urlscan.io logo urlscan.io
SecurityTrails logo

www.nirsoft.net Open in urlscan Pro
138.128.181.29  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.nirsoft.net/
Submission: On December 01 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 101 HTTP transactions. The main IP is 138.128.181.29, located in United States and belongs to DIMENOC, US. The main domain is www.nirsoft.net.
This is the only time www.nirsoft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 138.128.181.29 33182 (DIMENOC)
8 72.251.249.14 29791 (VOXEL-DOT...)
1 7 104.84.56.126 16625 (AKAMAI-AS)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 9 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.111.233.227 16625 (AKAMAI-AS)
1 216.52.2.30 29791 (VOXEL-DOT...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 54.73.238.193 16509 (AMAZON-02)
5 142.250.185.194 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 217.182.200.20 16276 (OVH)
101 24
9    138.128.181.29 (United States)

ASN33182 (DIMENOC, US)
PTR: 138-128-181-29.static.hostdime.com
www.nirsoft.net
8    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
vap1ams1.lijit.com
7    104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
15    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
11    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
2    104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
gslbeacon.lijit.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
14    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    54.73.238.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-193.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    217.182.200.20 (France)

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl
googlecm.hit.gemius.pl
Domain Requested by
15 pagead2.googlesyndication.com www.nirsoft.net
pagead2.googlesyndication.com
ap.lijit.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
14 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.google.com 2 redirects cse.google.com
www.google.com
www.nirsoft.net
tpc.googlesyndication.com
9 www.nirsoft.net www.nirsoft.net
6 ap.lijit.com www.nirsoft.net
ap.lijit.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
4 s7.addthis.com 1 redirects www.nirsoft.net
s7.addthis.com
2 image6.pubmatic.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 vap1ams1.lijit.com www.nirsoft.net
2 pxdrop.lijit.com ap.lijit.com
www.nirsoft.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.nirsoft.net
2 cse.google.com www.nirsoft.net
www.google.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 api-public.addthis.com s7.addthis.com
1 clients1.google.com www.nirsoft.net
1 gslbeacon.lijit.com ap.lijit.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
101 32

This site contains links to these domains. Also see Links.

Domain
blog.nirsoft.net
launcher.nirsoft.net
feeds.feedburner.com
usbspeed.nirsoft.net
www.win7dll.info
Subject Issuer Validity Valid
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
cert1.a2.atm.aqfer.net
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh

This page contains 18 frames:

Primary Page: http://www.nirsoft.net/
Frame ID: 938AB7F7E13595C90B33BC9203587AAA
Requests: 35 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: E87880DD97E8AEC0767A2057C0F9CB55
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: A3F7940856E0F88B58933B75F0D1CB8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Frame ID: D236D2BDCAF980D61E2436374002E54E
Requests: 10 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 57F07986DBC3C5AB3C175CE8C918F490
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 02277CA6E7117CA43A42268980BAA844
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1638380160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1638380160511&bpp=1&bdt=340&idt=1&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4830374846156&frm=20&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: 6B8ED2E5CC22BD2F0883E1874292F165
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_701248_55a058aba6ce48918dbbf8b4afd9434b&rand=325&informer=13420689&type=fpads&loc=http%3A%2F%2Fwww.nirsoft.net%2F&v=1.2
Frame ID: B958789CB979D78CE496A6F1B5D45AF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Frame ID: 75AA52C89D3B77B5EACFBCFF69F8D637
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3FC7AC0DC5F2A418A1ABE8914E87D6DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E69B9C481986F131A26D303E382430C4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FBD2A68B5966F998AE55D6FDB31A4DC1
Requests: 2 HTTP requests in this frame

Frame: https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: F32766075A628F945F6815F7A2DF9F6A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Frame ID: 34A04D0FB740E24CA7EA31C30B6BA2C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 809544C1D3AB2F2B55B54A8C00CF536F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 495780525A8E264496569675FA39A683
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D2E4F0742FBBA084EE27FE66E04E38A9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F992F52B8EA1FE9EBF6C4454630399B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NirSoft - freeware utilities: password recovery, system utilities, desktop utilitiesFacebookTwitterPrintEmailAddThissearch

Page Statistics

101
Requests

79 %
HTTPS

48 %
IPv6

20
Domains

32
Subdomains

24
IPs

5
Countries

1144 kB
Transfer

2881 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://s7.addthis.com/js/250/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/250/addthis_widget.js
Request Chain 16
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 26
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 88
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp&google_gid=CAESEGFOJw9_yiVtIFAiyVAJeu4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFleWdRQUFCTGppa2tyLQ&google_push=AYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp
Request Chain 90
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENM323Vv-yuajGEKEyM0YuU&google_cver=1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENM323Vv-yuajGEKEyM0YuU&google_cver=1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pLZg0MrQRBWBAP7BiSvLVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2
Request Chain 91
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGDQL3-gWNjEXB_GiFx7TDc&google_cver=1&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOVDhWQzktTC05T09Z&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0&google_cver=1&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0
Request Chain 93
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEENM-Y4-fR6jmFxITC-KxbI&google_cver=1&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi&google_hm=
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nirsoft.net/ 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
41e75dfdd0ce9333aef4b3955360f889571d5bc4232104f1676dfe8ba0097756

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6211
Keep-Alive
timeout=4, max=50
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
main.css
www.nirsoft.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.nirsoft.net/main.css
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 06:22:16 GMT
Server
Apache
ETag
"126d6c-1c14-59bff7f2a5600-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=49
Content-Length
1568
nirsoft2.gif
www.nirsoft.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/nirsoft2.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Mon, 06 Sep 2004 14:43:52 GMT
Server
Apache
ETag
"126d5f-e6e-3e36ce8cf3a00"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
3694
empty729x90.gif
www.nirsoft.net/banners/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/banners/empty729x90.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
00cf697b03001a7246a8e7e26c626ff8aa3bc125759bc6bb87efafe63a4cfc24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Mon, 08 Feb 2010 10:45:39 GMT
Server
Apache
ETag
"143fc3-4cc-47f1480833ac0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
1228
fpi.js
ap.lijit.com/www/delivery/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=701248&width=160&height=600
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f1ea-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
addthis_widget.js
s7.addthis.com/js/250/
Redirect Chain
  • http://s7.addthis.com/js/250/addthis_widget.js
  • https://s7.addthis.com/js/250/addthis_widget.js
353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 01 Dec 2021 17:36:00 GMT
x-host
s7.addthis.com
content-length
116398

Redirect headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/250/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ca9374746152ab486e9f31076386c566acffae5176c2e25a48cb7e58775cf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51272
x-xss-protection
0
server
cafe
etag
13334693896973011352
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
feed.png
www.nirsoft.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/feed.png
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Tue, 30 Sep 2008 06:39:51 GMT
Server
Apache
ETag
"126d62-5a1-45817402c9bc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
1441
menubg.png
www.nirsoft.net/ 		448 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/menubg.png
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sun, 12 Jan 2020 19:55:26 GMT
Server
Apache
ETag
"1200ca-1c0-59bf6bd6f4780"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=48
Content-Length
448
sync
ap.lijit.com/ Frame E878 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=701248&width=160&height=600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 18:51:37 GMT
Server
nginx
ETag
W/"6197f239-14155"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 02 Dec 2021 17:36:00 GMT
menutomain.gif
www.nirsoft.net/ 		805 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/menutomain.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sat, 21 Apr 2007 15:17:30 GMT
Server
Apache
ETag
"126d84-325-42ea0ef395680"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
805
toptomain.gif
www.nirsoft.net/ 		805 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/toptomain.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sat, 21 Apr 2007 15:31:48 GMT
Server
Apache
ETag
"12332e-325-42ea1225d6100"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
805
cse.js
cse.google.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
87adc2972205fcb05f3a0de8249d0f2d7bcc34efc05a3a2c2f0f12e3132598f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2917
x-xss-protection
0
expires
Wed, 01 Dec 2021 17:36:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=8529
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
whatnewbg.gif
www.nirsoft.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.nirsoft.net/whatnewbg.gif
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Server
138.128.181.29 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
7aea3fb8ef09574f7103909575d48e51b2a930c6b3f9297d3b4d54e7e239fee0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Last-Modified
Sat, 21 Apr 2007 20:41:58 GMT
Server
Apache
ETag
"123acb-473-42ea5779b7180"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=49
Content-Length
1139
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21930e751df32913c436e2da395f62465a8a71a58275c22b1b53bd663024d61c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100174
x-xss-protection
0
server
cafe
etag
11622000290716485502
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame A3F7 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 01 Dec 2021 09:43:00 GMT
expires
Wed, 15 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
28380
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H2
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5680
date
Wed, 01 Dec 2021 16:01:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 01 Dec 2021 18:01:20 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
adcfg
ap.lijit.com/ Frame E878 		159 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=701248&tid=04bd6b33dd064d4db5799b39f76315c75883f9a9&mode=1&dmn=www.nirsoft.net
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
6698880531eb4b810defe18a1853db95cddb1ed6a52c80d34c02c1ee2e0419aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
cse_element__en.js
www.google.com/cse/static/element/54e62135847a1703/ 		300 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 00:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101668
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 28 Nov 2022 00:21:19 GMT
default+en.css
www.google.com/cse/static/element/54e62135847a1703/ 		41 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 00:21:19 GMT
x-content-type-options
nosniff
age
321281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41765
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 28 Nov 2022 00:21:19 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 01 Dec 2021 18:13:05 GMT
addelivery
ap.lijit.com/ Frame E878 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=701248&tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&cb=undefined&mode=1&ifr=true&od=www.nirsoft.net&time=17%3A36%3A00&fd=1&be=cr&loc=http%3A%2F%2Fwww.nirsoft.net%2F&orig_loc=http%3A%2F%2Fwww.nirsoft.net%2F&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_701248_55a058aba6ce48918dbbf8b4afd9434b
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
8e5f7bc202d841f3ecb3fa5794376f92bbe1e4546b9c3f544661f220f0b72931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
866
cookie.js
partner.googleadservices.com/gampad/ 		201 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7aac698d048a02cbc59bce572e99b52846641a8a9c79eeb00693c3ca91cb6bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D236 		96 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b708afa9fb144214958e90f0e87866d8a06ea7d2e41bca0d587d94698f80878b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
30965
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSof...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSo...
35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=650843312&utmhn=www.nirsoft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&utmhid=1808019158&utmr=-&utmp=%2F&utmht=1638380160497&utmac=UA-6647006-1&utmcc=__utma%3D159191077.1147447018.1638380160.1638380160.1638380160.1%3B%2B__utmz%3D159191077.1638380160.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1811261575&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason
HSTS
_ate.track.config_resp
v1.addthisedge.com/live/boost/nirsofer/ 		27 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/nirsofer/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
content-disposition
attachment; filename=1.txt
cache-control
public, max-age=7, s-maxage=86400
content-length
47
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61a7b2802c1c57ca&bkl=0&bl=1&pdt=360&sid=61a7b2802c1c57ca&pub=nirsofer&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.nirsoft.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=freeware%20utilities%2Cfree%20downloads%2Cfree%20software%2Cprograms%2Cpassword%20recovery%2Csystem%20tools%2Clost%20password%2Csource%20code%2Csecurity%2Cwindows&colc=1638380160508&jsl=32&uvs=61a7b280da21346f000&skipb=1&callback=addthis.cbs.jsonp__28892722628497160
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a79f1ebcca9a729ef5bad27249c51314cd700b74afb5433224a723c06871a36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 57F0 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0227 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Wed, 01 Dec 2021 17:36:00 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
ads
googleads.g.doubleclick.net/pagead/ Frame 6B8E 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1638380160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1638380160511&bpp=1&bdt=340&idt=1&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4830374846156&frm=20&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:00 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:00 GMT
cache-control
private
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E878 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d88991f14f12486bef01b069c7c0249181e734ba6cbf499a50a1aa1d61bd3da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51258
x-xss-protection
0
server
cafe
etag
10252469858352582002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame E878 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=nirsoft.net&pn=%2F&pubid=nirsoft&v0=271591
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 01 Dec 2021 17:36:00 GMT
beacon
gslbeacon.lijit.com/ Frame B958 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=a_701248_55a058aba6ce48918dbbf8b4afd9434b&rand=325&informer=13420689&type=fpads&loc=http%3A%2F%2Fwww.nirsoft.net%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

Server
nginx
Date
Wed, 01 Dec 2021 17:36:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
containertag
ap.lijit.com/ Frame E878 		34 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=701248&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
9aa230dfd4a638b7742f36b70af6e38b612280140c0dea3cac92662c12745aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame E878 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=4TMvhKiTWodNQpH5KaSHkfngE6YkwfQNe4NNPpE8vN_NoqUwRSSpJfozbCwaocI4rDXrjYXjA_313eppicOhDHqRkkRKU6BDG-uFhMNODWPUdnF9nqEMcscROr9kny893HNphfmbnyU6f8YjYsxd7tI_86A21kKPJ-2mPyCG4Pkawg-37hCVYYysH9s0q_uKbxyICyuFPZUlwIQnFOmd5qdUxaO5XQEwkAgzyJ3LyVILVW-_xaiY6l0N1i0nX8YTINUiA1hPdn1u3JFPT29GRG8ErVpq7tCIbgnYnfijN2WnfRv6wHZPZwgUgpGwnLW2944~&bannerid=222065&campaignid=232&endpoint=WATERFALL&zoneid=701248&tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame E878 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&zoneid=701248&starttime=1638380160409&adcfg=3&adcfg_response=20&addelivery=23&addelivery_response=129&lgfired=131&beacon=134&container=135&EOL=135&ctstart=0&elapsed_ms=135
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
async-ads.js
cse.google.com/adsense/search/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6311a15996707cad692382528ffc070374bb1a8395764c36f3808ce3eaf21ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"17748334306645903075"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Wed, 01 Dec 2021 17:36:00 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:04:14 GMT
x-content-type-options
nosniff
age
88306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 30 Nov 2022 17:04:14 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:12:47 GMT
x-content-type-options
nosniff
age
480193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 26 Nov 2022 04:12:47 GMT
generate_204
clients1.google.com/ 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clients1.google.com/generate_204
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Content-Length
0
counter.d27508c102582d608697.js
s7.addthis.com/static/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/counter.d27508c102582d608697.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5fd2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 01 Dec 2021 17:36:00 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
8265
t.dhj
pxdrop.lijit.com/1/d/ Frame E878 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pxdrop.lijit.com/1/d/t.dhj?dmn=nirsoft.net&GDPR_v2=&pubid=nirsoft
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 17:36:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 01 Dec 2021 17:36:00 GMT
ct
ap.lijit.com/data/ Frame E878 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_701248_55a058aba6ce48918dbbf8b4afd9434b&zoneid=701248&cid=18&geo=DE&all_tags=185%2C203%2C205%2C248%2C462%2C465%2C515%2C561%2C563%2C565%2C589%2C590%2C600%2C604&tss=73&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=73
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 17:36:00 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/ Frame E878 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ff3e9cc863f83d20c73fe50ed62d43f7cfb596376cd2ecdee055df91f5a046a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99625
x-xss-protection
0
server
cafe
etag
4570675974947516718
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 17:36:00 GMT
shares.json
api-public.addthis.com/url/ 		50 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.nirsoft.net%2F&callback=_ate.cbs.sc_httpswwwnirsoftnet0
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
05685f3e54a276e24f41c557542d18a27b298df513bea4e1752255dcdb68fb04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.nirsoft.net/
last-modified
Wed, 01 Dec 2021 17:33:52 GMT
server
nginx/1.15.8
date
Wed, 01 Dec 2021 17:36:00 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
70
truncated
/ 		564 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da6f3508fdb8c1fdf553e4af5556b585ba5998139afe613d56dc0d88c822bd81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
cookie.js
partner.googleadservices.com/gampad/ Frame E878 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E878 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E878 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 75AA 		74 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d545339066cdbcb0d7f6b001b34e2a62232d848e26c9b0b57438a745f7a0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
24398
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame E878 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03335afbe7ab40d8c10a1e6b477bf4978289ec8e0eb3b9ec426a3c6252ddc9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9419
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E878 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063781
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 01 Dec 2021 17:36:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3FC7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 01 Dec 2021 15:16:17 GMT
expires
Thu, 01 Dec 2022 15:16:17 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E69B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09e2916d55309c0e896e9ee0597a9f1760c66062c3be473029b5825cc9c6fc01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VfPXqsQ1EaUDXZrw8qW29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 01 Dec 2021 17:36:00 GMT
date
Wed, 01 Dec 2021 17:36:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VfPXqsQ1EaUDXZrw8qW29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame E69B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=3956884990384061&rc=
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame 3FC7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
75580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 20:36:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E878 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=3956884990384061&bg=!vb6lvvrNAAZQLpa_UC47ACkAdvg8WrqjdJKVB79_IO5tUixNqMhj4pc3fAwdnNkHXOjW8lnead1g9wIAAABmUgAAAAloAQeZAp1wYuq9k8mkqB83IgLltemEgMvP2UNvi2xPD4lhlNhrKTvJqWfOH7a8Rfa0sPTmHkUCWMHpkdbjM7shRrAIyUuX1amFlT3Ff0KAX9VMqID7NIVgLKlYqWgoOH3GD93MVmy_mvZX6WOJ9TdSIKxfDVGIy2L80H96HLZ6gf-WeRfGTaerjaGhVwUjfGDSgkXmb8xJnGgmzCt4x6Q96XRzZNZz_EQBiEjHTPvfj5bz2HiAAnxyA0709wxjfj3Nf69-gO7l9ERa86oN7c5N4t1qFoUd6aJSiXX9s7FbaCmycI_3KmmKHaEooOqq1QMpt1HjCJUZpVJgKIOf9YERons3bOwtKcUmBaeGpUwRxGrfaR5Fa5ENC2QVcyh8aznhaOD3ZiHaZVxUrU8Fxf-plEmY43TH9pP_TgASm6mcJFiLLzuYGZzlBmvv87LmwwUE3iuFrWtMI9bMX_Aim6Re3uwvUJYW-JamAZ-6L5EJGQMGbaXavepLD4Q63nvnFlg5SBE1rt_kCPF7_T8zTz67C5glq8nd7wlxoLQsB2D2zpg1vrz9UuTZuhlKa10uHXoTBDU5qHrPexvM79ZRDPeGgdfR1yIPnWgxDBRteBYq-etaodebR4dEnRInBod5xjw193KsdC8XMIbWpCnOVdpbPc4PJjuc7Mmx6KTWnufz_UD9WdMxNJW8SNmBdoAVRMTiM62LMG-MIoV5xPN-6n5JovwIXoiv9Qgv64DVuSaSPfalKYpFgKK4oPCJvy41PITYP5bhZ7LO1yW52sdEXawinuiER2Jwws0zmcoIUesPMNmQkwzc_t2oi_47K8TPm1zl2mqG0ZHHspo2nP4kL_69gDMlO1lCWxoe1JRMLRGIxQH6L7Vw8h4-mgbXDh6Nf2jyzkM
Requested by
Host: www.nirsoft.net
URL: http://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11856128442428068163
tpc.googlesyndication.com/daca_images/simgad/ Frame D236 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11856128442428068163
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db5abe847651d38508de59edadb2c822e1ad996f0e2620dbca3ccb44bca2e554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 21:25:57 GMT
x-content-type-options
nosniff
age
418204
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113873
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 08:47:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Nov 2022 21:25:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D236 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:28:18 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D236 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:35:54 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame D236 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 05:32:01 GMT
x-content-type-options
nosniff
server
cafe
age
43440
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Thu, 02 Dec 2021 05:32:01 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D236 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgT_HgLKnYYSGILLJ1fAPmoG0mAPRncjvZt63sYPJDpq2x4rpDhABIIuL5ApglfrwgYwHoAHI_qunAsgBAqkC5XuFlHI5gT6oAwHIA8kEqgTWAU_QN7los5I3qeeXyLxJNFtI1PBf2ZaOHHZFv0uJw1PYFpgq5dInhihkkf7sNzueKkceyBqc-9Umc3Q8ZdbFbM6LMVTy4uGEwCPPDk9ysVNCocsPA-TkIwLh3ujFV3JEMcuqaDnPhSjVac_gj08Eb2e0J_-BLabsgGRe_2GvFsCuhaN1voZHCDT9Zh2X-DsugBWNnW1QmX5b26ILx7ktyTyj_as3CBLy0B4CaVFdqk-UeHZCdZepbrWYNQ7XK7936p9hdHloCVhPD7H2ojWr__O7eNBN8j3ABNiC5qHdA5IFBAgEGAGSBQQIBRgEoAYCgAeFiqOkAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENCdCdIICQiA4YAQEAEYX4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01Mjg2MDczMTkwOTk4NDA1GAA&sigh=ytq2_1lAFJY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 01 Dec 2021 17:36:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 01 Dec 2021 17:36:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D236 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 17:36:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D236 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:32:11 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D236 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11327
x-xss-protection
0
server
cafe
etag
10656063359522146397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:04:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame FBD2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Dec 2021 16:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F327 		247 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
0302b924fadd13cfde8bdbd0b661356d640ddccdcb2a7d4edb9c9b29ab65ba5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-0cOeTUunFVfz5V-7R6n6Hw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
204
date
Wed, 01 Dec 2021 17:36:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame FBD2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D236 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cea9f6efa13bff73d4e8b7265b28d96e30934782be0d37e306095b5abb9e112b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
iframe.html
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F327 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
c7732ad0f2c75fdc0716d1d6b1b45a11b7fac068f96015df0b8bdbd5019f5266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-Gh_tYbUgx8fVN5MJA3eZRQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1862
date
Wed, 01 Dec 2021 17:36:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 75AA 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76ca98643b0229d7a50626e2ed31a2ba5663b0697c880420fc3e4c6ca82684ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 17:36:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 17:36:01 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 75AA 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:35:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 75AA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:28:18 GMT
W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame 34A0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=280&slotname=8353276087&adk=554369846&adf=2146366220&pi=t.ma~as.8353276087&w=1200&fwrn=4&fwrnh=100&lmt=1638380160&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.nirsoft.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1638380160395&bpp=4&bdt=224&idt=67&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=4830374846156&frm=20&pv=2&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1808019158&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=197&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31063797%2C21065724%2C31063246&oid=2&pvsid=2955171570671507&pem=534&tmod=843349728&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DxjYpSNP3K&p=http%3A//www.nirsoft.net&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
75581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 20:36:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 75AA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:35:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 75AA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37131
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638290904732407"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 17:36:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 75AA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 17:32:11 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 75AA 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 75AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cb3PEgLKnYbqRLemh1fAP19CZsAiw84_IY9COlN_OC7CQHxABIIuL5ApglfrwgYwHoAH9kPP7AsgBAagDAaoExwFP0HzTT4XofQPiMv1v_sMPLGqD8YBtpc7R-I7D_d-5804xbO3fr_hpacjIYRiooBhLNRPOYNTbMOQlBLHjc6U_KLLxLaj231I1D6The-L7Bb-x3i3s2hR3a9IC7SiJcl_S66xYhmq3iy915TO-2IO5aVrFTLCTryZJvQviMMIe9HCibbHwPj8mSyMbiCZuVygIVGN4QAeYxAt-UcJChghvS-2ysHO9VRIm6Sy6YItmj49s78HYhli45-pxNU6aooXT__DD8yZdwATLwqP_8gGSBQQIBBgBkgUECAUYBIAH6-6MhAGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDc7SfSCAkIgOGAEBABGF-ACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItNTI4NjA3MzE5MDk5ODQwNRgA&sigh=KTzT4Y4UMr4&uach_m=[UACH]&template_id=5020
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 01 Dec 2021 17:36:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8095 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Dec 2021 16:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4957 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 01 Dec 2021 05:53:44 GMT
expires
Thu, 02 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
42137
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 75AA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 75AA 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c40ad72cef7d01523f373e94fd4fd716b1d380e1876c2a4c72d88f23474f6979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 75AA 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:21:26 GMT
x-content-type-options
nosniff
age
170075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 29 Nov 2022 18:21:26 GMT
4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 75AA 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbbc44e5ebb0694e2faa4b84737dc33d6b8fa9d0eaa8b5f63ac3537130cb07bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 07:43:47 GMT
x-content-type-options
nosniff
age
121934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21444
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 07:43:47 GMT
dpixel
cms.quantserve.com/ Frame 4957 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGoJT56pjtMosWR7t2u43dY&google_cver=1&google_push=AYg5qPJmMnzu_toCE9ObZGe7NkcgE8yDu2OzgX6SlQ8nnmvHNxgpoyte9QJOn37iW9j-UWcxPg_f8v1Fk4_FMDp2SCU57KZ8MOQ3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4957
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFleWdRQUFCTGppa2tyLQ&google_push=AYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFleWdRQUFCTGppa2tyLQ&google_push=AYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFleWdRQUFCTGppa2tyLQ&google_push=AYg5qPKWvteqCjZJ3aNYWmiP5ZqB3tA47K4IqIqud1YvlO4NRfnzbcn6QJAUK23L0ClXNuFsT8nY9_PBiUtLguS0sZGh8Fyw97qp
Date
Wed, 01 Dec 2021 17:36:01 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 4957 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBEEmHnlSbAoJw7Plse_nzM&google_cver=1&google_push=AYg5qPL7e7McTZcaC8n0TQyj3Oy8CMF2VDShsK8OeTUVevr4JntPCjYDSqaZWZtqOS5jJM1aZfNjft5jMWO4qsdV4blJ8RV4B8Ls
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
j674qh9n56uoq8vg3la1b80jham9ov1a
pixel
cm.g.doubleclick.net/ Frame 4957
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pLZg0MrQRBWBAP7BiSvLVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pLZg0MrQRBWBAP7BiSvLVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pLZg0MrQRBWBAP7BiSvLVA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIsjWIstH_5Ch_-7sg2Fuih-tE4ecn2drRBbXADf9P0P7y2mmvbQuDDIZ1YcLebY_v_6St6rs_0EoF2tPv_XGmVB5PkQe_2
date
Wed, 01 Dec 2021 17:36:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4957
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGDQL3-gWNjEXB_GiFx7TDc&google_cver=1&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOVDhWQzktTC05T09Z&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOVDhWQzktTC05T09Z&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOVDhWQzktTC05T09Z&google_push=AYg5qPLszABdWT00BmzYTsOncGU0sLFjcO5lMPI3qoqc1cBxDIHUSKVO0Jab5bwtEUaZ1c8NRg5Mh5ouy_3u2EF20TVjX-htnYpH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4957
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0...
0
0
pixel
cm.g.doubleclick.net/ Frame 4957
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEENM-Y4-fR6jmFxITC-KxbI&google_cver=1&google_push=AYg5qPJm56d7VoaZ6yuj2KBS...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJm56d7VoaZ6yuj2KBSB3Uy21dB4maBFmRyzFZ_00DpjVEslkPAa-2a8EpsNUdI0QIA7Jb9JWTTDItQSuCRT_LQIQu-WDHi&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 30 Nov 2021 17:36:01 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4957 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lam-oEpjRlpJL1apFqU8D4zkzd5CIRJ8a6blmYWAKiCqtwHppgrSEt2aymY9Dqo_NBWMjyCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8095
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=179141035&adf=3533666104&pi=t.ma~as.8544847776&w=160&lmt=1638380160&psa=0&format=160x600&url=http%3A%2F%2Fwww.nirsoft.net%2F&ea=0&flash=0&wgl=1&dt=1638380160629&bpp=3&bdt=324&idt=65&shv=r20211111&mjsv=m202111150101&ptt=9&saldr=aa&cookie=ID%3Dd52afa4bc2242ab7-222ec6e31dcc003d%3AT%3D1638380160%3ART%3D1638380160%3AS%3DALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA&correlator=4830374846156&frm=23&ife=1&pv=1&ga_vid=1147447018.1638380160&ga_sid=1638380160&ga_hid=1483217850&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=5&ady=613&biw=1600&bih=1200&isw=160&ish=600&ifk=2347300667&scr_x=0&scr_y=0&eid=21066433%2C31063781%2C31063792%2C31063182&oid=2&pvsid=3956884990384061&pem=534&tmod=1248988956&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.7nxqfqr6y9lm&fsb=1&dtd=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 17:36:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
272ba18866b6b8df393ab532389f79d4021e2e6d022d819743c32151f9d1d03e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 17:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9208
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net&bust=31063797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 01 Dec 2021 17:36:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D2E4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 01 Dec 2021 15:16:17 GMT
expires
Thu, 01 Dec 2022 15:16:17 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F992 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d774fa3c1567aa4a8f3e0720956b0fafa86c641dd483112e93ef7eb8fc80084
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TDQvzM15GZ/ZxSPJCdumig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 01 Dec 2021 17:36:01 GMT
date
Wed, 01 Dec 2021 17:36:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TDQvzM15GZ/ZxSPJCdumig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame D2E4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
75581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 20:36:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F992 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2955171570671507&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2955171570671507&bg=!gYKlgsbNAAZQLpa_UC47ACkAdvg8WsXygr7ZCLXsBDRxWAtZfe11SxXo30nJ31BW025KvKJ1GthnSwIAAABiUgAAAAxoAQcKAMQBAws7o4sA8TRbzBeORMMF82PDbRKlqFHpQqPHhAe1VkPimadIouAko09KjdWRLOIac2gdDbhQIdazF7psATU3s4OgxzEk093yFrySn91rXHlMt6u41MNONKmLBu19abqzFRBMwS2mPU9wV4RRFyK_M-KRt2HecQ1NJPCC07AhXlqmENLq29Lp292C-PPNLhJDax0oCmD8ptm03fjCzpnK_T2-bRUMybQMa5TvVaErg672WJkphdfaZvlWZszJ1iVSpF7xmQJ9HxMF5l84y9kJjZBjpA4fX6jQKf8oqaCYd6drRyBicSkiz5zngLICinalLh46W-W3rM-wpSmfbjUjwFfnQZqTRiBSAKWZ3Z7NuUoH6REXOsuwyRE7sRXa8n7pkHlb9D-S5ePEt1VayQhwjfSVqTmnxD-ztFdekj2WI592-jA9FapbXGhjFPgKoOjxwBYmlZWNf_Dc_vfaom1XFUPYlqw434BrbyEgvj-A7klWy0fEC2unmmoj4KPYaS968zxmT0b_WUhy4IQiBOOvzY3QQoP2EMXFHFdsZYvfvQ4-Xe73I82Bop4XMa_HuhPEdzEoJJOPcOXZ0g0rpXtqhbqeSWdJX0qPx6khZWmwgoPCcAwWHUdigGilaKhetgyIlKxP5bLt9q8l6zGjwgKMCQhD4KyIjor3BPnNfoEIBpUXFYp8jaJOYoXx3SI8tCj2Wtxpn78II9nvlXvZ0ZbNhp1YguchNGeFEXCV5x4Dgm32-tHhh-P4BN4Jy81EXnwxb9IiVMQRzt8INl5OzEu7JDHq5jb2v17DEYkklSjEkoEi-dYeaiJkHx8SnliNeY7widAuOMGCv2z7jZyWN6r0qdxK8JpYJ0PazsmR-k8xRxAGBWXQH56ZIRxSIu0D7KTtHbKCGwBVQ47F2YXFTqLJo9WZPE66z42csoJyOLpd27lcHe1-McbMhfgH5k0mFagRInGvRfpGUxTXmmtmsAH45FB9tMlJVRw9VX4Emx6SXFAUnkPmlGSP_uvD5qQPLcSVDcoQtXn5_QpCzA5Ks7IAfnvfgYY1uq_KkVP8DYS3Rp2W-W7eZo0QiqfaEzPm5xGVzwIFq8l9vUSrM0FIpCje_wssNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 75AA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu21SzamDYUny_kUFdvNxprjggyKWz94PWp9zmmNU2BJh6JSn3kk7X_zQceSsapDw5T8JSiwV-2hPnvwXxNADgyvc1kHjJJWsYHMn5TxQtaEkI03HlVAQRHLqU0e3VHhjM1QB7cjqIwc5Mj&sai=AMfl-YQwjSHp_IUYbXW8cuVwgtUAOwgCskq5oiwDLZ7_p985YLoeDvAR7DhiYjOJpGloqXt0DOXd90gPn7il9tn2X4EOd_XF-uOm82GLNSLioz9-CZeQWnBM_KkdE_BZ&sig=Cg0ArKJSzKX7F5CCrPisEAE&cid=CAASF-Ro1xZyD_3yt289ElDVvOnZAKNfdsxr&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=22&adk=179141035&rs=2&la=0&cr=0&vs=4&r=v&rst=1638380160712&rpt=885&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 17:36:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| sovrn object| true object| addthis_config function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| gaJsHost object| __gcse string| sovrn_beacon_tid boolean| __@@##MUH function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _gat object| _gaq object| pageTracker object| addthis_share object| LJT_Ads object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId object| oattr number| googleNDT_ number| googleAltLoader object| googletag object| GoogleGcLKhOms object| google_image_requests string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options

21 Cookies

Domain/Path Name / Value
.nirsoft.net/ Name: __utmc
Value: 159191077
.nirsoft.net/ Name: __utmz
Value: 159191077.1638380160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.nirsoft.net/ Name: __utmt
Value: 1
.nirsoft.net/ Name: __utma
Value: 159191077.1147447018.1638380160.1638380160.1638380160.1
.nirsoft.net/ Name: __utmb
Value: 159191077.1.10.1638380160
www.nirsoft.net/ Name: __atuvc
Value: 1%7C48
www.nirsoft.net/ Name: __atuvs
Value: 61a7b280da21346f000
.nirsoft.net/ Name: __gads
Value: ID=d52afa4bc2242ab7-222ec6e31dcc003d:T=1638380160:RT=1638380160:S=ALNI_MbNmmJUPgdClnFfopeR0R1pu8X-EA
.lijit.com/ Name: ctag
Value: 561:1640972160|515:1640972160|563:1640972160|565:1638466560|185:1638466560|203:1639589760|205:1638466560|589:1640972160|462:1638466560
.addthis.com/ Name: uvc
Value: 1%7C48
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlcyMjgyMTg5ODAwNDAwMDBDSA==
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmW43Xa--2dTygOntMBu90GFfin5H6DYRqdyVrvd0Jsux4eAIoxssDomnCiYuU
.quantserve.com/ Name: d
Value: EFEBCQHtJIEA
.quantserve.com/ Name: mc
Value: 61a7b281-6e7a8-43d48-97ee0
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A4B660D0-CAD0-4415-8100-FEC1892BCB54
.casalemedia.com/ Name: CMID
Value: YaeygdqXwwmkZwhyntjdXwAA
.casalemedia.com/ Name: CMPS
Value: 5221
.casalemedia.com/ Name: CMPRO
Value: 1185
.casalemedia.com/ Name: CMST
Value: YaeygWGnsoEA

3 Console Messages

Source Level URL
Text
javascript warning URL: http://www.nirsoft.net/(Line 780)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.nirsoft.net/(Line 780)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaeygdqXwwmkZwhyntjdXwAABKEAAAIB&google_push=AYg5qPJAj_B_hW2Wt9BfpWH58dgL9R5mXrvtP7VTyDiSjj_qpja7XM1qUycCzCT5vNy5Q2giH4Dg5SSQ-CDCkcw7-0jPZaY9zp3q&google_cver=1&google_gid=CAESEJ7LkkNiJsZ7Dr5n9NdIKF0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ap.lijit.com
api-public.addthis.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gslbeacon.lijit.com
image6.pubmatic.com
m.addthis.com
p4-agdehobfo37gm-ov6ijdnibb5ctb45-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pxdrop.lijit.com
rtb.openx.net
s7.addthis.com
tpc.googlesyndication.com
v1.addthisedge.com
vap1ams1.lijit.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.nirsoft.net
z.moatads.com
cm.g.doubleclick.net
s7.addthis.com
104.111.233.227
104.84.56.126
138.128.181.29
142.250.185.194
142.250.186.67
142.250.186.98
198.47.127.19
2.18.235.40
216.52.2.30
217.182.200.20
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
35.227.252.103
54.73.238.193
69.173.144.139
72.251.249.14
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
00cf697b03001a7246a8e7e26c626ff8aa3bc125759bc6bb87efafe63a4cfc24
0302b924fadd13cfde8bdbd0b661356d640ddccdcb2a7d4edb9c9b29ab65ba5c
03335afbe7ab40d8c10a1e6b477bf4978289ec8e0eb3b9ec426a3c6252ddc9d1
03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05685f3e54a276e24f41c557542d18a27b298df513bea4e1752255dcdb68fb04
09e2916d55309c0e896e9ee0597a9f1760c66062c3be473029b5825cc9c6fc01
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5
0ff3e9cc863f83d20c73fe50ed62d43f7cfb596376cd2ecdee055df91f5a046a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1d774fa3c1567aa4a8f3e0720956b0fafa86c641dd483112e93ef7eb8fc80084
1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b
21930e751df32913c436e2da395f62465a8a71a58275c22b1b53bd663024d61c
272ba18866b6b8df393ab532389f79d4021e2e6d022d819743c32151f9d1d03e
2a79f1ebcca9a729ef5bad27249c51314cd700b74afb5433224a723c06871a36
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2ca9374746152ab486e9f31076386c566acffae5176c2e25a48cb7e58775cf9c
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
41e75dfdd0ce9333aef4b3955360f889571d5bc4232104f1676dfe8ba0097756
432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
6311a15996707cad692382528ffc070374bb1a8395764c36f3808ce3eaf21ebb
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6698880531eb4b810defe18a1853db95cddb1ed6a52c80d34c02c1ee2e0419aa
76ca98643b0229d7a50626e2ed31a2ba5663b0697c880420fc3e4c6ca82684ca
7aac698d048a02cbc59bce572e99b52846641a8a9c79eeb00693c3ca91cb6bb1
7aea3fb8ef09574f7103909575d48e51b2a930c6b3f9297d3b4d54e7e239fee0
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87adc2972205fcb05f3a0de8249d0f2d7bcc34efc05a3a2c2f0f12e3132598f7
8e5f7bc202d841f3ecb3fa5794376f92bbe1e4546b9c3f544661f220f0b72931
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa230dfd4a638b7742f36b70af6e38b612280140c0dea3cac92662c12745aca
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b708afa9fb144214958e90f0e87866d8a06ea7d2e41bca0d587d94698f80878b
bbbc44e5ebb0694e2faa4b84737dc33d6b8fa9d0eaa8b5f63ac3537130cb07bf
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c40ad72cef7d01523f373e94fd4fd716b1d380e1876c2a4c72d88f23474f6979
c4d545339066cdbcb0d7f6b001b34e2a62232d848e26c9b0b57438a745f7a0d9
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c7732ad0f2c75fdc0716d1d6b1b45a11b7fac068f96015df0b8bdbd5019f5266
cea9f6efa13bff73d4e8b7265b28d96e30934782be0d37e306095b5abb9e112b
d88991f14f12486bef01b069c7c0249181e734ba6cbf499a50a1aa1d61bd3da5
da6f3508fdb8c1fdf553e4af5556b585ba5998139afe613d56dc0d88c822bd81
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db5abe847651d38508de59edadb2c822e1ad996f0e2620dbca3ccb44bca2e554
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43