URL: http://www.nirsoft.net/
Submission: On December 01 via api from IE — Scanned from DE

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 101 HTTP transactions. The main IP is 138.128.181.29, located in United States and belongs to DIMENOC, US. The main domain is www.nirsoft.net.
This is the only time www.nirsoft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 138.128.181.29 33182 (DIMENOC)
8 72.251.249.14 29791 (VOXEL-DOT...)
1 7 104.84.56.126 16625 (AKAMAI-AS)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 9 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.111.233.227 16625 (AKAMAI-AS)
1 216.52.2.30 29791 (VOXEL-DOT...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 54.73.238.193 16509 (AMAZON-02)
5 142.250.185.194 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 217.182.200.20 16276 (OVH)
101 24
Domain Requested by
15 pagead2.googlesyndication.com www.nirsoft.net
pagead2.googlesyndication.com
ap.lijit.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
14 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.google.com 2 redirects cse.google.com
www.google.com
www.nirsoft.net
tpc.googlesyndication.com
9 www.nirsoft.net www.nirsoft.net
6 ap.lijit.com www.nirsoft.net
ap.lijit.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
4 s7.addthis.com 1 redirects www.nirsoft.net
s7.addthis.com
2 image6.pubmatic.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 vap1ams1.lijit.com www.nirsoft.net
2 pxdrop.lijit.com ap.lijit.com
www.nirsoft.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.nirsoft.net
2 cse.google.com www.nirsoft.net
www.google.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 api-public.addthis.com s7.addthis.com
1 clients1.google.com www.nirsoft.net
1 gslbeacon.lijit.com ap.lijit.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
101 32

This site contains links to these domains. Also see Links.

Domain
blog.nirsoft.net
launcher.nirsoft.net
feeds.feedburner.com
usbspeed.nirsoft.net
www.win7dll.info
Subject Issuer Validity Valid
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.de
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
cert1.a2.atm.aqfer.net
R3
2021-11-30 -
2022-02-28
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh

This page contains 18 frames:

Primary Page: http://www.nirsoft.net/
Frame ID: 938AB7F7E13595C90B33BC9203587AAA
Requests: 35 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: E87880DD97E8AEC0767A2057C0F9CB55
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: A3F7940856E0F88B58933B75F0D1CB8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Frame ID: D236D2BDCAF980D61E2436374002E54E
Requests: 10 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 57F07986DBC3C5AB3C175CE8C918F490
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 02277CA6E7117CA43A42268980BAA844
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1638380160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1638380160511&bpp=1&bdt=340&idt=1&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4830374846156&frm=20&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: 6B8ED2E5CC22BD2F0883E1874292F165
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_701248_55a058aba6ce48918dbbf8b4afd9434b&rand=325&informer=13420689&type=fpads&loc=http%3A%2F%2Fwww.nirsoft.net%2F&v=1.2
Frame ID: B958789CB979D78CE496A6F1B5D45AF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Frame ID: 75AA52C89D3B77B5EACFBCFF69F8D637
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3FC7AC0DC5F2A418A1ABE8914E87D6DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E69B9C481986F131A26D303E382430C4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FBD2A68B5966F998AE55D6FDB31A4DC1
Requests: 2 HTTP requests in this frame

Frame: https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: F32766075A628F945F6815F7A2DF9F6A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Frame ID: 34A04D0FB740E24CA7EA31C30B6BA2C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 809544C1D3AB2F2B55B54A8C00CF536F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 495780525A8E264496569675FA39A683
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D2E4F0742FBBA084EE27FE66E04E38A9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F992F52B8EA1FE9EBF6C4454630399B2
Requests: 2 HTTP requests in this frame

Screenshot


Page Statistics

101
Requests

79 %
HTTPS

48 %
IPv6

20
Domains

32
Subdomains

24
IPs

5
Countries

1144 kB
Transfer

2881 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://s7.addthis.com/js/250/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/250/addthis_widget.js
Request Chain 16
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 26
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 88
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp&google_gid=CAESEGFOJw9_yiVtIFAiyVAJeu4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFleWdRQUFCTGppa2tyLQ&google_push=AYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp
Request Chain 90
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENM323Vv-yuajGEKEyM0YuU&google_cver=1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENM323Vv-yuajGEKEyM0YuU&google_cver=1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pLZg0MrQRBWBAP7BiSvLVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2
Request Chain 91
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGDQL3-gWNjEXB_GiFx7TDc&google_cver=1&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOVDhWQzktTC05T09Z&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0&google_cver=1&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0
Request Chain 93
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEENM-Y4-fR6jmFxITC-KxbI&google_cver=1&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi&google_hm=
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

101 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.nirsoft.net/
23 KB
6 KB
Document
General
Full URL
http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
41e75dfdd0ce9333aef4b3955360f889571d5bc4232104f1676dfe8ba0097756

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6211
Keep-Alive
timeout=4, max=50
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
main.css
www.nirsoft.net/
7 KB
2 KB
Stylesheet
General
Full URL
http://www.nirsoft.net/main.css
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 06:22:16 GMT
Server
Apache
ETag
"126d6c-1c14-59bff7f2a5600-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=49
Content-Length
1568
nirsoft2.gif
www.nirsoft.net/
4 KB
4 KB
Image
General
Full URL
http://www.nirsoft.net/nirsoft2.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Mon, 06 Sep 2004 14:43:52 GMT
Server
Apache
ETag
"126d5f-e6e-3e36ce8cf3a00"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
3694
empty729x90.gif
www.nirsoft.net/banners/
1 KB
1 KB
Image
General
Full URL
http://www.nirsoft.net/banners/empty729x90.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
00cf697b03001a7246a8e7e26c626ff8aa3bc125759bc6bb87efafe63a4cfc24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Mon, 08 Feb 2010 10:45:39 GMT
Server
Apache
ETag
"143fc3-4cc-47f1480833ac0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
1228
fpi.js?z=701248&width=160&height=600
ap.lijit.com/www/delivery/
5 KB
3 KB
Script
General
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=701248&width=160&height=600
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f1ea-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
addthis_widget.js
s7.addthis.com/js/250/
Redirect Chain
  • http://s7.addthis.com/js/250/addthis_widget.js
  • https://s7.addthis.com/js/250/addthis_widget.js
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 01 Dec 2021 17:36:00 GMT
x-host
s7.addthis.com
content-length
116398

Redirect headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/250/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ca9374746152ab486e9f31076386c566acffae5176c2e25a48cb7e58775cf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51272
x-xss-protection
0
server
cafe
etag
13334693896973011352
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
feed.png
www.nirsoft.net/
1 KB
2 KB
Image
General
Full URL
http://www.nirsoft.net/feed.png
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Tue, 30 Sep 2008 06:39:51 GMT
Server
Apache
ETag
"126d62-5a1-45817402c9bc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
1441
menubg.png
www.nirsoft.net/
448 B
723 B
Image
General
Full URL
http://www.nirsoft.net/menubg.png
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sun, 12 Jan 2020 19:55:26 GMT
Server
Apache
ETag
"1200ca-1c0-59bf6bd6f4780"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=48
Content-Length
448
sync
ap.lijit.com/ Frame E878
80 KB
18 KB
Script
General
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=701248&width=160&height=600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 18:51:37 GMT
Server
nginx
ETag
W/"6197f239-14155"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 02 Dec 2021 17:36:00 GMT
menutomain.gif
www.nirsoft.net/
805 B
1 KB
Image
General
Full URL
http://www.nirsoft.net/menutomain.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sat, 21 Apr 2007 15:17:30 GMT
Server
Apache
ETag
"126d84-325-42ea0ef395680"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
805
toptomain.gif
www.nirsoft.net/
805 B
1 KB
Image
General
Full URL
http://www.nirsoft.net/toptomain.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sat, 21 Apr 2007 15:31:48 GMT
Server
Apache
ETag
"12332e-325-42ea1225d6100"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
805
cse.js?cx=partner-pub-5286073190998405:5399172980
cse.google.com/
7 KB
3 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
87adc2972205fcb05f3a0de8249d0f2d7bcc34efc05a3a2c2f0f12e3132598f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2917
x-xss-protection
0
expires
Wed, 01 Dec 2021 17:36:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=8529
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
whatnewbg.gif
www.nirsoft.net/
1 KB
1 KB
Image
General
Full URL
http://www.nirsoft.net/whatnewbg.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
7aea3fb8ef09574f7103909575d48e51b2a930c6b3f9297d3b4d54e7e239fee0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sat, 21 Apr 2007 20:41:58 GMT
Server
Apache
ETag
"123acb-473-42ea5779b7180"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=49
Content-Length
1139
show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/
272 KB
98 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21930e751df32913c436e2da395f62465a8a71a58275c22b1b53bd663024d61c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100174
x-xss-protection
0
server
cafe
etag
11622000290716485502
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame A3F7
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 01 Dec 2021 09:43:00 GMT
expires
Wed, 15 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
28380
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5680
date
Wed, 01 Dec 2021 16:01:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 01 Dec 2021 18:01:20 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
adcfg?zoneid=701248&tid=04bd6b33dd064d4db5799b39f76315c75883f9a9&mode=1&dmn=www.nirsoft.net
ap.lijit.com/ Frame E878
159 B
535 B
Script
General
Full URL
https://ap.lijit.com/adcfg?zoneid=701248&tid=04bd6b33dd064d4db5799b39f76315c75883f9a9&mode=1&dmn=www.nirsoft.net
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
6698880531eb4b810defe18a1853db95cddb1ed6a52c80d34c02c1ee2e0419aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
cse_element__en.js?usqp=CAI%3D
www.google.com/cse/static/element/54e62135847a1703/
300 KB
99 KB
Script
General
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 00:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101668
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 28 Nov 2022 00:21:19 GMT
default+en.css
www.google.com/cse/static/element/54e62135847a1703/
41 KB
41 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 00:21:19 GMT
x-content-type-options
nosniff
age
321281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41765
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 28 Nov 2022 00:21:19 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 01 Dec 2021 18:13:05 GMT
addelivery?zoneid=701248&tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&cb=undefined&mode=1&ifr=true&od=www.nirsoft.net&time=17%3A36%3A00&fd=1&be=cr&loc=http%3A%2F%2Fwww.nirsoft.net%2F&orig_loc=http...
ap.lijit.com/ Frame E878
1 KB
2 KB
Script
General
Full URL
https://ap.lijit.com/addelivery?zoneid=701248&tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&cb=undefined&mode=1&ifr=true&od=www.nirsoft.net&time=17%3A36%3A00&fd=1&be=cr&loc=http%3A%2F%2Fwww.nirsoft.net%2F&orig_loc=http%3A%2F%2Fwww.nirsoft.net%2F&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_701248_55a058aba6ce48918dbbf8b4afd9434b
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
8e5f7bc202d841f3ecb3fa5794376f92bbe1e4546b9c3f544661f220f0b72931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
866
cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405
partner.googleadservices.com/gampad/
201 B
635 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7aac698d048a02cbc59bce572e99b52846641a8a9c79eeb00693c3ca91cb6bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js?domain=www.nirsoft.net
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js?domain=www.nirsoft.net
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
www.nirsoft.net&dtd=86
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160... Frame D236
96 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b708afa9fb144214958e90f0e87866d8a06ea7d2e41bca0d587d94698f80878b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
30965
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private
__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20...
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSof...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSo...
35 B
54 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason
HSTS
_ate.track.config_resp
v1.addthisedge.com/live/boost/nirsofer/
27 B
207 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/nirsofer/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
content-disposition
attachment; filename=1.txt
cache-control
public, max-age=7, s-maxage=86400
content-length
47
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
300lo.json?si=61a7b2802c1c57ca&bkl=0&bl=1&pdt=360&sid=61a7b2802c1c57ca&pub=nirsofer&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.nirsoft.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=...
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61a7b2802c1c57ca&bkl=0&bl=1&pdt=360&sid=61a7b2802c1c57ca&pub=nirsofer&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.nirsoft.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=freeware%20utilities%2Cfree%20downloads%2Cfree%20software%2Cprograms%2Cpassword%20recovery%2Csystem%20tools%2Clost%20password%2Csource%20code%2Csecurity%2Cwindows&colc=1638380160508&jsl=32&uvs=61a7b280da21346f000&skipb=1&callback=addthis.cbs.jsonp__28892722628497160
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a79f1ebcca9a729ef5bad27249c51314cd700b74afb5433224a723c06871a36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 57F0
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0227
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Wed, 01 Dec 2021 17:36:00 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1638380160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fo...
googleads.g.doubleclick.net/pagead/ Frame 6B8E
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1638380160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1638380160511&bpp=1&bdt=340&idt=1&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4830374846156&frm=20&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:00 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:00 GMT
cache-control
private
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E878
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d88991f14f12486bef01b069c7c0249181e734ba6cbf499a50a1aa1d61bd3da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51258
x-xss-protection
0
server
cafe
etag
10252469858352582002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
t.dhj?dmn=nirsoft.net&pn=%2F&pubid=nirsoft&v0=271591
pxdrop.lijit.com/1/d/ Frame E878
0
225 B
Script
General
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=nirsoft.net&pn=%2F&pubid=nirsoft&v0=271591
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 01 Dec 2021 17:36:00 GMT
beacon?viewId=a_701248_55a058aba6ce48918dbbf8b4afd9434b&rand=325&informer=13420689&type=fpads&loc=http%3A%2F%2Fwww.nirsoft.net%2F&v=1.2
gslbeacon.lijit.com/ Frame B958
0
0
Document
General
Full URL
https://gslbeacon.lijit.com/beacon?viewId=a_701248_55a058aba6ce48918dbbf8b4afd9434b&rand=325&informer=13420689&type=fpads&loc=http%3A%2F%2Fwww.nirsoft.net%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

Server
nginx
Date
Wed, 01 Dec 2021 17:36:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
containertag?containerId=18&zoneId=701248&v=2
ap.lijit.com/ Frame E878
34 KB
4 KB
Script
General
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=701248&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
9aa230dfd4a638b7742f36b70af6e38b612280140c0dea3cac92662c12745aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression?i_data=4TMvhKiTWodNQpH5KaSHkfngE6YkwfQNe4NNPpE8vN_NoqUwRSSpJfozbCwaocI4rDXrjYXjA_313eppicOhDHqRkkRKU6BDG-uFhMNODWPUdnF9nqEMcscROr9kny893HNphfmbnyU6f8YjYsxd7tI_86A21kKPJ-2mPyCG4Pkawg-37hC...
vap1ams1.lijit.com/addelivery/ Frame E878
43 B
552 B
Image
General
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=4TMvhKiTWodNQpH5KaSHkfngE6YkwfQNe4NNPpE8vN_NoqUwRSSpJfozbCwaocI4rDXrjYXjA_313eppicOhDHqRkkRKU6BDG-uFhMNODWPUdnF9nqEMcscROr9kny893HNphfmbnyU6f8YjYsxd7tI_86A21kKPJ-2mPyCG4Pkawg-37hCVYYysH9s0q_uKbxyICyuFPZUlwIQnFOmd5qdUxaO5XQEwkAgzyJ3LyVILVW-_xaiY6l0N1i0nX8YTINUiA1hPdn1u3JFPT29GRG8ErVpq7tCIbgnYnfijN2WnfRv6wHZPZwgUgpGwnLW2944~&bannerid=222065&campaignid=232&endpoint=WATERFALL&zoneid=701248&tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp?tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&zoneid=701248&starttime=1638380160409&adcfg=3&adcfg_response=20&addelivery=23&addelivery_response=129&lgfired=131&beacon=134&container=135&EOL=135&c...
vap1ams1.lijit.com/data/ Frame E878
43 B
206 B
Image
General
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&zoneid=701248&starttime=1638380160409&adcfg=3&adcfg_response=20&addelivery=23&addelivery_response=129&lgfired=131&beacon=134&container=135&EOL=135&ctstart=0&elapsed_ms=135
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
async-ads.js
cse.google.com/adsense/search/
143 KB
53 KB
Script
General
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6311a15996707cad692382528ffc070374bb1a8395764c36f3808ce3eaf21ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"17748334306645903075"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Wed, 01 Dec 2021 17:36:00 GMT
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:04:14 GMT
x-content-type-options
nosniff
age
88306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 30 Nov 2022 17:04:14 GMT
branding.png
www.google.com/cse/static/images/1x/en/
1 KB
1 KB
Image
General
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:12:47 GMT
x-content-type-options
nosniff
age
480193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 26 Nov 2022 04:12:47 GMT
generate_204
clients1.google.com/
0
83 B
Image
General
Full URL
http://clients1.google.com/generate_204
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Length
0
counter.d27508c102582d608697.js
s7.addthis.com/static/
24 KB
8 KB
Script
General
Full URL
https://s7.addthis.com/static/counter.d27508c102582d608697.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5fd2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 01 Dec 2021 17:36:00 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
8265
t.dhj?dmn=nirsoft.net&GDPR_v2=&pubid=nirsoft
pxdrop.lijit.com/1/d/ Frame E878
0
225 B
Script
General
Full URL
http://pxdrop.lijit.com/1/d/t.dhj?dmn=nirsoft.net&GDPR_v2=&pubid=nirsoft
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 01 Dec 2021 17:36:00 GMT
ct?tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&zoneid=701248&cid=18&geo=DE&all_tags=185%2C203%2C205%2C248%2C462%2C465%2C515%2C561%2C563%2C565%2C589%2C590%2C600%2C604&tss=73&fired_tags=590&count=1...
ap.lijit.com/data/ Frame E878
43 B
206 B
Image
General
Full URL
https://ap.lijit.com/data/ct?tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&zoneid=701248&cid=18&geo=DE&all_tags=185%2C203%2C205%2C248%2C462%2C465%2C515%2C561%2C563%2C565%2C589%2C590%2C600%2C604&tss=73&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=73
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/ Frame E878
271 KB
97 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ff3e9cc863f83d20c73fe50ed62d43f7cfb596376cd2ecdee055df91f5a046a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99625
x-xss-protection
0
server
cafe
etag
4570675974947516718
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
shares.json?url=https%3A%2F%2Fwww.nirsoft.net%2F&callback=_ate.cbs.sc_httpswwwnirsoftnet0
api-public.addthis.com/url/
50 B
299 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.nirsoft.net%2F&callback=_ate.cbs.sc_httpswwwnirsoftnet0
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
05685f3e54a276e24f41c557542d18a27b298df513bea4e1752255dcdb68fb04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.nirsoft.net/
last-modified
Wed, 01 Dec 2021 17:33:52 GMT
server
nginx/1.15.8
date
Wed, 01 Dec 2021 17:36:00 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
70
data:truncated
data:truncated
564 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da6f3508fdb8c1fdf553e4af5556b585ba5998139afe613d56dc0d88c822bd81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu...
partner.googleadservices.com/gampad/ Frame E878
12 B
53 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js?domain=www.nirsoft.net
adservice.google.de/adsid/ Frame E878
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js?domain=www.nirsoft.net
adservice.google.com/adsid/ Frame E878
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.ne...
googleads.g.doubleclick.net/pagead/ Frame 75AA
74 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d545339066cdbcb0d7f6b001b34e2a62232d848e26c9b0b57438a745f7a0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
24398
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private
sodar?sv=200&tid=gda&tv=r20211111&st=env
pagead2.googlesyndication.com/getconfig/ Frame E878
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03335afbe7ab40d8c10a1e6b477bf4978289ec8e0eb3b9ec426a3c6252ddc9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9419
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E878
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 01 Dec 2021 17:36:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3FC7
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 01 Dec 2021 15:16:17 GMT
expires
Thu, 01 Dec 2022 15:16:17 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E69B
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09e2916d55309c0e896e9ee0597a9f1760c66062c3be473029b5825cc9c6fc01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VfPXqsQ1EaUDXZrw8qW29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 01 Dec 2021 17:36:00 GMT
date
Wed, 01 Dec 2021 17:36:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VfPXqsQ1EaUDXZrw8qW29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar?id=sodar2&v=224&li=gda_r20211111&jk=3956884990384061&rc=
pagead2.googlesyndication.com/pagead/ Frame E69B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=3956884990384061&rc=
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame 3FC7
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
75580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 20:36:20 GMT
gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=3956884990384061&bg=!vb6lvvrNAAZQLpa_UC47ACkAdvg8WrqjdJKVB79_IO5tUixNqMhj4pc3fAwdnNkHXOjW8lnead1g9wIAAABmUgAAAAloAQeZAp1wYuq9k8mkqB83IgLltemEgMvP2UNv...
pagead2.googlesyndication.com/pagead/ Frame E878
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=3956884990384061&bg=!vb6lvvrNAAZQLpa_UC47ACkAdvg8WrqjdJKVB79_IO5tUixNqMhj4pc3fAwdnNkHXOjW8lnead1g9wIAAABmUgAAAAloAQeZAp1wYuq9k8mkqB83IgLltemEgMvP2UNvi2xPD4lhlNhrKTvJqWfOH7a8Rfa0sPTmHkUCWMHpkdbjM7shRrAIyUuX1amFlT3Ff0KAX9VMqID7NIVgLKlYqWgoOH3GD93MVmy_mvZX6WOJ9TdSIKxfDVGIy2L80H96HLZ6gf-WeRfGTaerjaGhVwUjfGDSgkXmb8xJnGgmzCt4x6Q96XRzZNZz_EQBiEjHTPvfj5bz2HiAAnxyA0709wxjfj3Nf69-gO7l9ERa86oN7c5N4t1qFoUd6aJSiXX9s7FbaCmycI_3KmmKHaEooOqq1QMpt1HjCJUZpVJgKIOf9YERons3bOwtKcUmBaeGpUwRxGrfaR5Fa5ENC2QVcyh8aznhaOD3ZiHaZVxUrU8Fxf-plEmY43TH9pP_TgASm6mcJFiLLzuYGZzlBmvv87LmwwUE3iuFrWtMI9bMX_Aim6Re3uwvUJYW-JamAZ-6L5EJGQMGbaXavepLD4Q63nvnFlg5SBE1rt_kCPF7_T8zTz67C5glq8nd7wlxoLQsB2D2zpg1vrz9UuTZuhlKa10uHXoTBDU5qHrPexvM79ZRDPeGgdfR1yIPnWgxDBRteBYq-etaodebR4dEnRInBod5xjw193KsdC8XMIbWpCnOVdpbPc4PJjuc7Mmx6KTWnufz_UD9WdMxNJW8SNmBdoAVRMTiM62LMG-MIoV5xPN-6n5JovwIXoiv9Qgv64DVuSaSPfalKYpFgKK4oPCJvy41PITYP5bhZ7LO1yW52sdEXawinuiER2Jwws0zmcoIUesPMNmQkwzc_t2oi_47K8TPm1zl2mqG0ZHHspo2nP4kL_69gDMlO1lCWxoe1JRMLRGIxQH6L7Vw8h4-mgbXDh6Nf2jyzkM
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11856128442428068163
tpc.googlesyndication.com/daca_images/simgad/ Frame D236
111 KB
111 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11856128442428068163
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db5abe847651d38508de59edadb2c822e1ad996f0e2620dbca3ccb44bca2e554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 21:25:57 GMT
x-content-type-options
nosniff
age
418204
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113873
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 08:47:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Nov 2022 21:25:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D236
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:28:18 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D236
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:35:54 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame D236
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 05:32:01 GMT
x-content-type-options
nosniff
server
cafe
age
43440
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Thu, 02 Dec 2021 05:32:01 GMT
adview?ai=CgT_HgLKnYYSGILLJ1fAPmoG0mAPRncjvZt63sYPJDpq2x4rpDhABIIuL5ApglfrwgYwHoAHI_qunAsgBAqkC5XuFlHI5gT6oAwHIA8kEqgTWAU_QN7los5I3qeeXyLxJNFtI1PBf2ZaOHHZFv0uJw1PYFpgq5dInhihkkf7sNzueKkceyBqc-9Umc3...
googleads.g.doubleclick.net/pagead/ Frame D236
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgT_HgLKnYYSGILLJ1fAPmoG0mAPRncjvZt63sYPJDpq2x4rpDhABIIuL5ApglfrwgYwHoAHI_qunAsgBAqkC5XuFlHI5gT6oAwHIA8kEqgTWAU_QN7los5I3qeeXyLxJNFtI1PBf2ZaOHHZFv0uJw1PYFpgq5dInhihkkf7sNzueKkceyBqc-9Umc3Q8ZdbFbM6LMVTy4uGEwCPPDk9ysVNCocsPA-TkIwLh3ujFV3JEMcuqaDnPhSjVac_gj08Eb2e0J_-BLabsgGRe_2GvFsCuhaN1voZHCDT9Zh2X-DsugBWNnW1QmX5b26ILx7ktyTyj_as3CBLy0B4CaVFdqk-UeHZCdZepbrWYNQ7XK7936p9hdHloCVhPD7H2ojWr__O7eNBN8j3ABNiC5qHdA5IFBAgEGAGSBQQIBRgEoAYCgAeFiqOkAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENCdCdIICQiA4YAQEAEYX4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01Mjg2MDczMTkwOTk4NDA1GAA&sigh=ytq2_1lAFJY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 01 Dec 2021 17:36:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 01 Dec 2021 17:36:01 GMT
rx_lidar.js?cache=r20110914
www.googletagservices.com/activeview/js/current/ Frame D236
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 17:36:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D236
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:32:11 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D236
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11327
x-xss-protection
0
server
cafe
etag
10656063359522146397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:04:54 GMT
s?v=r20120211
googleads.g.doubleclick.net/pagead/drt/ Frame FBD2
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Dec 2021 16:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F327
247 B
962 B
Document
General
Full URL
https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
0302b924fadd13cfde8bdbd0b661356d640ddccdcb2a7d4edb9c9b29ab65ba5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-0cOeTUunFVfz5V-7R6n6Hw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
204
date
Wed, 01 Dec 2021 17:36:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si?st=NO_DATA
googleads.g.doubleclick.net/pagead/drt/ Frame FBD2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
data:truncated
data:truncated Frame D236
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cea9f6efa13bff73d4e8b7265b28d96e30934782be0d37e306095b5abb9e112b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
iframe.html
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F327
4 KB
2 KB
Document
General
Full URL
https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
c7732ad0f2c75fdc0716d1d6b1b45a11b7fac068f96015df0b8bdbd5019f5266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-Gh_tYbUgx8fVN5MJA3eZRQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1862
date
Wed, 01 Dec 2021 17:36:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css?family=Google%20Sans%3A400%2C700
fonts.googleapis.com/ Frame 75AA
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76ca98643b0229d7a50626e2ed31a2ba5663b0697c880420fc3e4c6ca82684ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 17:36:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 17:36:01 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 75AA
1 KB
880 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:35:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 75AA
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name