYG2wF3lnfsUakODvK5TXVXl0z-DCtr40fKjyaJKn6pYMQcM9Gt6780ea_3PgWqejrxndRU96q6vfbHufeZhepEbM4n3Wcxzup25HP4f-00LHX9lZUZODQ83cIqg&cid=CAASFeRo35ZemVz1Vut_Aaebc19r_qM99A&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ebfaa7d8b7525ecbe9c6d27dfdaa0530d66a0c7c21c0d55d8e7bb9f7abbefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25199
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F82 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-As0vmAdoTue0clyPTwKcfOXR8P8B8BugRPcCTeoWTUg4gwS826LspywleMQZtU2jei9zF1wJInRVxQBKgBVQEhzVFjySBipIh5bu4UbyYjAFShKUQ

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 2F82 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:43:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F82 124 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 2F82 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:45:15 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3642
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1&C=1

43 B
1014 B

76ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK_wxOACGPOA57EBMAE&v=APEucNX6hqwUoUyUN5HwvCOUAyXv4AH1u-xEG4kjkv1wV-8IRKpYv4THqd3ZsvNPkeEEntcgezIMkvls4D8PwIBlzLEEQvn15OzBSmD4pKk-ETUjAhgTsDa4HCaZlvbRiwzirkSrDYvfTNdgnExYvetXKdCwUh0hTPeKU1-QmYXol3C3lbg5SglgpJhCWK9MhFb2m8xN1AYQTPJEwf2T7XfJGCEPO-I1_g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Aug 2021 06:46:11 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3642
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRoJs17uIHcrRDQd2nJYXwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1

43 B
894 B

83ms
82ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK_wxOACGPOA57EBMAE&v=APEucNX6hqwUoUyUN5HwvCOUAyXv4AH1u-xEG4kjkv1wV-8IRKpYv4THqd3ZsvNPkeEEntcgezIMkvls4D8PwIBlzLEEQvn15OzBSmD4pKk-ETUjAhgTsDa4HCaZlvbRiwzirkSrDYvfTNdgnExYvetXKdCwUh0hTPeKU1-QmYXol3C3lbg5SglgpJhCWK9MhFb2m8xN1AYQTPJEwf2T7XfJGCEPO-I1_g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Aug 2021 06:46:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_HqGmeX_i56KxMWgItlbk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3642
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJdB1xOVLNWUCiLS0T0OuAw&google_cver=1

43 B
1004 B

53ms
51ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJdB1xOVLNWUCiLS0T0OuAw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK_wxOACGPOA57EBMAE&v=APEucNX6hqwUoUyUN5HwvCOUAyXv4AH1u-xEG4kjkv1wV-8IRKpYv4THqd3ZsvNPkeEEntcgezIMkvls4D8PwIBlzLEEQvn15OzBSmD4pKk-ETUjAhgTsDa4HCaZlvbRiwzirkSrDYvfTNdgnExYvetXKdCwUh0hTPeKU1-QmYXol3C3lbg5SglgpJhCWK9MhFb2m8xN1AYQTPJEwf2T7XfJGCEPO-I1_g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:11 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 36b74e43-799d-4ee6-9fd7-9d6558cc3d15
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJdB1xOVLNWUCiLS0T0OuAw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3642
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5OTg3MzIyNTAzODQxNTMyMw%3D%3D

170 B
188 B

96ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5OTg3MzIyNTAzODQxNTMyMw%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 06:46:11 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: abbf7236-ae85-4c8d-909e-47b8b3fe0e26
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5OTg3MzIyNTAzODQxNTMyMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 2F82 114 KB
40 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 09:43:49 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame 2F82 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJuVuwyD3eaI3wA-FPIiyd3aPWv7sDcoPUnj8zvdaBp_0jAJdsc8MQtHKFdZlgmpLYx26Ym_usZb7ZuUFcHPkjzSQ4ltBISC5bbbM5W_HAWIr3zpxqfF_9iYGbNCO5MNJ5qtHpgX4sdMWVGt3sqVWMglIuVg&dbm_d=AKAmf-D3aAkpSes2-kvNZvowd_CPVghii-n7-5y5CMwMLY6wGCIkMZFvIA6d8fMODppD1fD4Qs4ZqdcuM8JCjPb0411Yr58Td0BHcJeXFNnqA2c-p1p4pzidcN7dS-FdAUb5mNkSa_lwgGjLrPOdUvvJT6CLgWtDFPPILJ-oQDPqfGX63ZSP3q4JsV8o066ujgTTaMCwjinqsrcAmDtNxAnOeM4v_2HkT_xdSQvBcsPMW9Fdk0wOB6ZVkbIemJdJ7EWTL70o9w1AJemJOkFyx0nanv7g76wTmat24KINwthi_H4Moj6bEgR347pC-VnswxK138graoEMoRtO2ny0EVIPYStlpTJdf7w1x8je-vkDekMPsgeMVrf9gCNOyofmfTO_xutLwn6jbATCoHyohuPlKYjj577jygdUUEUTEqQjJdBRnMI0GFsM_cGuUS9yUGWgWT7ho3WL0ApmdvJYnxoc6kLrVjAe7dDzVdRYao1FOcIqLEsux9pO56Hg2y92LieI8M00062krRIZhM3ZzNjiy1qXgVHXe9PSQwIoufOzK-NdHP5AI4f-ZY1x4-h8yIIE07Gybc0XkcZLG5TWhRP7D667h3D9mqNJG-NIlWb7paVzQlgt0HaounADaAMe23Xm9ta47yvdCQc62dG6Xs0c7_R9P5ATR31lH27FC4UToXfCcL0VCes9W9goJ7UolVJsuJmaijkX7QwRKWNhw7LI7RvmDbkB226O8WAUnddr7fyFMoYDUTeVZZVng10wMc4YFrRg6hioyoy8Wm-4LXSJFBpBZ8G5tMEl4q8HzXs9abzu5gKjRbKn2HmHYpoULPRL2t1fIhocgdIcpw5S3tTbrOfrpv1FqE1EjJAu3FkcFhPEjGiNn5ivVnCFjEMgvZIi8I4pE8zzYC2NvVGLmKAuXgiGno4TWbDBKUuIzcK8rV_S9j3WrDvRsxgpPo2l9yUg5O9DDV18Obm8a2-TJdJ0BSvnl8slO_8vuJUb4CgaZQsh9uzQgEFwIArcVsBiJlCiqiZ9M8YWEZAozdmgVA1vTgfMqLwhmxCarPcE9NxMEPTs3mE7-xB4q07M6xCsK7iLPRtW3VNwKp6J8anqB9ONl21CjVaAjKlj1emlm8MCZeje-GtfyRXyuZpakklNCnzztwW4KO3XpF5ND-xMcbkxZHKxBEsw68TXcunFiWKEvNIXBtO1rcGBO4fwpuK6x5cmeJestNZk2aqNjw47iAUf80CQf-H-1DBBBnE9D01a9AJhB0qOt5Y8rQhyynf8-L5jqnH4B3sTO1gvc-Tq7V2RA3czq1JqT1NHUO1ltb5HMfDBpzve5uwIQywvL44BTBHfYVHdD-5WxDxSyAW5YR7hJTv06ipFky0KwI9xbfXCOVSd_ch_KKqZDVqwo2dtjp2fbOb0V5VwoLg0er45DubJgCqgCy9ggsjPQbXjxg40_AB1ikHfjXcLLth9H0iQ7DqrPgCKygxF3xXcKWfjOl7maXBWjGtKccZAKsqY0Pn_cwHrChK1-xw-dsAZhYevgkaEgBne-Qkre7u_cT9jMkxK-lyA3yiePSPslJEeNRZHWX2bIkRKSUz20NLDfrH4puVGaA86YxT3l7SPHueXsyoothcWFGgLH2kHXJ_TWP-hu04zYsaTV58yI9NpeI4CJu18aaDK9tgnchqy-eYb65RtsIPmP7fNMLX_tH61hiAjcVQzvO_l_hwWbUhh9LWsGz5rUSTMNIgYe9TBVUmbalktZQTtkniTVHyIWJx8QS4hlzBO_kJ4w6jrg1jH_a4cYLa5NnGl2c7EDj3fknHZ2LbO4IA7RpHoMsSOGmIqUC8CTIsaYLcLP_aUIGWbsrX7zyXVCMEM2xbGpuFUBxFU2olQeVXPEte8qu2oIh4364YZPKChluT7u_FzW3KCfWxbZF-4AHrPWJ5Jx441HWRCUxxbVvyXqEdsDVUBpJT14P-L13V60q7yu22shwR3YT7L-mlGUiUiAbNQ7NgMt6vJbuEYbvdl5p9PT7tZDmeuDt5HEGP1eE6G9g3zyIF1FhdayXCwkV9g_jv1G_-4A0-TICfhhNd1KMlGpu0xzGoOAyXTdRxRsxFd05qQbcURM95ckmy5H5yPkIM_b_5LZ2MZO6X4pbvKomXOYb_8YCvYGGa9yblHc3uAT3Xgw7CqSPgo2UhMu35ndlhIwHuxi4SBkNLzrwm738iKGI7zywu1DMCvLQjUmi-RFJyFw4T53kzhZGa6NMFajHba_lqm6uFt2sfHPotKK6jtwrkZKIsf8-KX3SKCWuOaGgoDD1juvl0HFhD3haXvJcw8hoUhdhXt9Cog_klckFk-MpmyNP2478Zzlx4DDdEH4q3wK04vPGVxcJ39WdwWuOOwMw0z87ebttA5B07WAKDqRcFibwApUzaJeTf_kknllKFE950jVNZI8HAVr9Al3NW7JjAcSmnkPcgYJEWrWCun3icbB4WSsdeLpSTJurg6cOZritjfdkDVWD16qUFn-ehI1OjUB14-yU5xsJcb0tgP7dM047y16fOwkfrSmleTmMK-vuxJj74u69o9eMfVYT9l54X-zzo130LNFG-Fs-161DueKGtOwU7reHQp1qrDSccjCgENVAhks3UIXOyVkr3-fgQS8vm__xN6Ad6J6muIKoYLujjy9w8bs8JDdvyJdtT34YBM3XsOsl849PNyRD3E0PDMd_60C4L_Js4dC8EhNkhFrsXSWsWs_Frf9TrrAzHhH7iYfLmETKvXK3np6ggrdzNI4f6nsuvgpqPQZMR1qbkPaUs9sy77vnyl7VDCc2hSnSfhKCsh53xh-0WJcpVrt4Bn31LKrGCBxOnmCiTTDG5Lyh3E76tOm015WOoeXc_reY_uKd7vjy6uJggoSVd4A3s9_oTYznl50YZ3Pln953qyWfoqkzhbAfxVygCyjJcrsMsZIFS23qs8TYNnp7U6_09R8Ygpdf6RdcBHGEGHXBz1sYicaYi8dZ4gPV6oYofEQjMEDZQeKnem1z0iUQ3Fld_Q7TGQylY3XWRChHmjFcn2NZhLpDlI6HLLJUZxTuY1ewXrS1JGR-YzvIcoOiwHg9vQGDVnLDSXezHlhS6w5tUQsUA5E8dTylkkJgeUIKysiaXbm4dDm6DSNj3NaTHSwASOgdAg4-seAVq8bD4wtrflq6aYG2wF3lnfsUakODvK5TXVXl0z-DCtr40fKjyaJKn6pYMQcM9Gt6780ea_3PgWqejrxndRU96q6vfbHufeZhepEbM4n3Wcxzup25HP4f-00LHX9lZUZODQ83cIqg&cid=CAASFeRo35ZemVz1Vut_Aaebc19r_qM99A&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:44:31 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 2F82 24 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:44:58 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F82 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 09:43:49 GMT

GET
DATA 200
OK truncated
/ Frame 2F82 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af0753db71aceea39f9c9e7f90005b6235b78d2a179a105640d7615255efa846

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 03F4 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 15 Aug 2021 12:52:26 GMT
expires: Mon, 15 Aug 2022 12:52:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 64425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatad.js Show response
z.moatads.com/pepsicoessadcmdisplay526849686825/ Frame 2F82 297 KB
101 KB 212ms
71ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pepsicoessadcmdisplay526849686825/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3cf5399c38a160ccbbf34bf438f3d08e9fde80f4793f5141fc04a239f48fca88

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 14:54:57 GMT
server: AmazonS3
x-amz-request-id: GJ2GMVGN57SATVVK
etag: "4fe14ffdce5d684a92ed1a1e766ede47"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8556
accept-ranges: bytes
content-length: 102996
x-amz-id-2: sRuYih6JidIkTCuVsBwhNqIgJXYe9ziyOZ6+vE1PkQ5c0UjVtSK9Nf4OOYzRjPbtwPlehClwIOA=

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/806470185313909614/ Frame 06BE 9 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6ceb1947a75f8b24ff3e4ff0cd236d85d8a9bc96c9abee411ed838b678df13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/806470185313909614/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3531
date: Tue, 10 Aug 2021 14:00:46 GMT
expires: Wed, 10 Aug 2022 14:00:46 GMT
last-modified: Tue, 10 Aug 2021 10:57:58 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 492325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F82 0
592 B 174ms
67ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvN_71iTnALs3c7wXQ-SDpjxHDSwJyS987yepoIh5ao07PksdS9Ngi5xVZeR-0j6-2R3Iu0EGmliQFbLd7oDRmmoHn-Wd60sGCuuXiwnvOTwwh3lfn8Hbz2ohgbmhYG_X5iqwL_vnDsKCWYEKYQrvppcrM0bG7rg0JLcl7ft_RsoxOVf3FHJJe-cTRwSYUCsuz-n0kVKZQ6u1Y5bigq1lc2VCmJsccufklx10GAsAcbgzZxA3J4JTCS4o9F_dfMpIGmK5W6S5zjh1ZPv33ReHXP-exKft1PhnHodBFQ_tdzjf8Va5Dhw0vflWWBGGKNWfvFx1RRhDdXjzoojsGnWhsLMNWzUlqW-BpOESkDZR0ibBCPwjbd2Pqm2iEFAU6ly5FRHfJR3m8sKqgKGg0U-jbM36dqWKquvai0Ll0d53fBODTCOACoT54hE7ZCyfOBGbnFZBQm0xy3h6Awz1OOGktpEpO0gMF874TD2sUoeuI1aSdNYBESJDW8g2Y2yxKIEN-GNFUjUkWxlxQpGxCHxvZR_kakVvv0GHic828y7O76ButuYVWJsLPLIM6yBC5_n7JcXogum6SIgoBd2z7PN4CemlHTdUc-jIlTuAUmIhDkx2GWfbXYNnODxHCjx8ySZaHfhmLMSENoCsx11hyu8qQM9oy9vr_GIsgGYkIZB51mtLsGjLpxM9c4ZwDhGmx_0y8jLvHlrF4v6-MKFXCYCOdCCVJKNFTekHa1WoNGC7iG2Mr36W3j2X4MQ-J3-lhewNdmLeh2tpjrrQUXQuKkYS30TIChFRTWf9dHfn0bzHHMg1G06glwIGsysNfMbqRzDSFD8_eRAFlWfUUx3wlcjNLUOIQrztsQNCxzK1fu2yL5l_4k71P6RbdlKAncjINOFvtx6DHjEgO9qjA30G--S10VN3CM-UDVUSS2UqSDpcUAi9TZaNaKFm0EHFJDFkCqEe4jV7d4KNKdZye5DL91ld3ExxUskuhmsx0th581ql54q1fGolq0mDL52LQ7syVRbfxKXu4vS4ewKcUKtR6lW3ymU-tRIP50vYOuToYEQqblZRmRRtxcTTMPfroY7gwHCLVmSKA53m0Ez3diita3LnkbsteN7CbN_Rg65oQTKACqR52i1RaFeSkQr0bh57yPbnGeRHFmI7QH-tiFEJ42fFcI30XG6Ns7vHsXiV9TdoPqrGaYMkcNfvb3SbjJ0Et3GhE&sai=AMfl-YRXIs6-9xkjRN-jMziALpOi5hwW7oAk_gwUyt7v-nVM2yCGUJCAGH8Tue2sJOTFqG8uSR0nFVzbGos7xWVinO6mHzAuY8f_U4zYg25YCe4EQwijJZWAs9EQqDTwFcH-4OOYU5oxpxVDEBEqRR9yZTiR35d_gFEvK-XPC4c&sig=Cg0ArKJSzFAWyzU3Zut4EAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=78&cbvp=1&cstd=76&cisv=r20210809.80053&adurl=

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 16 Aug 2021 06:46:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 container.html Show response
3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E72A 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 16 Aug 2021 06:46:10 GMT
expires: Tue, 16 Aug 2022 06:46:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 player.js Show response
video.seenthis.se/v2/player/75/ Frame 06BE 41 KB
14 KB 160ms
46ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/player/75/player.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f7068a3a75ffa63182b6abf83959f2e19176f4bb3f6ec829daa899fbebb6de0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _iDGJNWRX5Cl48UPvmfuI7Mkq_N8wPqi
content-encoding: gzip
etag: "11296172e13b1438a27998d1b6702846"
age: 1108520
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=31536000
content-length: 13773
x-amz-id-2: c5Z3yhVekButftaxM+GA3QjFCx2vZYNGU4jUjclbDC2GasTThXR6dDYpGh3c3UAPiWVt405iFlo=
x-served-by: cache-lcy19222-LCY, cache-hhn4083-HHN
last-modified: Thu, 22 Apr 2021 11:44:11 GMT
server: AmazonS3
x-timer: S1629096371.271758,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
vary: Accept-Encoding
x-amz-request-id: VN0EBGA22DN281WT
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 8066, 104067

GET
H2 200 3 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/12/ Frame 06BE 43 B
395 B 159ms
47ms XHR
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/12/3?_=1629096371138
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096371.270906,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: lBA0Vkv_xiXku4ySZKWGMR5W9BHAYwG8Oq81kYAaQFIyQNFntgsRkw==
x-cache-hits: 0

GET
H3-29 200 yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js Show response
pagead2.googlesyndication.com/bg/ Frame 03F4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9db938215f2ff34f7d14783a3dfeaa79c4d787d7c2db6eeb5fbb9fd48450056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13302
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:48:26 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5036 640 B
318 B 26ms
25ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUln0atZHqHkV19qaUeWr0MfMx-FvA1aGvUS3sQoNH6fdDgMOC4oaJ7Phc7M_nI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 16 Aug 2021 06:46:11 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame E72A 114 KB
39 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 09:43:49 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame E72A 6 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:42:44 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame E72A 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:21:49 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E72A 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPOGLlDxaavSFfDV5xDkzBPX5w9nZeVR43tp3Rvb0BdH-GwJ7gXZMVqOy8NK6V1xyWWMpfeCfQeqinaw-p0xlrmm4agxzzHP6WKPrc5rd9WLf44kk

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame E72A 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:43:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E72A 124 KB
37 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame E72A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:45:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E72A 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdfP52KYWqWtNtiBSqo8XCt_FaukzcFF4Yb46x80fbfEOrTVuxuZAXZY_Plx8GBYkfmmRvzIFh0GoxNx5-fuVmYhHUxw
Requested by: Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 poster.jpeg
video.seenthis.se/v2/ads/zd8S9fzzae/ Frame 06BE 56 KB
57 KB 173ms
74ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.seenthis.se/v2/ads/zd8S9fzzae/poster.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c976c7877b8d40385b5207e3ddbe9706f0fd0e84305c825b75d36f8bcc171799

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zjkn.pMe4LWraytObuX5kft89iloqs01
via: 1.1 varnish, 1.1 varnish
etag: "4951fb3cd5b086ccb2b9e4ca37c2d649"
age: 508711
x-cache: HIT, HIT
content-length: 57575
x-amz-id-2: ofv8ckzfyRyniT+JQzwd2sNGnVIilXeJHok7fW0GwFfde9zMIyvqOumLMxER7I+g26GKCXRMcE0=
x-served-by: cache-lcy19243-LCY, cache-hhn4083-HHN
last-modified: Tue, 10 Aug 2021 09:27:39 GMT
server: AmazonS3
x-timer: S1629096371.271744,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: T1AB98ZY064ATM8P
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 26

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081001&jk=4197298942757962&bg=!cXKlcjbNAAbOj6irzo87ACkAdvg8WhJxuU3zEhFsO1wDS-JwPavMxyzJwN41dl-vmykTXmE5v50V9AIAAAC-UgAAABZoAQcKALLUbhH-kFiuLvHnPfjRlBzftMKbLXJGAETzG7OEEy27OPmmmZtGmX8LKNzGNavGynhHQdwOfoEprdwlPDNSVEm7AieBYGcrbxOZ0jN108wZPP4lGO8_leLWeLT6PWZJk625ICxxHqg4x58oZU1bKS0Tl22uVLm8U_CyOkxzYbejgjVt4QngueOOzWngYwSx-JyDufDX8N_KWWax-GEOJc6sVpZ93XfIVUoQd4Tur0ByK6h1mQJ_dEzgwVrMLgM51f-Mqqj1r_MWIVSl4q7SapTrvzOrmWcjKLzzCTXbV9cF5P7vysSRNXJeML06o5M0ZA9wm3kpJTecc8TFopU31n_sZ3dlHOduninkDmEFJz4Tnb3vaE_nSOPiVfZ7U6wT0kIllnTLXxFrPRcM6rLNRgIgpoEEyRWnziD0iu6pLSjc6YQ1w9tC_TPnsJfpWk3dxg5atpVpXK7mw29I83vrYF2hciwXnqinS7SAgHEPJpojfHqGQWx2siO8eahj4VYSEaC7_n76qISAAa2OZ8ktCbkaZ1wfWB7pBhe5cvg-RdWs77wj74iNd09uneY3ze_XJlYvx51dzfl48Kox7UvR2fP6sbdSb3LbocSTx4g07A0Ae3hH7wY1-d5G-QqFrxuKAtHV5G71x2v5WSBGIifGv6KUwyZz6Z9FYQWIQzps_gbWCGHJy-0UxMk5sxQSMCZ-_KaKV3zghelqavUQhrGdG8QCoUfQuP9TafL18uwz0yXuVWQGRpa_75R5dkx6LLZ7F0Sgjg1GvQGM3Um6A5PPvsiGX7_axM64dQSgV2m5TKWZ74iFUiUHKfstO0zSGHXFhDuaaBregDEVAy2uJCim_Cgb6CKif3B12fDiV0YF4ydgHeJJleuJKh-7QVNX_AnsXjC_4-syBuKJBv1OIrFj7r2arP3NShMtegoOCgOyRleaXnX-gDko5iG4rLlZw1_3AniPUKTUAwniKZUp6ShsMwG01BxetgngD91KcEv6ozJMjHRf9W8_WgBMnZEtYPY4FvytdQsHbXqZbzBTKlNBHnjCwxI6rDR6FvBrXj_Hcr9_qCZMKaEvN18zQ4zWOrQ2vY3Yrxqc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E72A 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 09:43:49 GMT

GET
DATA 200
OK truncated
/ Frame E72A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b71a751e98699b54432e3353a510d249e259489c0f567860893a0c7b9625bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/ Frame EE49 6 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977a62a17b9e710ccb5d0535e16a3be20922b3aeb5a967c03cbb2904f86cfec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/4831635490124904626/300x600_v3/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2311
date: Fri, 13 Aug 2021 11:41:32 GMT
expires: Sat, 13 Aug 2022 11:41:32 GMT
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 241479
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E72A 0
61 B 65ms
64ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8Msc1xWiWCANN7LlFTuNZDuLevZgzsU1HdvTl16leSJ_Gi1Ix0p4-KSN-NaTqaUa2cGHELrvmQF2X9SUNroStuUnp4IkWIhmQTHPBVUWD9pCrwqm_WX-lTJGgUtLv9CLuoXX5dSszaBVSvl8wEkkRm40q0_Gxg3N_dp3emmQ-cqQK22kkI9pr3TlJaKOU8h03g65q-mgm2cYlYia0rLkJUv_oMhk5_qu39IrFaPR8sye-dOi_l_67vIqp28dqf1F0z_SLvCCXkuMi5HPXFrhfBqibxwdDIy3y5mcR2SMTp_1LjNdZmGjGQMtd9JxAp2wfjaDD1QcfUkKjgKUqoCtrKe16QRA7gGoNfkWM8iBpGZAB3Fu8DswxqbNe9ZxeMGN_Oz5HGR06clxyDyyCyNNIY8HtC1BeGiuZjxU9EXVaZUzr6JF2w7bmPcPzFBOAwBFxsh7ec3HN9MDo2-0Ssny3PQvzVhdomasNkOZYgP99j1zYiT_T_87eJoMMmNlK3dOjpZ9pqwxJL8bKoGDO-cUqRlUNAeu2UX7kf1LQcHWBaq-RyLH8PYgq0aDmslCGN1n8kEvpSsUm9qZH52a8ew4-oWAWPiN0db14a6Wd7SVNWkkDg_OiVpkLBFs1B_e5ryY2jlaWbYZF7AiSkpO4FsQIpey5Yko-bJ8a5wZylwyNQJedr-k6sPVWNdm9B5AVdrWRcxAhlHH-7sJn60H07i_NEAQ9xEZ7sbciD6h2sEYXF9KlUim5QAH5klPGD5bva-UqitPO5rpZ8rBBWxeRYZPyFqpAXa9Pa6REgfAIgzzVvylgIwj4PW_b0c-VxhA-OSareaovjeMlEYDvutYtHnG0tV5z1hpUzrLlez6knRkIR6280I5qBAXUdos7h_UBvEwOrJ8Y4WSETvqFpr51lcX2KuEx00EVSfBo7mMY3C4GEZnwXlHv9GIlq2litNgs4rLf6MFFVRnhrJEM4hkf_Ubj00u2rc3czFdtatwU-QnyNX5MDYI5iiQPyGolJFoVBgWo-hsd-cuJ0kgrvsbiQpqxkgJuhbmBlMHhv3q3MexGk06CxoGMr6OdPsOlfzFRm3cr2MUglRRl2nr1g-42CEa4ciWkGLIdSwePZosEhQ96nr_hcOEYrShZpz-w68eWgrJAyqNI5VGZ9weaNjDJKDpI7lTIH3Z1SXc4OHtI8YqGl2Ne6V4WFf2zzfJsB0UY&sai=AMfl-YT6h9UcF2EU4rCDCx33xy9tjSGKHm0jZFcRaWALHhZMtDwxKFANtbYuhITyeVbtG1JAE3ej4nCnu0bUWCepCXnHAbron4HgZCPNkQpDDG3Iz0cAp47-lJdXRiiTy18OTbmTmig8l4d46-hxZJkg5BZbWDM7aILWPfNrfDR_579VUCAKXRdxaA8P_g8x0unrCASb28TNwjF5NLh7GPz3Rcqq4a3k6CIQHhnjlHNWBzJihzyxwVG9mxvLJb-NC8U3t8JQqehxgdImFfy4jas8BMLh8LgWz0slL4OWty-8p_zmk5nU7kSeqca7X2YMKcgrEXatq21oyKHoOaeLOXoPKOgGZWGMcotrL-V6tACCqkFkhEZufPGJg7tRnyShnSY2Qet9cjzm&sig=Cg0ArKJSzJFbQB0sxu6TEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=90&cbvp=1&cstd=89&cisv=r20210809.29253&adurl=

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 16 Aug 2021 06:46:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5036
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECR1KmOg5etmidl-lDf_mmk&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECR1KmOg5etmidl-lDf_mmk&google_cver=1

43 B
172 B

57ms
56ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECR1KmOg5etmidl-lDf_mmk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECR1KmOg5etmidl-lDf_mmk&google_cver=1
date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 google
server: OXGW/16.213.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5036
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDIxMjhmYTQtMTA2OC0yNjI1LWUxNmItMjUzZTc0N2IzOGFh

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDIxMjhmYTQtMTA2OC0yNjI1LWUxNmItMjUzZTc0N2IzOGFh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDIxMjhmYTQtMTA2OC0yNjI1LWUxNmItMjUzZTc0N2IzOGFh
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 5036
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFOz0k39DN39XTZlXGYrtwQ&google_cver=1

23 B
172 B

153ms
153ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFOz0k39DN39XTZlXGYrtwQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 16 Aug 2021 06:46:11 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFOz0k39DN39XTZlXGYrtwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5036 23 B
172 B 194ms
74ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGOOJ2rEBMAE&v=APEucNWBJ7jQOqijfEkKmT06v3t7N5v73_IqpWJRfrXF5zTfEaqqgEAEb5iSV545KcgFeAFALowSU2M2EdahvH_CKon7VpvQ_RCnSrmpe5KeWxjt8q0cvgughN-eRFvtYyV_X7repOTcsEFcWBby3QcaOjKww_KFvc0jLduQyVw5X-jsWw-KQVbEHDPEv0zJIxxCiaw-KmsZCr1jn0oKxsro1O5fCz0amg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 16 Aug 2021 06:46:11 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5622 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 15 Aug 2021 12:52:26 GMT
expires: Mon, 15 Aug 2022 12:52:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 64425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame EE49 236 KB
63 KB 48ms
16ms Script
text/javascript 2a02:26f0:6c00::210:ba2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 16 Aug 2021 07:01:11 GMT

GET
H3-29 200 300x600.js Show response
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/ Frame EE49 93 KB
19 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d836f11d380adc6112c2a9fbb07da385bb45554e22378f6ebe3eab40bc937987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19744
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:32 GMT

GET
H3-29 200 container.html Show response
3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B4A5 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 16 Aug 2021 06:46:10 GMT
expires: Tue, 16 Aug 2022 06:46:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1143 499 B
336 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPahSxC09N8BGOGZoKgBMAE&v=APEucNUH7IhA0RLeeyq2Dlbj1SAoMOpK6XMl-snFnPvmGegTXLFNNLR3BGLKPPOyMebPPdvs5CBiS94XLb9KyVVsRvB2_3OVmQSxUzvdlwkNfEtQEKPPiKbglHNK6gepi19URa1avVTvcXpGs2j8bF0zCgqCoVcjU_bUlsUcpCZC9CH0cEPOFCEjduRfJqGx_6Uv833aB5UBcqVCWv9eseuatq_GFECBsg

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPahSxC09N8BGOGZoKgBMAE&v=APEucNUH7IhA0RLeeyq2Dlbj1SAoMOpK6XMl-snFnPvmGegTXLFNNLR3BGLKPPOyMebPPdvs5CBiS94XLb9KyVVsRvB2_3OVmQSxUzvdlwkNfEtQEKPPiKbglHNK6gepi19URa1avVTvcXpGs2j8bF0zCgqCoVcjU_bUlsUcpCZC9CH0cEPOFCEjduRfJqGx_6Uv833aB5UBcqVCWv9eseuatq_GFECBsg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUln0atZHqHkV19qaUeWr0MfMx-FvA1aGvUS3sQoNH6fdDgMOC4oaJ7Phc7M_nI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 16 Aug 2021 06:46:11 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B4A5 60 KB
25 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyXufz9YKNyosYx1WZ0X2qXLLs8MyPRG9fuv9Cha9GMfFBWh_wD-ckWqtLsqvK992OSNIxtBMizMYohK-ojPQK9rmWB7CJ5xh3YT6bqqkfRl2phw6BGby_8CmTbPjkWJkveAzqNIOTI8fLW8FNmz9CXuw5LA&dbm_d=AKAmf-A4GyEDBdh6UuWGrccE_mZZKBoNmzZeP02KJAMJON3A7wGSId5UK_daa8VFll5QoP1f_iU_6q2AMmoqD20ZUuqVcXn9GAevGpobiaqoF8m_mfNAy9k4EIt916gioAJnRrT0aaiqQ5jvKN4UcUlvfIHREzQGnuzdczmAAIuM67krGzniDHBsDHefc4Gs8IKpX3dyCwMmn7lSriq6q7995PRAvTrY0jhgUu3Pxn8z1iRNFC9rKpk9fS-XcUZ1S0a5OkNE-iHf19hp7Za-W2RHoEr2hcr1i0bELkRE8i2PEqQSWIkpmQUvdWYV4KcVGOt_PrMeTtYu4TEA2ZZ0HVG0iKpIOL4Lkq2di-LsLkSmCIgIHKfayRV_cwBnvKdSfSnL_EwuZmHoJFncQqtygVWS3srOqW7JP-wS-Nk3EeMrYAEToKx9f8ViItSdJPdRklHwov03IShzf-l5gneyJOJU4KjeHtoB7uZQIjl1YeCwHLFtfbmvux7ODaYuF-tRl7U3V4c2iygEBPUl2ERQUB2zoxso4vv3CMpoOgt91BIYzeVDRyQ2tnn9CjeEpFHgg217rCHNNtlbExzCxU8g2hFVICNnWGo1fD92D6hfgClPjMsDGq1Zteij-bT-CgqmvF_w9Lbq7UPF8jwXSfqYFZKTPGGw-x2RIdejHB4Z9twHylJ61u7lmWOLVWPHBDbVueuj4jXPf0F7Fq8wV1y7oC6QjvG_pl4Z60m4gVchz5phO_QIcleyJr0Zuxeyve8TSoSc7gufCNPwBP1TnPyFx8iyXqCj09vLs3Bqj5nQHyfXvyH9UKYoSgRl0D3eaOKCZWtB9JVc8hGCSdqmDJpRttXxHp9RGzlhxSNoRUrqGfQ8V3LLA9FishSYXUoE6wigHhrFZXky7cgqHDeEX0k4UWPD94RvwrsP2ZCNmHZpJroSsv_gd4wVbSs60e_YdJTdGNi6_9rmg14zxohrJ_TjQXXYxxaTxxOmIhyfXc9wRMdgoHRaMYN0PbIxkbQtRGTGFc_ErFsuNYnhXYGr5OwKRpOlrjRp3yiDI3dldaONFn3ARmuU3hETU13Dh58yyOgNzMi7p_fKFP1LOuiOd0n84Vgzf2_MG0d1k1wwp-0j_UTX-IaXuMNPu56b2jh9QN7ZelXLNul1jYDq1TVvaC317pAwBLWyhZr5FAwYvEkSyiBGSeOv_40X7ML1Z3UWKB5dzOt0ETjzDgWwRE0xl8QP3RNatbZRu11t1-_qWmt_P3-KSIAhIRwdWf4e0VVcyJAd2CmfrMzJEDzK_yTsQCy27fybPddNKkdzFY30YX26Guob09pNCnp1VIZkYihFaIXSjGlgI7Oiv0_PVWxwL0Qrm3_HELkCi-cworfJPTZFxxVgxz4CCOI_KGY5ao18Vd2_msHdV0_Z3xlUeJ4SFCq2_WgZcymcaD7by8BH6PGi6En0HvXIftsW8Qx7Kaw9nuKnl1UvD6HVkO3R2W_fHFxc_5e8EZBoy9yBj8o90GV87j5cD-awKVudflUIoeySUzZCNnkbBqK5XU6RlEz5BXrqWOVPJTKnLXmIgfbyRXVr7Fs7U3copRBqLaOUIe5i7d-3zfk4e44zzzqDf2sHxySmoNhEP4HbZynPQ4juNfgXJOlV3fzCuBQS2Nc6i8dykOtlETNmvt9pdsJCBASCT0qnhVIJe6s3freWNGLmaLJRQMvyRNfp5ML5b--y1DkC96QBVX46BUSGn8-nt1fpKt-TOT8U4Dny4gmYLBIpgLbGgILSzFghF3pWqdObX2-72Ci0BQfdk_tqT0kc1YeUFq7A0OqW2rhYY2UDotcfsRY7J9XbHL2PauKCWFRHQev2p6PMwlBGu9ILpjwg7OGCfuelbaVUhL57mGHUi4v6Pe1NFtjD6mzUwVQs5UOWF963il68Ztoq5BXzP1axoahiBvZtx2s6h4-TvqdZqhzid2yKcBDidMqgGypn-CH2Q7kedpHRXxC2Rh78fUkNQVVj4n7uIdbaZgtyX9qgGpCXfWErJv-mwusxQEIqRiYs9dP48CtNU7XIjIngjcIA1Is7cFrDk-9P0SKiby2k0t-u1aMsUPP8F6Je0EPqFmEwYAuuz37ULEszF6CgxFEypXvsvblyYdEBpN9iecX53R25nOuL25HnK6EQWB43RLF4CRrDJ5QEYpD0aeXCjyWc4cF3pzgKFKkKfzQ5MB4NBfs91Iu1nTHqfhQ8Q2y-mpBcEP7Neg7RmNkm-S9208n2xbRyBVaQWOYNRZI8CaEnhwUkyO_4oBG4yfALSYMi0BBySka3i08khB2VX__c9AEiXdqRBjTl3w-CUaT5w01bCJWhkRqhxezIU6dczweyVnfZpIelC45zN_pCUC_ho4oO47U8FA1nM4sw0v2kLkdsDmKN7fQmRcvswcAlztpUUIIHO8fVUn9uVAePz2BhlRrNcVRdlUibF2AaGao4hut5AYC2wAq4F9j4bY6Kq7PxPJkhVOar9gHjbC_AW_dJOtUciyBWTseWleXKcib2GERF-25d-sxCGA5Y1ABnNrxz3ktnrV3XB6Act02ziVEsG6o6jlJNv0zYo93MLyfGANNS9Z2pRrn9iVAwzWBP7miR_a6MaRydDER04_68re-d8PLy6yPki5RtZ9QptqXnAXRQsIBGRzAkJ2i1NiSK9WYrbpio0kAviNQU2bI62DMJfS9rzBsIFRBQ5jHKAjURKHVDwT-Iasx0-RuEnndSkCga0DCGF1P0n9evyvVBWx5LJMtuCEcIEyK3u0MDcfGnJU8YWpmJC9Z0zZ3-QQR4WPEXcXK1RUJDe1TtswBUdR1l5bZ7NWkgi_QV7bZir4C6UorG9NBQzjs_m_gUHUWL3Fk729Jc045HUziuCtg5GueSVtgrUV31jgoLZdEpzQObEsXPuFwAK6DwhgfwUpiFOMRu3-RUsuJipC0PeGkwv8dyzyvD7YY86nkzda4p6xska6f_I8pQFrcyLY9StSmftz10HZEgO3SZR9wsN-MkPBZZtH5WsW_Ps_pbeVyZWg5m2I5Y7min-ZLfFDCed-4scelwUfvuL42T-2pcnA_902VDpuLI3hL03e95PUKa6L5mqBNt3R7BOPnvWQtxL5twTABALBbtJvhQIskl--sh8X0LBDd8Ao_h_6Cewl8YWiWpaNFyiRJX-bGI6ygl9X7-pWYTk07U8eUuju__NNdaR0TlErFYfQ8jpl0MuJLtDU6YuEWSVnYKWxrJQPbBNmwAhHta2HAdHXlQuBRIvPh4HhMy9GxG5VcN0FhtF4T5--nu_W39090LShtegB2GeliP7r2112ox5KSpkP4AJHfwLxMXsW2PtTOSFur9HKehq4G7yr6xC-_6GNVr8nKfYWX4mQOhKdxxbWoriLTQZwNN4AiJ3zrjMKQO6o6TYdrehZlFEAnafw&cid=CAASFeRo0BYM0R--ohYS8PnLPUIkZ7Q1mw&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d92962e8190233fca4c451e7df078c5fb2f29e617cb9765d6d03928866c07296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4A5 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CraOGhNZoGryQhXa47hlvGg1uYothGun_tmnIBOewWPTpJsaQaXMxnK3yrh_G-G-fQEcnLgkDW8Eg3U4UoqqioT-I3oSQBoM0W9oZffvqyG2IpLLU

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B4A5 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:43:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4A5 124 KB
37 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B4A5 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:45:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B4A5 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSoAuOzofSspY7JkIhZoSxZoIOkaM818IABpmW5C2orX2bkCjlvsWK8Y_OWwgq-foV_Koa47Uw1uYCkPKkqHWV9LPt_Q
Requested by: Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 5622 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H3-29 200 CA131_p_small2.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 12 KB
12 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/CA131_p_small2.png?1622176049317

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3655dd997297b5782d5c7a56e2e393d1f1336339427b86e3992cd19fa625db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:34 GMT
x-content-type-options: nosniff
age: 241477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12431
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:34 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame E72A 0
23 B 108ms
56ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 playlist.mpd Show response
video.seenthis.se/delivery/stream/Q0Xjk4CUZ/ Frame 06BE 13 KB
3 KB 49ms
45ms Fetch
application/octet-stream 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/Q0Xjk4CUZ/playlist.mpd

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03fadd978cd5127773d4c08f7daf1fdafc046531e336ee6c13ce8acfa78ad736

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Q6STVkPoRfd0phbh.CqIGNNd.zAGEMum
content-encoding: gzip
etag: "682fecb8e0ad014832d74730f06ed418"
age: 508728
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=31536000
content-length: 2245
x-amz-id-2: yPqUvdXHmFznnnARVkDOtnOSlZsdw1dL1W++ec+tLg9QMj8bD8wiRTUAGJr5/86fe4rVttLny6Y=
x-served-by: cache-lcy19277-LCY, cache-hhn4029-HHN
last-modified: Thu, 05 Aug 2021 08:51:45 GMT
server: AmazonS3
x-timer: S1629096371.379209,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
vary: Accept-Encoding
x-amz-request-id: HCYQ5SQDY824W6XD
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 23

GET
H2 200 3 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/1/ Frame 06BE 43 B
208 B 51ms
47ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/1/3?_=1629096371354
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096371.379644,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: w_vLgPlsJ6edIxci5AW4eBodpkNCPPkiaWui_-yM-pCJz3L-pOHBZQ==
x-cache-hits: 0

GET
H2 200 3 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/65/ Frame 06BE 43 B
334 B 50ms
47ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/65/3?_=1629096371355
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096371.379630,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: lS-6ym3yugOOeukNcOUowpw2rX6mdIaZba07CZWMhHihTlYbFH76Dg==
x-cache-hits: 0

GET
H2 200 12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q Show response
video.seenthis.se/v2/validation/tracker/ Frame 06BE 4 B
162 B 48ms
45ms Fetch
text/plain 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/validation/tracker/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 61222
x-cache: HIT, HIT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-length: 24
x-served-by: cache-lcy19259-LCY, cache-hhn4029-HHN
server: Varnish
x-timer: S1629096371.380215,VS0,VE0
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0, 23

GET
H2 200 script.js Show response
video.seenthis.se/v2/creatives/E07mgBZ1-4/ Frame 06BE 252 B
614 B 49ms
46ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/creatives/E07mgBZ1-4/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c5ee9ff3b898472dcac1ac3413239591101e7f8a009754444c6dca69e4b5005

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OM1BurcuBhdYhYxhbXECQerysgWovTy4
content-encoding: gzip
etag: "57dce4f75ef8cdb21f92d09e97b60446"
age: 508728
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=31536000
content-length: 173
x-amz-id-2: BIQn+v+XfTsTxw9jwcE3dbKPO/7hAy3UXdCr8njpSZWCQlaf0I98rlXiz+etWR73QrDxmAUKw3E=
x-served-by: cache-lcy19262-LCY, cache-hhn4083-HHN
last-modified: Tue, 10 Aug 2021 09:27:05 GMT
server: AmazonS3
x-timer: S1629096371.380863,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
vary: Accept-Encoding
x-amz-request-id: HCYHZGQRPWC1YF6T
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 721

GET
H2 200 style.css
video.seenthis.se/v2/creatives/E07mgBZ1-4/ Frame 06BE 289 B
479 B 49ms
46ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/creatives/E07mgBZ1-4/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

814ecb1c88267a65c746e97a8fad8a64d0de4c77867a9a393ca94a342bce5387

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Jku0GGc.a.EZupoueD0Q4oQuhmVu6k_g
content-encoding: gzip
etag: "a69df1f6115ef40ff04cb86284eb8dd2"
age: 508728
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=31536000
content-length: 203
x-amz-id-2: usIORknzMdobguhMDFPK31KSHRZ6+UELZQs3wo7FjCI6uzh2RwrA8oiXvOHGUZ9Hu0+xyE9aMVA=
x-served-by: cache-lcy19231-LCY, cache-hhn4083-HHN
last-modified: Tue, 10 Aug 2021 09:27:05 GMT
server: AmazonS3
x-timer: S1629096371.380448,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
vary: Accept-Encoding
x-amz-request-id: HCYPM81G2B1XDXPT
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1, 27

GET
H2 200 index.html Show response
video.seenthis.se/v2/creatives/E07mgBZ1-4/ Frame 06BE 113 B
438 B 48ms
46ms XHR
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/creatives/E07mgBZ1-4/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f6c4e7f843747d499b1d32a13e34f8e59bf94a0e12e9cc34fe9caf4eddabbee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TXw.gUbrzQaq4khLG6STCqmPTl0hpss2
content-encoding: gzip
etag: "fd6eb568b1699ab055507aaee72b5714"
age: 508692
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=31536000
content-length: 125
x-amz-id-2: +SwJn22Ewiu8jIBmiZRphQnwPBFqcEuUH4K3aWP9AGZXG/emkcOGdMGorAgFpNklid71TlEWsg4=
x-served-by: cache-lcy19243-LCY, cache-hhn4029-HHN
last-modified: Tue, 10 Aug 2021 09:27:05 GMT
server: AmazonS3
x-timer: S1629096371.380723,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
vary: Accept-Encoding
x-amz-request-id: 34SFBEDGAJ0PW080
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/html
x-cache-hits: 1, 22

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/19/ Frame 06BE 43 B
209 B 48ms
48ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/19/1?_=1629096371381
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096371.402704,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: rjZFCVWVgW-Yg3UF_Ex_R2otmDvbQGNBxHpt2qy9CZdAJwd5kQ1XPw==
x-cache-hits: 0

GET
H3-29 200 e.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/e.png?1622176049317

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90cf1455f9c446dcb9132e7b24bd0bf4576064ebc9af8908b9899381bfcd313e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:34 GMT
x-content-type-options: nosniff
age: 241477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3325
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:34 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame B4A5 114 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 09:43:49 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame B4A5 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyXufz9YKNyosYx1WZ0X2qXLLs8MyPRG9fuv9Cha9GMfFBWh_wD-ckWqtLsqvK992OSNIxtBMizMYohK-ojPQK9rmWB7CJ5xh3YT6bqqkfRl2phw6BGby_8CmTbPjkWJkveAzqNIOTI8fLW8FNmz9CXuw5LA&dbm_d=AKAmf-A4GyEDBdh6UuWGrccE_mZZKBoNmzZeP02KJAMJON3A7wGSId5UK_daa8VFll5QoP1f_iU_6q2AMmoqD20ZUuqVcXn9GAevGpobiaqoF8m_mfNAy9k4EIt916gioAJnRrT0aaiqQ5jvKN4UcUlvfIHREzQGnuzdczmAAIuM67krGzniDHBsDHefc4Gs8IKpX3dyCwMmn7lSriq6q7995PRAvTrY0jhgUu3Pxn8z1iRNFC9rKpk9fS-XcUZ1S0a5OkNE-iHf19hp7Za-W2RHoEr2hcr1i0bELkRE8i2PEqQSWIkpmQUvdWYV4KcVGOt_PrMeTtYu4TEA2ZZ0HVG0iKpIOL4Lkq2di-LsLkSmCIgIHKfayRV_cwBnvKdSfSnL_EwuZmHoJFncQqtygVWS3srOqW7JP-wS-Nk3EeMrYAEToKx9f8ViItSdJPdRklHwov03IShzf-l5gneyJOJU4KjeHtoB7uZQIjl1YeCwHLFtfbmvux7ODaYuF-tRl7U3V4c2iygEBPUl2ERQUB2zoxso4vv3CMpoOgt91BIYzeVDRyQ2tnn9CjeEpFHgg217rCHNNtlbExzCxU8g2hFVICNnWGo1fD92D6hfgClPjMsDGq1Zteij-bT-CgqmvF_w9Lbq7UPF8jwXSfqYFZKTPGGw-x2RIdejHB4Z9twHylJ61u7lmWOLVWPHBDbVueuj4jXPf0F7Fq8wV1y7oC6QjvG_pl4Z60m4gVchz5phO_QIcleyJr0Zuxeyve8TSoSc7gufCNPwBP1TnPyFx8iyXqCj09vLs3Bqj5nQHyfXvyH9UKYoSgRl0D3eaOKCZWtB9JVc8hGCSdqmDJpRttXxHp9RGzlhxSNoRUrqGfQ8V3LLA9FishSYXUoE6wigHhrFZXky7cgqHDeEX0k4UWPD94RvwrsP2ZCNmHZpJroSsv_gd4wVbSs60e_YdJTdGNi6_9rmg14zxohrJ_TjQXXYxxaTxxOmIhyfXc9wRMdgoHRaMYN0PbIxkbQtRGTGFc_ErFsuNYnhXYGr5OwKRpOlrjRp3yiDI3dldaONFn3ARmuU3hETU13Dh58yyOgNzMi7p_fKFP1LOuiOd0n84Vgzf2_MG0d1k1wwp-0j_UTX-IaXuMNPu56b2jh9QN7ZelXLNul1jYDq1TVvaC317pAwBLWyhZr5FAwYvEkSyiBGSeOv_40X7ML1Z3UWKB5dzOt0ETjzDgWwRE0xl8QP3RNatbZRu11t1-_qWmt_P3-KSIAhIRwdWf4e0VVcyJAd2CmfrMzJEDzK_yTsQCy27fybPddNKkdzFY30YX26Guob09pNCnp1VIZkYihFaIXSjGlgI7Oiv0_PVWxwL0Qrm3_HELkCi-cworfJPTZFxxVgxz4CCOI_KGY5ao18Vd2_msHdV0_Z3xlUeJ4SFCq2_WgZcymcaD7by8BH6PGi6En0HvXIftsW8Qx7Kaw9nuKnl1UvD6HVkO3R2W_fHFxc_5e8EZBoy9yBj8o90GV87j5cD-awKVudflUIoeySUzZCNnkbBqK5XU6RlEz5BXrqWOVPJTKnLXmIgfbyRXVr7Fs7U3copRBqLaOUIe5i7d-3zfk4e44zzzqDf2sHxySmoNhEP4HbZynPQ4juNfgXJOlV3fzCuBQS2Nc6i8dykOtlETNmvt9pdsJCBASCT0qnhVIJe6s3freWNGLmaLJRQMvyRNfp5ML5b--y1DkC96QBVX46BUSGn8-nt1fpKt-TOT8U4Dny4gmYLBIpgLbGgILSzFghF3pWqdObX2-72Ci0BQfdk_tqT0kc1YeUFq7A0OqW2rhYY2UDotcfsRY7J9XbHL2PauKCWFRHQev2p6PMwlBGu9ILpjwg7OGCfuelbaVUhL57mGHUi4v6Pe1NFtjD6mzUwVQs5UOWF963il68Ztoq5BXzP1axoahiBvZtx2s6h4-TvqdZqhzid2yKcBDidMqgGypn-CH2Q7kedpHRXxC2Rh78fUkNQVVj4n7uIdbaZgtyX9qgGpCXfWErJv-mwusxQEIqRiYs9dP48CtNU7XIjIngjcIA1Is7cFrDk-9P0SKiby2k0t-u1aMsUPP8F6Je0EPqFmEwYAuuz37ULEszF6CgxFEypXvsvblyYdEBpN9iecX53R25nOuL25HnK6EQWB43RLF4CRrDJ5QEYpD0aeXCjyWc4cF3pzgKFKkKfzQ5MB4NBfs91Iu1nTHqfhQ8Q2y-mpBcEP7Neg7RmNkm-S9208n2xbRyBVaQWOYNRZI8CaEnhwUkyO_4oBG4yfALSYMi0BBySka3i08khB2VX__c9AEiXdqRBjTl3w-CUaT5w01bCJWhkRqhxezIU6dczweyVnfZpIelC45zN_pCUC_ho4oO47U8FA1nM4sw0v2kLkdsDmKN7fQmRcvswcAlztpUUIIHO8fVUn9uVAePz2BhlRrNcVRdlUibF2AaGao4hut5AYC2wAq4F9j4bY6Kq7PxPJkhVOar9gHjbC_AW_dJOtUciyBWTseWleXKcib2GERF-25d-sxCGA5Y1ABnNrxz3ktnrV3XB6Act02ziVEsG6o6jlJNv0zYo93MLyfGANNS9Z2pRrn9iVAwzWBP7miR_a6MaRydDER04_68re-d8PLy6yPki5RtZ9QptqXnAXRQsIBGRzAkJ2i1NiSK9WYrbpio0kAviNQU2bI62DMJfS9rzBsIFRBQ5jHKAjURKHVDwT-Iasx0-RuEnndSkCga0DCGF1P0n9evyvVBWx5LJMtuCEcIEyK3u0MDcfGnJU8YWpmJC9Z0zZ3-QQR4WPEXcXK1RUJDe1TtswBUdR1l5bZ7NWkgi_QV7bZir4C6UorG9NBQzjs_m_gUHUWL3Fk729Jc045HUziuCtg5GueSVtgrUV31jgoLZdEpzQObEsXPuFwAK6DwhgfwUpiFOMRu3-RUsuJipC0PeGkwv8dyzyvD7YY86nkzda4p6xska6f_I8pQFrcyLY9StSmftz10HZEgO3SZR9wsN-MkPBZZtH5WsW_Ps_pbeVyZWg5m2I5Y7min-ZLfFDCed-4scelwUfvuL42T-2pcnA_902VDpuLI3hL03e95PUKa6L5mqBNt3R7BOPnvWQtxL5twTABALBbtJvhQIskl--sh8X0LBDd8Ao_h_6Cewl8YWiWpaNFyiRJX-bGI6ygl9X7-pWYTk07U8eUuju__NNdaR0TlErFYfQ8jpl0MuJLtDU6YuEWSVnYKWxrJQPbBNmwAhHta2HAdHXlQuBRIvPh4HhMy9GxG5VcN0FhtF4T5--nu_W39090LShtegB2GeliP7r2112ox5KSpkP4AJHfwLxMXsW2PtTOSFur9HKehq4G7yr6xC-_6GNVr8nKfYWX4mQOhKdxxbWoriLTQZwNN4AiJ3zrjMKQO6o6TYdrehZlFEAnafw&cid=CAASFeRo0BYM0R--ohYS8PnLPUIkZ7Q1mw&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:44:31 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame B4A5 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:44:58 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1143
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESED5ldxNfYbLV380gBBv6x8Y&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESED5ldxNfYbLV380gBBv6x8Y&google_cver=1&__user_check__=1&sync_id=a4e24c10-fe5d-11eb-ac1b-1669d4c90506

43 B
548 B

71ms
71ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESED5ldxNfYbLV380gBBv6x8Y&google_cver=1&__user_check__=1&sync_id=a4e24c10-fe5d-11eb-ac1b-1669d4c90506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPahSxC09N8BGOGZoKgBMAE&v=APEucNUH7IhA0RLeeyq2Dlbj1SAoMOpK6XMl-snFnPvmGegTXLFNNLR3BGLKPPOyMebPPdvs5CBiS94XLb9KyVVsRvB2_3OVmQSxUzvdlwkNfEtQEKPPiKbglHNK6gepi19URa1avVTvcXpGs2j8bF0zCgqCoVcjU_bUlsUcpCZC9CH0cEPOFCEjduRfJqGx_6Uv833aB5UBcqVCWv9eseuatq_GFECBsg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 06:46:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 59
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 16 Aug 2021 06:46:11 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESED5ldxNfYbLV380gBBv6x8Y&google_cver=1&__user_check__=1&sync_id=a4e24c10-fe5d-11eb-ac1b-1669d4c90506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 127
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1143
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTRkODU3ZDYtZmU1ZC0xMWViLWE1ZTMtMTUzY2Y5YjAwNDA2

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTRkODU3ZDYtZmU1ZC0xMWViLWE1ZTMtMTUzY2Y5YjAwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPahSxC09N8BGOGZoKgBMAE&v=APEucNUH7IhA0RLeeyq2Dlbj1SAoMOpK6XMl-snFnPvmGegTXLFNNLR3BGLKPPOyMebPPdvs5CBiS94XLb9KyVVsRvB2_3OVmQSxUzvdlwkNfEtQEKPPiKbglHNK6gepi19URa1avVTvcXpGs2j8bF0zCgqCoVcjU_bUlsUcpCZC9CH0cEPOFCEjduRfJqGx_6Uv833aB5UBcqVCWv9eseuatq_GFECBsg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 16 Aug 2021 06:46:11 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTRkODU3ZDYtZmU1ZC0xMWViLWE1ZTMtMTUzY2Y5YjAwNDA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 122
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 1143 0
446 B 20ms
7ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 vsEzk5A3B.png
video.seenthis.se/v2/creatives/E07mgBZ1-4/assets/ Frame 06BE 60 KB
60 KB 50ms
50ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.seenthis.se/v2/creatives/E07mgBZ1-4/assets/vsEzk5A3B.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/806470185313909614/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8f9164ed6c6e21cc330a2ac7b82055f868b272e7d188242604cbf043cd1b6881

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5lYRJo81DKOCz8ZY92bPX.WOaMijEC.D
via: 1.1 varnish, 1.1 varnish
etag: "2721324a604e0eac23f0847bcf3144b4"
age: 508727
x-cache: HIT, HIT
content-length: 61198
x-amz-id-2: W0221GXnWxgsdydU6e5l8s2c29CxduVK5jSkcU2PobQtRN6r3EcjyfzhAPDGSlE/QbUGYTgG9es=
x-served-by: cache-lcy19241-LCY, cache-hhn4083-HHN
last-modified: Tue, 10 Aug 2021 09:27:05 GMT
server: AmazonS3
x-timer: S1629096371.453596,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: HCYR3QR92P440H5Z
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1, 25

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 2F82 196 B
371 B 230ms
69ms Script
text/html 52.214.0.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fja.nex-software.com%2F&pcode=pepsicoessadcmdisplay526849686825&ord=1629096371439&jv=1701567634&callback=BrandSafetyNadoscallback_31773713
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pepsicoessadcmdisplay526849686825/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.0.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-0-210.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 6c32235029e883fd1efe53f37d429afcb7c941f924f4c3a1d60eb2df0e812157

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "6c1c1204d1a572f7794fcf65cb2b4365a19c4663"
content-length: 196
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 75ms
73ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PEPSICO_ESSA_DCM_DISPLAY1&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&m=0&ar=4790001-clean&iw=27b05f8&q=2&cb=0&ym=0&cu=1629096371439&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11091365%3A26207213%3A310709867%3A156001848&zMoatENV=j&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&bo=7097053&bd=nex-software.com&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&gw=pepsicoessadcmdisplay526849686825&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A164%3A164%3A0%3A159&fs=193790&na=1693223574&cs=0
Requested by: Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 f.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/f.png?1622176049317

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee3bcd3fc6f57af647ef4b5eae9799dd0f013551eb7f2617bca248783afa4514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:34 GMT
x-content-type-options: nosniff
age: 241477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3095
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:34 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 84 KB
23 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bdc765cdf60ad3afa552eb62a0d49953dee79420772a693f18ac5cd54c4ad8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9080582/1620388878311/300x250-rozchodniak/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 23469
date: Sun, 15 Aug 2021 07:38:47 GMT
expires: Mon, 16 Aug 2021 07:38:47 GMT
last-modified: Fri, 07 May 2021 12:01:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 83244
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B4A5 0
24 B 63ms
63ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNgmNwOTFE4GP-fzSRr-1bUQH2_0XXd6sjdfj-Pkz7tVqW0WT0qdKKHSCz_VJYZgvUdoah32omdlWQgdqnNdYS1wg0On7VBjLD3Ld5NmhuKesUq18V6zR6-um6YWSX7pQRNU7zxtfbw2jYMd-9zh-AC0cYqKOznmbA27FsplqsC0D7hgnlK_2FEj9Ac8HgQx0ETZzZDn8Im1iP67QBJQLq-r0OWKaxnqmjFUHryV1htKhPAF4sBD5-NjXkufgvElba-6YV2BDCIBrlDSzQVJfO9-lxDa1_5VGlByrEg8afuYhd6WFLYS8VkjPx6-x07v2tfdVPCgKoMCQZStAhKnxfaacG1Nx9okQss3nAZ4pzr0802rIX1yhsiz1vVfYDVIcHP-t4G9quRthzXTs-JMQDJVxcg4RU3yyye4C5OondhK2w4FWHanMmsMofLqJdzPH0V9XRmo64DZOPk8FnCDgKZcUpc9-cIUfTEgtr53NJKtVqaHZbCxMvUq5lTCt9qavSyWj3ks6gWowfw_xDFDYkTtA8TjIGXc1OJM77hWfd8iBM8eCe4BY_mS7cfJqAFSGy5N53w3KmK0PVLQ9H1EupJf0gDVhkP9O95u5bmVxY3SEdFrbGrdQ06I8HPyRZ8qTm-sPcbBpE3Oj5lMGs3VNVeaUidfgA0Nuo078wwHxJHIU6XPWdLNUzAI19Gvq7y1JrFIACHHGk1sZxPpCZGrl0pUzdESuGOeCwDeo3RmtlilIQoynzgNWV9PcdqdmcJK2f70i5V50GjHKrhds_R-5dgNrV8sWyRRm-S4bTadeqWmkt4wZV88j2xVWT_gy6dKSPVMTDGT4QgjsCL0NHUy7uQnokXEMnlIyuWVOVLVrNzu142oJ--p5ga1URqouQQsTuK0W5Z7NbJQHUQ_7ypiK1y1yqBBG2CmrwIjatS3g8eMqa89VhLzxIIRw9QeGc82ijZOAQbjBeA1PTAr00wFFgTjyTZbw5kCK62WX4H6sWa7DH72JvL2FA0vrP4wd_ex6Db1j7jHwAR87lIcEYVtU-Os8D50Dhz03TOg7Ic0XwPbqH8MPLwHQr3kY2hmr4IptAo-zcJX3bFX7MWIwdF3NvrFHKDr6aDY1W4qBxP1QdllcPuja79tYUWFOWwmPgJFtjGkImcuip4crVwYC78XO9Aiaxp2BNKl0dPUebTBGFe--OIpd_N0bhJEOPYJ36XfqQC2xeDA&sai=AMfl-YRmcEB2fKas4ll230wMwBRFPNpyDm_oHgKpFKn_znpvI8fxQYphHquLBaKgm5Dpt8vP4L-6kFF8JY07xRsrHK5OUpbqF0SmZVBY__8FTHCXyYegPt3JYSUG8snJNFKPPm2l89NowMFANKuTya8CZ6dmT7iyuINgPGFFYTk&sig=Cg0ArKJSzGYjmtWvOI61EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=150&cisv=r20210809.79687&adurl=

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 16 Aug 2021 06:46:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/13/ Frame 06BE 43 B
245 B 51ms
49ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/13/1?_=1629096371560
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096372.581801,VS0,VE4
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 5gNIyEeyRpmkIDyAeJI8soRwpB-ygaGQOLOrfPu6WEDw4V14hRgL1Q==
x-cache-hits: 0

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/14/ Frame 06BE 43 B
209 B 50ms
48ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/14/1?_=1629096371560
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096372.583085,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 4Jn4L2_7lQBxy5ClsT3VQFFTnf0F1U2-TrYRJK6YPpIDrjNwGYQjTQ==
x-cache-hits: 0

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/15/ Frame 06BE 43 B
209 B 50ms
48ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/15/1?_=1629096371560
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096372.583237,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: lJttsKULG8Dp388G4PEy8_oGO-k7WVOBgJ9hw8MXJ3rmSJmXSB47Hg==
x-cache-hits: 0

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/16/ Frame 06BE 43 B
207 B 50ms
48ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/16/1?_=1629096371560
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096372.583348,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: kU1jISyaZKP4cufmDopZHBq6cLf-2ExlB9Bcs0w7aik820RSfqI8Ww==
x-cache-hits: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03F4 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIUAYsgkaYaD_Oe7J7_UPnPiN6AoAAAAAOAHgBAI&bg=!SEulSw_NAAbOj6irzo87ACkAdvg8WjyAr_na92ybeWrEr0MrmKo_QJJQSl3ZeQixb2qhXG5lYX4DNAIAAADTUgAAAIRoAQeZArzWLtpKJzF7fboE8a6vq2HwBNFkha4c3eo7j04mzLK9KQI7bZzhsctP4EgdgYqzB1ATqpjTQx6Ykx4Cmrvt7R-RuM2aJNWRJvhCdgnTfRFkh2U3KjMQcfw5KOfTxsuk-geOJhMA8QlRfDA0OB4Bc-24EXfNQ6rpV99gPt-WyBOwVpNpyLpcXFDb90GaIQCBw58SOtjuj_VXVgakxK2gPrZfPmGJz9vJO-FLTtqKZggmlXcTHTqDSJ3IszTOtGulc8HpxFRIN7_pyseNf4FiQoONPPnlbF5ruDiVBAHwDRHOU3XE0eDQD_QkdGM3gJcZ8w4FHES7SGB0yAqCCYHZmIxgA9RxX3VGFSN1wdGuNPESlD7AzbbYyaCfycZ3MNYCc5Fj3dSi4KP9W25mzv5BLYoDfoJUSva17YxsLEwpdcfxVH2zo-LFzXa0Hzru7KUF4QM2RnkEsMgi78yRzHe5q5loh1Mw61VQEr0X2im3wme8A4rEzpsFlHZFJWE510rbE3y5ykw9hTkAb7HMTG-fQOd2-gYA4tH6La8BrTZwjMqKJXdoInFLvPL39MYUNBCNOinGGdqdSOqipVM9SW6lQmXoWOjTNmI5eV6eYUaALFay4cua86Lc1WK8vCb5GH5g5HYN6vGlgkH24jyR24ICNwcxDywwtlSBGQUBEGyWgPbjrqttPVHRCuIYcAm1QXjQ0MUO3xJVJXwiof89UkHLBFtNd3B57QGEc7UlQ1KseMQsXce0nVdYBz_u8GihRqAHIa809qk4faEDJw8_1Eos0eMyuuHoUwrFmwdehT8eHe66QbfRUS-fTCd6kkxas3iQuUXGztOgqgbNULbTC51U5npVQomocJj6XW8LcvFf_l_NuNh_8Enah22TJmrTjT1WYfUnbKw_fCy9CspXQIwEyAn2C6cVLt-r9HI_Adls

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ff.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ff.png?1622176049317

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f84a3ddcaa090081cd299bb3ec8f75a4706b8c9d7641a3c533e0e310a1239667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:34 GMT
x-content-type-options: nosniff
age: 241477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5233
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:34 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B4A5 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 09:43:49 GMT

GET
DATA 200
OK truncated
/ Frame B4A5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c17e9cd4e3e092e526f81e1cfed6fe111906a6d5ee4606bc72e759acfebc1dd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F82 0
23 B 57ms
55ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 playlist-stream0.webm Show response
video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/ Frame 06BE 292 KB
293 KB 48ms
46ms Fetch
application/octet-stream 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/playlist-stream0.webm?range=0-299214

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4607f371f8e2eebef757691486fcbcdbc5d42d77c16bc7b40a84529b3edbf73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xOvOfRCpD6AfB4XtUyBl6526_Ojn0hLd
via: 1.1 varnish, 1.1 varnish
etag: "3ab92c3cd1939ecb410ddc7f203de9d5"
age: 502694
x-cache: HIT, HIT
content-range: bytes 0-299214/2806368
content-length: 299215
x-amz-id-2: Iw6tW5D2N7r/02Sx93+YMXNmJroQDPoXSQOL81ybYadU5hXZrgL6wfX6hdZzA7aZ+umSNx03P3o=
x-served-by: cache-lcy19243-LCY, cache-hhn4029-HHN
last-modified: Thu, 05 Aug 2021 08:51:45 GMT
server: AmazonS3
x-timer: S1629096372.635060,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: ZYZBXHTB5DFHT5VC
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 0

GET
H3-29 200 i1.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 10 KB
10 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/i1.png?1622176049317

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c306f4e5a9774d30b171e5a1440e7721167efaab03aecda88b5de0e293f66f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10360
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 71ms
71ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F806470185313909614%2Findex.html&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=69&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A164%3A164%3A0%3A159&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=51&cd=0&ah=51&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=236128376&cs=0
Requested by: Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 89E4 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 15 Aug 2021 12:52:26 GMT
expires: Mon, 15 Aug 2022 12:52:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 64425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 732A 28 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 09:13:58 GMT

GET
H3-29 200 i2.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 5 KB
5 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/i2.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f434917986692fee0c3a2ac583712ad13ad0995e9406c71f93ce3f86616cb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5481
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/4/ Frame 06BE 43 B
321 B 130ms
129ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/4/1?_=1629096371661
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:11 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096372.683111,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: gvqfgKZhO7EILRB3IHXq4G0GMVYIo8JzNn0gIGxEtgxUgnHJ4cuyJg==
x-cache-hits: 0

GET
H3-29 404 null
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 43 B
61 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:40:36 GMT
x-content-type-options: nosniff
server: sffe
age: 335
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Mon, 16 Aug 2021 06:55:36 GMT

GET
H3-29 200 Kontodla.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/Kontodla.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

546054264cec5641c643b2754bd69e299e1f5345ddd1e24eb4058fdf710894c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B4A5 0
23 B 76ms
76ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 93ms
92ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=218&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A0%3A159&aa=0&ad=78&cn=0&gk=78&gl=0&ik=78&ic=78&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=51&cd=51&ah=51&am=51&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1674484849&cs=0
Requested by: Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:11 GMT

GET
H3-29 200 bg.jpg
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 50 KB
50 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/bg.jpg

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf970df4b4e1278c1179077850c649ea894740b1ff3e88103e7350e716efa87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 07:45:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 12:01:18 GMT
server: sffe
age: 82849
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51319
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:45:22 GMT

GET
H3-29 200 yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js Show response
pagead2.googlesyndication.com/bg/ Frame 89E4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9db938215f2ff34f7d14783a3dfeaa79c4d787d7c2db6eeb5fbb9fd48450056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13302
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:48:26 GMT

GET
H3-29 200 nota.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 30 KB
30 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/nota.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb98e06edb3a68adeff7e74efc0ab2386ed027bc9dd6baadb3bfc2e45b34d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30972
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

GET
H3-29 200 nota_BTN_CL.png
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/nota_BTN_CL.png

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d53965a324df92ae7583fe63f047161889a1566ea41b6c5f86281046d0d3e962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:54:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 12:01:18 GMT
server: sffe
age: 75115
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1558
x-xss-protection: 0
expires: Mon, 16 Aug 2021 09:54:16 GMT

GET
H3-29 200 nota_BTN_bg.png
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/nota_BTN_bg.png

Requested by

Host: 3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
URL: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e4eb2f41ac8790f1e6eb3f597219332bcd17206415276a8fe41584e650a50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 07:45:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 12:01:18 GMT
server: sffe
age: 82849
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1544
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:45:22 GMT

GET
H3-29 200 OCT201.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 14 KB
14 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/OCT201.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603ec40ec354c82a4f558b1c607e4429d938737cf5f67de09121afb008e09913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14549
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

GET
H3-29 200 nota_BTN_bg.png
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/nota_BTN_bg.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e4eb2f41ac8790f1e6eb3f597219332bcd17206415276a8fe41584e650a50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 07:45:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 12:01:18 GMT
server: sffe
age: 82849
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1544
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:45:22 GMT

GET
H3-29 200 nota_BTN_CL.png
s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/ Frame 732A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/nota_BTN_CL.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d53965a324df92ae7583fe63f047161889a1566ea41b6c5f86281046d0d3e962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9080582/1620388878311/300x250-rozchodniak/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:54:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 12:01:18 GMT
server: sffe
age: 75115
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1558
x-xss-protection: 0
expires: Mon, 16 Aug 2021 09:54:16 GMT

GET
H3-29 200 p3.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 18 KB
18 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/p3.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d885065799e9b3c91f79691c90d03df29b028e378f9bfd8fa53cf5d8b17f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18582
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5622 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMKx3sgkaYf3eM5e_gAeh5aXYCQAAAAA4AeAEAg&bg=!AQKlAkbNAAbOj6irzo87ACkAdvg8Wi-MeHm6LDFE6DB1EYB_M0B-1FaDuIFfwqN9cDiszr_Dyw9UjQIAAAFLUgAAACtoAQeZAs-bgGTGrgvNtxiw9weTbiVRfVTzadtA-YPZvwJkTzPCJcMl54s4meGbwdDgYdY2S-ZhMF8dLwzZYi1MKEl12mYvuhlCe-v-dO46dXzg1GjjYkdGh2xM7G4YgCT2s5AQJWifdLHHw0PMxB-oJiyp2Zy5wXh6BMs4AWtWk9tUOvVb05Ep7t7nQCXyi3e7G4U4mIxeOj5__Ca9R39RzSu5kLsj_zmyBEDG9GFkgjQWW3N887wdbPuQY7WRrRmUOhGNC6ClrgLq56tdNXL9G8LBm1M51yQNeyuHFASaitdPsTsrzBMWZNk_nrfan_i08zZNcIzE6fCGd3CUdtYOja31_Z2MI6R9lbuH9XzrO0pJK2J5TrkWpU9dAaS4cQbJHs7jDvFQe12JgiNx4u9JAyMaEMSOjiEuORTp9p6ugaJQKDSgUZAnmgAbWbLGVRBvm_LQLWYHHlRCqH7TKu8PKFGTS0AIwlC5ElF7lkIvotYUBCXawQs8y851EeofTPieN9MVo1ij3PKK4wV20pNd_AXpqervEqXNZW4ma6zjRyT-EVIPidUftvi8Ung6rem32NPCNNR9p_adgGr8rMP31pKLYmtNTA34NhxfY3Lazv5EfSgXzjBy29S-p_8zWOZoIsHbgpUrurjOuRA98ljzYLB1zTH_ZjjUFdSvgxbRC2a3YIiPt_EevapHtg5ytwJB8Y_v51ep7CqXFtdVw1JSMFbXX5zUv1O131dUBTq-Kka8xFPNavZ_-G7HsQBcv3ILu78Q7SW0Ngkrhl87IS1tB9fu-8LccuR3eg23EZjhx1dCJMqNMqbE9VpuVM-lncM7uaR1sj4k1-ZsSsLOXlRbtbs0qaCsqbHezHnKd-0OioAlXdTpepTawqbym4eUxP30pYCfk4XrwDnA9XAQcjuy4JjuW_2_2zHCf9uzFYIQyJ2ESnUuxSiuOD8iF50oQMPaQd2wtw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 playlist-stream0.webm Show response
video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/ Frame 06BE 326 KB
326 KB 62ms
61ms Fetch
application/octet-stream 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/playlist-stream0.webm?range=299215-632896

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6212b1f43652c227a33dce11e92e72be15f05fe1b28ec65f51641eb4647f9f96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xOvOfRCpD6AfB4XtUyBl6526_Ojn0hLd
via: 1.1 varnish, 1.1 varnish
etag: "3ab92c3cd1939ecb410ddc7f203de9d5"
age: 502694
x-cache: HIT, HIT
content-range: bytes 299215-632896/2806368
content-length: 333682
x-amz-id-2: Iw6tW5D2N7r/02Sx93+YMXNmJroQDPoXSQOL81ybYadU5hXZrgL6wfX6hdZzA7aZ+umSNx03P3o=
x-served-by: cache-lcy19243-LCY, cache-hhn4029-HHN
last-modified: Thu, 05 Aug 2021 08:51:45 GMT
server: AmazonS3
x-timer: S1629096372.829929,VS0,VE1
date: Mon, 16 Aug 2021 06:46:11 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: ZYZBXHTB5DFHT5VC
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 0

GET
H3-29 200 pr.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 21 KB
21 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/pr.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34655c43a6e1ebebea1679e8504834fcd5ad8df871b3db1270d11e5e69fd3609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:35 GMT
x-content-type-options: nosniff
age: 241476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21209
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:35 GMT

GET
H3-29 200 s.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/s.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

907d32fc01d4e38d02bdfb47fe972a2e91b379261d287e9bf93bfb78347ae269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:36 GMT
x-content-type-options: nosniff
age: 241475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2861
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:36 GMT

GET
H3-29 200 z.png
s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/ Frame EE49 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/images/z.png?1622176049317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3096b675e0d5835f959aabe535d0b22a86215fe4c2706c928b2f96f3d9c24016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4831635490124904626/300x600_v3/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:41:36 GMT
x-content-type-options: nosniff
age: 241475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2801
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:29:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 11:41:36 GMT

GET
H2 200 playlist-stream0.webm Show response
video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/ Frame 06BE 334 KB
335 KB 46ms
46ms Fetch
application/octet-stream 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/playlist-stream0.webm?range=632897-974954

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ee58a6553a2add1c596a60813ea8ff76307485e0221d4562402ca1edcd6ed57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xOvOfRCpD6AfB4XtUyBl6526_Ojn0hLd
via: 1.1 varnish, 1.1 varnish
etag: "3ab92c3cd1939ecb410ddc7f203de9d5"
age: 502695
x-cache: HIT, HIT
content-range: bytes 632897-974954/2806368
content-length: 342058
x-amz-id-2: Iw6tW5D2N7r/02Sx93+YMXNmJroQDPoXSQOL81ybYadU5hXZrgL6wfX6hdZzA7aZ+umSNx03P3o=
x-served-by: cache-lcy19243-LCY, cache-hhn4029-HHN
last-modified: Thu, 05 Aug 2021 08:51:45 GMT
server: AmazonS3
x-timer: S1629096372.928026,VS0,VE0
date: Mon, 16 Aug 2021 06:46:11 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: ZYZBXHTB5DFHT5VC
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89E4 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXaKEswkaYb_tE_WW9u8Pqt-T6AoAAAAAOAHgBAI&bg=!1dal1pLNAAbOj6irzo87ACkAdvg8WuLOLXi9qEHcgEUxWU33AsQmOGyK2ZIYGWlr9SUVz7GboQNvWQIAAADDUgAAAAxoAQcKAGedH6OUtYlUWbssA4QH8pAymxEDMC6QlG9n5wBgfvpUlDoxtKuPft9zK9xlPbITEPmxRusdyOmHQuLINyZYEZs4jYonpfIeD_BPaCb39OvkYhFCR1VzTMmylr4GKkHJZMg9fmDA9pCCmQLjahRu6CpCQI0M7HM14iEsFW9eH5q0CckZh2bcYF2JEH8711FC3Qq18b6oGx1_KaniqpOTHGaYWt7Ab8uMkgeaYlF5JsYsZC5Rt7wGSgE4chqsxsQGEFRuVifP1ZnSIFgxU-gzYgeT4gpnwdJ-kCOnmnghN-AeCMZqqSymNFPRwHqBVNIAr4ClRz_u1buh9rdYE7_EjT-onSBrGNczsFM1yrhCCvtNxSV8hlMDfYpkPfG6sK4WHIoDPvhioDwViIlBKzbKww8IPiNi5qX2AycRC2oQleIzEWdDOpnTme_PI3ysBmN2d8Kn1BFFuaAvG4EdVFHqqFBhHo0G83enWBSdVY1JrgPxzhQZESWbPcN9Ih9r4yAvaceescw572In8wBm7zbmdCL_gvF5fFL3dHaBGGCFHJqYjl5g0vjszQTIt4YUfyi_cySs5bB2T1EQbu-1mympZumbXZrqXZ6bJ-I-s1e0VROjq7JQZEyWlGuE1tK3onume-1KiC4Ijd5MdTfxAhMdiWSw8rmC_hoSfAFAw7jZcd5TcERJz3UsjiNpT13aunAp3o87lGZfmBm7UxCLOwXu0vypbDR-zunmaLeBthi6Or3xPQn-L5X5Ty2gqAwQ51vzH1Ff6c9XAuXfE_pqzuAtRBl8T72WEEGtyfr89ZP-ArQFQ1JCSDwnkMu3mu-BL4eP9keXfBZcV_1srx7JF7kFEEXY_7-lAFr-kQV-0ggYu_w3AeewapANCGgkBOq1oBdUv2lNbM5CGcyyhGEHmjPnvTXzdVZHZ77a3kxn5pnK5BSrsE9TBeV-lfRp_WaghKoQXrUWs_zmsfk16Wzsznh4P92Z3m5D6KPBzBOM8Dm5o092wvFpC7XnGkb4B5A6Fy3ysvoxzHgN6IAFfq4Q3_xA0zQ1MENkVni9_AI9Hi5k0JCvxeZoNyI2sKuiYCW-4j3LphgnhMt7H6O89OslhX8JqyIR-teYYEgkO_EoP3y-Aw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F82 42 B
64 B 24ms
23ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAZ_GSHvjCu3uisrneg6--pGl-ML-D5EI9LDoNzvm5J0QsrXyjcycI6FUd1iHEjQ--oSdnAJHy8YvCfgWBEAncq4u1eiHbjI-kLvkG2jHkKHd0&sai=AMfl-YRYYgSJH3JDNah5G00dmr_9hgdnIoWd2x05Fa6sccpQ7RspLIvh5TlbMjnRfUlemXR1nlhAwTClcSadmxyQ6TqsNmL7V5SF5i_Wtq4mEkQVBHukVlaoTi7OgigIV1JR&sig=Cg0ArKJSzM7bkwH5PuWaEAE&cid=CAASFeRo35ZemVz1Vut_Aaebc19r_qM99A&id=lidar2&mcvt=1006&p=398,1134,429,1175&asp=398,1134,429,1175&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1840644434&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629096370892&dlt=25&rpt=155&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/66/ Frame 06BE 43 B
353 B 48ms
48ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/66/1?_=1629096372382
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:12 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096372.403429,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: wA8l5SVNNamspBM9oc_D8nbJF6cS_IwlxCE0RRExwBLvxdkKFCy2Sg==
x-cache-hits: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4A5 42 B
64 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT_kGObR3Ixe6n6rRfKxsLy6uVhSruw6_sltgCc0tx0Tx_i9LXwxSmqWw0MhXusPZZY5sE9dZU5KF19VQuzImoHrKREpAlP_YYqSx8l5SRM-8QcPu7RP7CplFkrw&sai=AMfl-YTIbzoI8zUhEOD3eiyQN3i3otMI6wAeZHw0p280ohRgn2fBpwTxQ_jiBZlPDnCLZshpo6CFxFACiCvVukonruJ25Pt8_tjfe-FixYZXvJmCpPRndf6cZ02TPoUbi4yx&sig=Cg0ArKJSzIAz5KKI-M2qEAE&cid=CAASFeRo0BYM0R--ohYS8PnLPUIkZ7Q1mw&id=lidar2&mcvt=1001&p=750,1123,1000,1423&asp=750,1123,1000,1423&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3810687761&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629096371279&dlt=19&rpt=310&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 72ms
71ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=1268&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A923%3A159&aa=1&ad=1130&cn=78&gn=1&gk=1130&gl=78&ik=1130&ic=1130&ez=1&co=1130&cp=1057&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1057&cd=51&ah=1057&am=51&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&gv=gs_tech_computing%2Cmoat_safe%2Cgs_tech%2Cgs_business&tc=0&fs=193790&na=1540187643&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 76ms
76ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=1269&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A923%3A159&aa=1&ad=1130&cn=1130&gn=1&gk=1130&gl=1130&ik=1130&ic=1130&ez=1&co=1130&cp=1057&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1057&cd=1057&ah=1057&am=1057&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&gv=gs_tech_computing%2Cmoat_safe%2Cgs_tech%2Cgs_business&tc=0&fs=193790&na=1842851023&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 72ms
72ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=1270&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A923%3A159&aa=1&ad=1130&cn=1130&gn=1&gk=1130&gl=1130&ik=1130&ic=1130&ez=1&co=1130&cp=1057&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1057&cd=1057&ah=1057&am=1057&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&gv=gs_tech_computing%2Cmoat_safe%2Cgs_tech%2Cgs_business&tc=0&fs=193790&na=1905827129&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:12 GMT

GET
H2 200 1 Show response
t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/67/ Frame 06BE 43 B
246 B 48ms
48ms Fetch
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23eoxjv6o3p84eq1ih42hmaprzj531uode29626848dt8735rgniab8vny4hmot92nki76sbapylo7hf4b3rr6c398c1xavm52td36iokvfjesimtb1ncf1cefb52qg1mq9ym0ohjvmmia7w1p3q/67/1?_=1629096373382
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:46:13 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront), 1.1 varnish
age: 0
x-cache: Hit from cloudfront, MISS
content-length: 43
x-served-by: cache-hhn4029-HHN
pragma: no-cache
server: AmazonS3
x-timer: S1629096373.403335,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: z8vTtDfZF-YXRg3D78dBbgVw1sMMKREANeBrUrv4CQYKaEEcgjNbzw==
x-cache-hits: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 19ms
6ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=5307&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A923%3A159&aa=1&ad=5168&cn=1130&gn=1&gk=5168&gl=1130&ik=5168&ic=5168&ez=1&co=1130&cp=1057&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5093&cd=1057&ah=5093&am=1057&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&gv=gs_tech_computing%2Cmoat_safe%2Cgs_tech%2Cgs_business&tc=0&fs=193790&na=200576148&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:16 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 6ms
6ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=5509&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A923%3A159&aa=1&ad=5371&cn=5168&gn=1&gk=5371&gl=5168&ik=5371&ic=5371&ez=1&co=1130&cp=1057&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5296&cd=5093&ah=5296&am=5093&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&gv=gs_tech_computing%2Cmoat_safe%2Cgs_tech%2Cgs_business&tc=0&fs=193790&na=844937750&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:16 GMT

GET
H2 200 playlist-stream0.webm Show response
video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/ Frame 06BE 356 KB
357 KB 33ms
6ms Fetch
application/octet-stream 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/playlist-stream0.webm?range=974955-1339756

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e2c4f1621b993521c79017b6e15981e6ca827f96f62f5501b1dbc6e66c4d129

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xOvOfRCpD6AfB4XtUyBl6526_Ojn0hLd
via: 1.1 varnish, 1.1 varnish
etag: "3ab92c3cd1939ecb410ddc7f203de9d5"
age: 502702
x-cache: HIT, HIT
content-range: bytes 974955-1339756/2806368
content-length: 364802
x-amz-id-2: Iw6tW5D2N7r/02Sx93+YMXNmJroQDPoXSQOL81ybYadU5hXZrgL6wfX6hdZzA7aZ+umSNx03P3o=
x-served-by: cache-lcy19237-LCY, cache-fra19165-FRA
last-modified: Thu, 05 Aug 2021 08:51:45 GMT
server: AmazonS3
x-timer: S1629096380.755511,VS0,VE1
date: Mon, 16 Aug 2021 06:46:19 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: ZYZBXHTB5DFHT5VC
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 0

GET
H2 200 playlist-stream0.webm Show response
video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/ Frame 06BE 333 KB
333 KB 6ms
6ms Fetch
application/octet-stream 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/Q0Xjk4CUZ/vp9/800/playlist-stream0.webm?range=1339757-1680755

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/75/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

00965e18269ed5e22417b387643e323f9973b5b875a49924533f135edd22d36b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xOvOfRCpD6AfB4XtUyBl6526_Ojn0hLd
via: 1.1 varnish, 1.1 varnish
etag: "3ab92c3cd1939ecb410ddc7f203de9d5"
age: 502702
x-cache: HIT, HIT
content-range: bytes 1339757-1680755/2806368
content-length: 340999
x-amz-id-2: Iw6tW5D2N7r/02Sx93+YMXNmJroQDPoXSQOL81ybYadU5hXZrgL6wfX6hdZzA7aZ+umSNx03P3o=
x-served-by: cache-lcy19237-LCY, cache-fra19165-FRA
last-modified: Thu, 05 Aug 2021 08:51:45 GMT
server: AmazonS3
x-timer: S1629096380.780430,VS0,VE1
date: Mon, 16 Aug 2021 06:46:19 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: ZYZBXHTB5DFHT5VC
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 0

GET
H2 200 dc_oe=ChMI_f_08_i08gIVlx_gCh2hcgmbEAEYACCmj6dK;met=1;&timestamp=1629096381618;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame E72A 42 B
515 B 143ms
59ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_f_08_i08gIVlx_gCh2hcgmbEAEYACCmj6dK;met=1;&timestamp=1629096381618;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2F82 43 B
260 B 179ms
59ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=6&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F806470185313909614%2Findex.html&i=PEPSICO_ESSA_DCM_DISPLAY1&ol=3762422286&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-OzzqA3PFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=1-fQ%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=750&qe=300&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=750&zGSRC=1&gu=https%3A%2F%2Fja.nex-software.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fja.nex-software.com%2F&lp=https%3A%2F%2Fja.nex-software.com&t=1629096371439&de=795583348264&cu=1629096371439&m=10325&ar=4790001-clean&iw=27b05f8&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A164%3A164%3A923%3A159&aa=1&ad=10187&cn=5371&gn=1&gk=10187&gl=5371&ik=10187&ic=10187&ez=1&co=1130&cp=1057&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10113&cd=5296&ah=10113&am=5296&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=11091365%3A26207213%3A310709867%3A156001848&bo=7097053&bd=nex-software.com&gw=pepsicoessadcmdisplay526849686825&zMoatOrigSlicer1=7097053&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&gv=gs_tech_computing%2Cmoat_safe%2Cgs_tech%2Cgs_business&tc=0&fs=193790&na=813451798&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 16 Aug 2021 06:46:21 GMT

GET
H3-29 200 dc_oe=ChMIoKD78_i08gIV7uS7CB0cfAOtEAAYACC4zLFKQhMI1Pfq8_i08gIV2oZ7Ch26PgfT;met=1;&timestamp=1629096381815;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2F82 42 B
63 B 94ms
49ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoKD78_i08gIV7uS7CB0cfAOtEAAYACC4zLFKQhMI1Pfq8_i08gIV2oZ7Ch26PgfT;met=1;&timestamp=1629096381815;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMI_5KS9Pi08gIVdYv9Bx2q7wStEAAYACCZ9-xHQhMI5aqB9Pi08gIVzEDgCh0eJA__;met=1;&timestamp=1629096381838;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B4A5 42 B
63 B 71ms
49ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_5KS9Pi08gIVdYv9Bx2q7wStEAAYACCZ9-xHQhMI5aqB9Pi08gIVzEDgCh0eJA__;met=1;&timestamp=1629096381838;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 06:46:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.8
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	log	URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js(Line 2) Message: zxnt->domain abuse ->no ads

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3419545cf0caa77ea6da03e77c74cc8b.safeframe.googlesyndication.com
ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.pl
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
code.createjs.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
dsum-sec.casalemedia.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ja.nex-software.com
js.wpushsdk.com
l.sharethis.com
load5.biz
mb.moatads.com
na.nawpush.com
nex-software.com
pagead2.googlesyndication.com
pic.nex-software.com
platform-api.sharethis.com
px.moatads.com
s0.2mdn.net
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
sync.search.spotxchange.com
sync.teads.tv
t.seenthis.se
tpc.googlesyndication.com
us-u.openx.net
vasgenerete.site
video.seenthis.se
www.cookieconsent.com
www.google.com
www.googletagservices.com
z.moatads.com
104.90.104.248
142.250.181.226
142.250.184.226
142.250.185.226
142.250.186.34
151.101.14.133
151.101.2.133
151.101.65.195
18.196.233.38
185.177.94.108
185.94.180.125
2.18.234.21
2.18.235.40
205.185.216.42
213.174.135.24
213.174.135.25
2600:9000:2038:8400:11:a4de:2580:93a1
2600:9000:20eb:f000:c:abe:f440:93a1
2600:9000:2127:a600:c:a9b7:ddc0:93a1
2606:4700:3032::6815:4aa6
2606:4700:3034::ac43:cc49
2606:4700:3035::ac43:89ba
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:26f0:6c00::210:ba2b
2a04:4e42:3::485
3.124.181.115
34.98.64.218
37.252.172.250
46.4.91.20
52.214.0.210
65.9.96.36
88.212.201.210
00965e18269ed5e22417b387643e323f9973b5b875a49924533f135edd22d36b
013c47e14f03aff976d0a5fa49c4ed1697985b4808f3cd10944bc6dd0156fd61
03fadd978cd5127773d4c08f7daf1fdafc046531e336ee6c13ce8acfa78ad736
04a81e4e6251a61b0abff929ff9db4c6b738b25c87688e7f1a809f487deec095
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7068a3a75ffa63182b6abf83959f2e19176f4bb3f6ec829daa899fbebb6de0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ebfaa7d8b7525ecbe9c6d27dfdaa0530d66a0c7c21c0d55d8e7bb9f7abbefd
145e535a116897a926b998fab94438d6902bbd6309aede144d4f4980e35832e3
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1bc51e26c297a8a915063a06cc143df43ee2e89f7fe50d45d206e349a90ae2ae
1d158259cc06b0c43a8552bb97823725b1223c0e3792648f4792a4577a732329
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
291c932d41dd3ce6478e66e9284b67268c30e269ccc5ac04678c3d7ff27db04a
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c5ee9ff3b898472dcac1ac3413239591101e7f8a009754444c6dca69e4b5005
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3096b675e0d5835f959aabe535d0b22a86215fe4c2706c928b2f96f3d9c24016
3181cc549116d3f2aa52fab012eedeb13afb329a8bcac11786da6992655f621b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34655c43a6e1ebebea1679e8504834fcd5ad8df871b3db1270d11e5e69fd3609
3602ada3b04ba395ede4bcb36e3c1625f7730e87f7edf9572695f1d76b4410ec
3686dfcc387ce3016d755449af77eede88cc7e1bd34aa42b9ac8b9431b45b1ef
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3b71a751e98699b54432e3353a510d249e259489c0f567860893a0c7b9625bda
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3cd0fdda1290d5bd464a32769870b4538383a07e833e309246c32f41582f4463
3cf5399c38a160ccbbf34bf438f3d08e9fde80f4793f5141fc04a239f48fca88
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3f116e120ba1b6dda6d5451bb53923ab79fd0961a2cdd79af32be4feb416401a
3fb98e06edb3a68adeff7e74efc0ab2386ed027bc9dd6baadb3bfc2e45b34d15
43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdc765cdf60ad3afa552eb62a0d49953dee79420772a693f18ac5cd54c4ad8f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2c4f1621b993521c79017b6e15981e6ca827f96f62f5501b1dbc6e66c4d129
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d885065799e9b3c91f79691c90d03df29b028e378f9bfd8fa53cf5d8b17f3f
546054264cec5641c643b2754bd69e299e1f5345ddd1e24eb4058fdf710894c4
56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5f0869f832627e4803ae35569eeb6ab8b126e78f3cb8e3677065b35977ad5410
5f326d425eb729c44346ed04c6d645df7674684679d2a835ab07e538c7f8a2e0
5f6c4e7f843747d499b1d32a13e34f8e59bf94a0e12e9cc34fe9caf4eddabbee
603ec40ec354c82a4f558b1c607e4429d938737cf5f67de09121afb008e09913
6212b1f43652c227a33dce11e92e72be15f05fe1b28ec65f51641eb4647f9f96
62dbb252e989c20a21ba61d700c59a7725a7908aa15f934e49f6b53e0cd111f7
66c54d0cbc6aa05c659ec675db06e6903fd48f61954471fce250e5f82fe788de
6a9340e29946511cf6151c47367404bc9d560d0e8986c7441526074442845cdd
6c32235029e883fd1efe53f37d429afcb7c941f924f4c3a1d60eb2df0e812157
70661de1d9b628d37ce7fe84c67b132a5e42db6a1e53810f054ae9f069456e93
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
7501152e7411c9cf6303c77270c724f050ac6f11ad8fa9d3d7c3518f7c80627a
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565
7b5272b8bdf44fc50c9d2069f1de9b5537dad69f47ba5f61cca799d937426f41
7ee58a6553a2add1c596a60813ea8ff76307485e0221d4562402ca1edcd6ed57
7f434917986692fee0c3a2ac583712ad13ad0995e9406c71f93ce3f86616cb07
7f7f049c381e190fa11bd2c78ea8cc331fc4ee4809c48e6948ac0164344f4168
814ecb1c88267a65c746e97a8fad8a64d0de4c77867a9a393ca94a342bce5387
8388a1fd88a90138582aae4dac1544ca29833315f487053edf847c16c9b7871b
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87fb768082a19556d5b0235b767751dead7a2b26f4b454b0cb069db6d0165dc1
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8f9164ed6c6e21cc330a2ac7b82055f868b272e7d188242604cbf043cd1b6881
900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10
907d32fc01d4e38d02bdfb47fe972a2e91b379261d287e9bf93bfb78347ae269
90cf1455f9c446dcb9132e7b24bd0bf4576064ebc9af8908b9899381bfcd313e
93e4eb2f41ac8790f1e6eb3f597219332bcd17206415276a8fe41584e650a50c
93ef8443d5c6e17b6e801b95c8fd0a96a24a1267db0b66908576e4d9f3a2f561
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
977a62a17b9e710ccb5d0535e16a3be20922b3aeb5a967c03cbb2904f86cfec9
981d66de3c2b8d93bafa96289154932abe4f71eae41ab0ca0f13774b0e2193c2
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9c17e9cd4e3e092e526f81e1cfed6fe111906a6d5ee4606bc72e759acfebc1dd
9c54994951ef8e5c137e1575dae014e6671c3924a1e4fef3f01d8026e47e1af6
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2cd5f280a099d1b3f357935bddc5f44d8e71d288ee045a4ff26cd9bb5ca0613
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab5ab9be3852796e9320aea55e9610e41c412c004da656345f472da1bb0604ae
af0753db71aceea39f9c9e7f90005b6235b78d2a179a105640d7615255efa846
af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b305086f3feeb2339f1350d03d2ee8687b1d46cd9803b961cca8e2b42ebb5857
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c1d72a01e5670415dce8eff586d0691396984166599b7b31ac72bdfde7002e5c
c306f4e5a9774d30b171e5a1440e7721167efaab03aecda88b5de0e293f66f1e
c59b55e48b935c88372c03750774b0ff484e36a0d4308ecafb2101b54b2f2df3
c976c7877b8d40385b5207e3ddbe9706f0fd0e84305c825b75d36f8bcc171799
c9db938215f2ff34f7d14783a3dfeaa79c4d787d7c2db6eeb5fbb9fd48450056
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d3655dd997297b5782d5c7a56e2e393d1f1336339427b86e3992cd19fa625db1
d53965a324df92ae7583fe63f047161889a1566ea41b6c5f86281046d0d3e962
d58f45d43c64a9e74e1c5dbcfd0e1a4f9470b3e0370acefc41cfc0413dbdf09b
d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
d836f11d380adc6112c2a9fbb07da385bb45554e22378f6ebe3eab40bc937987
d92962e8190233fca4c451e7df078c5fb2f29e617cb9765d6d03928866c07296
da29fee5e1029fbe8c55baf492094205039cd7b36debc52027985fe84404356d
dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063
e35c1775ceb9036ac2013fdcf19121a8431707a62eb1c470efaca60c88856c77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecf970df4b4e1278c1179077850c649ea894740b1ff3e88103e7350e716efa87
ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed
ee3bcd3fc6f57af647ef4b5eae9799dd0f013551eb7f2617bca248783afa4514
ee513a593bfdf11b5ad487228634ca0278032204b4c885e835a721fd4529587c
ee6f24b4864f96d6e9f11c71c7bdbd69807dc9e88459109111d04b5c5e1606e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ceb1947a75f8b24ff3e4ff0cd236d85d8a9bc96c9abee411ed838b678df13
f4607f371f8e2eebef757691486fcbcdbc5d42d77c16bc7b40a84529b3edbf73
f63a3da4ba9f0a93a6509906f8ee1b39dcdffe20ed2b31fc0b604169ea547238
f64872de90e08a3d7ea1d1ffff973fc88f983afd6d7d545d447fea5305c6fdc1
f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c
f84a3ddcaa090081cd299bb3ec8f75a4706b8c9d7641a3c533e0e310a1239667
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
fb026e62db375ae917b9f8b5161063d4c7307500ce2ee0d5a221dfee83e60d11
ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

ja.nex-software.com Open in urlscan Pro 2606:4700:3032::6815:4aa6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

201 Requests

100 %HTTPS

47 %IPv6

29 Domains

44 Subdomains

43 IPs

6 Countries

6082 kBTransfer

8832 kBSize

0 Cookies

1 Outgoing links

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

100 %
HTTPS

47 %
IPv6

29
Domains

44
Subdomains

43
IPs

6
Countries

6082 kB
Transfer

8832 kB
Size

0
Cookies

201 HTTP transactions
3 data transactions