ro.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Submission: On June 14 via manual (June 14th 2021, 6:44:16 pm UTC) from RO

Summary HTTP 71 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3032::6815:4aa6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ro.nex-software.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2021. Valid for: a year.

This is the only time ro.nex-software.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:303... 2606:4700:3032::6815:4aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:21f... 2600:9000:21f3:e600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:4600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2600:9000:206... 2600:9000:206e:9400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2600:9000:214... 2600:9000:214f:5200:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.209.191.86 3.209.191.86	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:211... 2600:9000:211a:4800:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
71	24

30 2606:4700:3032::6815:4aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

ro.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:e600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:4600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:9400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:5200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.191.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-191-86.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:211a:4800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1e2b81fb62ce0c7eed3401e10607c5bc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	nex-software.com ro.nex-software.com nex-software.com pic.nex-software.com	1 MB
9	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	143 KB
9	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com l.sharethis.com	38 KB
7	googlesyndication.com pagead2.googlesyndication.com 1e2b81fb62ce0c7eed3401e10607c5bc.safeframe.googlesyndication.com tpc.googlesyndication.com	73 KB
3	zx-adnet.com cdn.zx-adnet.com	20 KB
2	google.com adservice.google.com www.google.com	2 KB
2	consensu.org stat.optad360.mgr.consensu.org c.sharethis.mgr.consensu.org	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	optad360.io get.optad360.io	484 KB
1	google.fr adservice.google.fr	853 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	nawpush.com na.nawpush.com	355 B
1	cstwpush.com cst.cstwpush.com	60 KB
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz	20 KB
71	16

	Domain	Requested by
15	nex-software.com	ro.nex-software.com nex-software.com
14	pic.nex-software.com	ro.nex-software.com
8	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
5	platform-cdn.sharethis.com	ro.nex-software.com
4	pagead2.googlesyndication.com	cst.wpu.sh securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdn.zx-adnet.com	ro.nex-software.com cdn.zx-adnet.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	counter.yadro.ru	1 redirects ro.nex-software.com
2	get.optad360.io	ro.nex-software.com get.optad360.io
1	www.google.com	tpc.googlesyndication.com
1	1e2b81fb62ce0c7eed3401e10607c5bc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	l.sharethis.com	platform-api.sharethis.com
1	cdn.jsdelivr.net	get.optad360.io
1	count-server.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	js.wpushsdk.com	cst.wpu.sh
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	na.nawpush.com	cst.wpu.sh
1	platform-api.sharethis.com	ro.nex-software.com
1	cst.cstwpush.com	ro.nex-software.com
1	cst.wpu.sh	1 redirects
1	load5.biz	ro.nex-software.com
1	ro.nex-software.com
71	27

This site contains links to these domains. Also see Links.

Domain
nex-software.com
de.nex-software.com
it.nex-software.com
fr.nex-software.com
pt.nex-software.com
sv.nex-software.com
no.nex-software.com
nl.nex-software.com
da.nex-software.com
bg.nex-software.com
lt.nex-software.com
lv.nex-software.com
pl.nex-software.com
et.nex-software.com
fi.nex-software.com
hu.nex-software.com
sk.nex-software.com
sl.nex-software.com
uk.nex-software.com
ru.nex-software.com
hr.nex-software.com
cs.nex-software.com
vi.nex-software.com
tr.nex-software.com
th.nex-software.com
id.nex-software.com
hi.nex-software.com
sr.nex-software.com
ms.nex-software.com
ko.nex-software.com
ja.nex-software.com
el.nex-software.com
ar.nex-software.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-11` - `2022-05-10`	a year	crt.sh
load4.biz R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
covid19-dashboard.ivod.at GTS CA 1D4	`2021-05-17` - `2021-08-15`	3 months	crt.sh
cstwpush.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
na.nawpush.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
stat.optad360.mgr.consensu.org R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
js.wpushsdk.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.google.fr GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Frame ID: 818522997DA0918FC9493B691686DDE5
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: AAAD9BD27570EEC2CE75DAD798C15458
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: A267FDB9CA99B1B6475FCD050908C082
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 495B90E4216E3F9BA012AC0FE07A44A6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74243F450C97CB278B66055434E8B070
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

71
Requests

100 %
HTTPS

54 %
IPv6

16
Domains

27
Subdomains

24
IPs

4
Countries

1980 kB
Transfer

3017 kB
Size

1
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://nex-software.com/download/reimage
Title: Click Aici Pentru A Repara Erorile De Windows Și De Performanța Sistemului Optimizarea

Search URL Search Domain Scan URL

URL: https://nex-software.com/como-eliminar-el-virus-csrse

Search URL Search Domain Scan URL

URL: https://de.nex-software.com/wie-entfernt-man-den-csrse-virus

Search URL Search Domain Scan URL

URL: https://it.nex-software.com/come-rimuovere-il-virus-csrse

Search URL Search Domain Scan URL

URL: https://fr.nex-software.com/comment-supprimer-le-virus-csrse

Search URL Search Domain Scan URL

URL: https://pt.nex-software.com/como-remover-o-virus-csrse

Search URL Search Domain Scan URL

URL: https://sv.nex-software.com/hur-man-tar-bort-csrse-viruset

Search URL Search Domain Scan URL

URL: https://no.nex-software.com/hvordan-fjerne-csrse-viruset

Search URL Search Domain Scan URL

URL: https://nl.nex-software.com/hoe-het-csrs-virus-te-verwijderen

Search URL Search Domain Scan URL

URL: https://da.nex-software.com/sadan-fjernes-csrse-virus

Search URL Search Domain Scan URL

URL: https://bg.nex-software.com/kak-da-premahnete-virusa-csrse

Search URL Search Domain Scan URL

URL: https://lt.nex-software.com/kaip-pasalinti-csrse-virusa

Search URL Search Domain Scan URL

URL: https://lv.nex-software.com/ka-nonemt-csrse-virusu

Search URL Search Domain Scan URL

URL: https://pl.nex-software.com/jak-usunac-wirusa-csrse

Search URL Search Domain Scan URL

URL: https://et.nex-software.com/kuidas-eemaldada-csrse-viirus

Search URL Search Domain Scan URL

URL: https://fi.nex-software.com/kuinka-poistaa-csrse-virus

Search URL Search Domain Scan URL

URL: https://hu.nex-software.com/csrse-virus-eltavolitasa

Search URL Search Domain Scan URL

URL: https://sk.nex-software.com/ako-odstranit-virus-csrse

Search URL Search Domain Scan URL

URL: https://sl.nex-software.com/kako-odstraniti-virus-csrse

Search URL Search Domain Scan URL

URL: https://uk.nex-software.com/yak-vidaliti-virus-csrse

Search URL Search Domain Scan URL

URL: https://ru.nex-software.com/kak-udalit-virus-csrse

Search URL Search Domain Scan URL

URL: https://hr.nex-software.com/kako-ukloniti-virus-csrse

Search URL Search Domain Scan URL

URL: https://cs.nex-software.com/jak-odebrat-virus-csrse

Search URL Search Domain Scan URL

URL: https://vi.nex-software.com/lam-nao-dje-loai-bo-virus-csrse

Search URL Search Domain Scan URL

URL: https://tr.nex-software.com/csrse-virusu-nasil-kaldirilir

Search URL Search Domain Scan URL

URL: https://th.nex-software.com/how-remove-csrse-virus

Search URL Search Domain Scan URL

URL: https://id.nex-software.com/cara-menghapus-virus-csrse

Search URL Search Domain Scan URL

URL: https://hi.nex-software.com/how-remove-csrse-virus

Search URL Search Domain Scan URL

URL: https://sr.nex-software.com/kako-ukloniti-virus-csrse

Search URL Search Domain Scan URL

URL: https://ms.nex-software.com/bagaimana-untuk-membuang-virus-csrse

Search URL Search Domain Scan URL

URL: https://ko.nex-software.com/how-remove-csrse-virus

Search URL Search Domain Scan URL

URL: https://ja.nex-software.com/how-remove-csrse-virus

Search URL Search Domain Scan URL

URL: https://el.nex-software.com/pws-na-afairesete-ton-io-csrse

Search URL Search Domain Scan URL

URL: https://ar.nex-software.com/kyfy-azal-fyros-csrse

Search URL Search Domain Scan URL

URL: https://ru.nex-software.com/
Title: ro.nex-software.com - 2021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 39

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ro.nex-software.com/cum-se-elimina-virusul-csrse;0.4215731233049069 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ro.nex-software.com/cum-se-elimina-virusul-csrse;0.4215731233049069

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cum-se-elimina-virusul-csrse Show response
ro.nex-software.com/ 35 KB
7 KB 332ms
287ms Document
text/html 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b106cb50bbfe848f073a4bb16e3769c20b18cfccf9eb4f2e36e2c8a9ec246703

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ro.nex-software.com
:scheme: https
:path: /cum-se-elimina-virusul-csrse
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0aad6f80ab00001ecec8a20000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2IRWAEwc0KQJcTMUdVrQ7whsq%2FMVdzaPdqw002LeUxRgHFdrBozdyBsAGumlPemixX2YUDHIQhhpYXQCcMx0CtCtg4LAQ%2Bu%2FleRM6p1gt8QIBYrs9fZqy8QyW3cxJL4AvohBuExvwNIvAW6BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65f5b5144ad21ece-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 20 KB
20 KB 87ms
29ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

59e7f6927cfcf630cd9a95713e047f3e855328fb82d685ea92b18ea3a191a62a

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 18:43:58 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 css.css
nex-software.com/template/css/ 6 KB
909 B 31ms
22ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/css.css

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81da00001ece991a5000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"180a-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O%2FKH5OTtHms1SaHpJ%2Bf0MPwPtPb83o6Rnt8sAXrDRVJcIYXKFb%2B7NCwkvTwaYGNuzkycWmyP6zRk%2BpnGCElwW93eRUTjrK5tg6uPzpkBfJTyr5PPl6HdIpiyb6O10tUZxyOqNfayemT6kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5162d6b1ece-AMS

GET
H2 200 bootstrap.min.css
nex-software.com/template/css/ 132 KB
18 KB 46ms
36ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/bootstrap.min.css

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81da00001ecec1385000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211f6-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R8JQfVpwenZNC7O9kUZzL9iTGt4uGu1IZojL6FJx5QKxkbrQ0AA8cnJ9hXZJxzblF7DRb%2B%2BNQByBcxpgODlAja8iA7gumzm01tsHlWuSYAFPZmam2cFwwQ3vp%2FE6tENpQAz%2BpTygll6hFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5162d6e1ece-AMS

GET
H2 200 jquery.bxslider.css
nex-software.com/template/css/ 3 KB
1 KB 31ms
23ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/jquery.bxslider.css

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6655
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81da00001ecef123a000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dfd-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Fxp04QEPYTJtTYel%2F%2FNf45BEcF5oGAZpoxI8I%2B4qsAF%2BAt3FuqGIp%2FsqU%2BEICl%2BkXeBVioOwm00o0BzgSn1QsoP%2BmWIoWgGUExmrmu5OuEvNs2DG4Wy%2FRvroV9qyEMaF8afK%2FlZ8mO35Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5162d701ece-AMS

GET
H2 200 style.min.css
nex-software.com/template/css/ 30 KB
5 KB 31ms
23ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/style.min.css

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7043
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81db00001eceb1a16000000001
last-modified: Thu, 25 Feb 2021 19:47:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7999-5bc2e6d21c340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JKapds%2FPqV%2FSKM3mCE%2F%2FSxdbHsk4xZSU6mWBSxT4Q86o%2BNviMcWzaLJpMIZAnB1bboNeYsycxn%2FepderUVnx%2FhRBalUJ0BAKISCpijpqmG5RNO7my8H2IwKadOyE%2FzOIk7vsEu4KBBTm0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5162d711ece-AMS

GET
H2 200 lang.min.css
nex-software.com/template/css/ 30 KB
20 KB 32ms
24ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/lang.min.css

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6655
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81de00001ecedf983000000001
last-modified: Mon, 24 Feb 2020 17:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"76b8-59f556d479e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TTXtS54mhTmZJdzKUiOxyFwLF5WbtP2DfXkK1BvXF55K4YCvxNzK5Z5m%2FeKSwLI4QkE42wleH787r%2Frbh%2FOzUV9UymUz5EiwBSw9YZrIUGgwlZTg8qARdrA2uyplEkrcHu2cBfTa1VHYmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5162d6f1ece-AMS

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 55ms
15ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623696239.101083,VS0,VE1
etag: "e7092a49da41c66a6052dee2ef78d95b28e7c6b43d1cf74ea2c023b98a214134-br"
x-served-by: cache-cdg20742-CDG
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Mon, 14 Jun 2021 18:43:59 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19568
x-cache-hits: 1

GET
H/1.1

200
OK

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

59 KB
60 KB

69ms
17ms

Script
text/plain

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 18:43:59 GMT
Connection: Keep-Alive
Last-Modified: Tue, 25 May 2021 14:27:38 GMT
x-amz-meta-s3cmd-attrs: atime:1621952841/ctime:1621952841/gid:0/gname:root/md5:f7f10698b0e6bb748101b0917e29d311/mode:33188/mtime:1621952770/uid:0/uname:root
x-amz-request-id: tx00000000000005eba5752-0060c7a181-fb33aff-fra1a
etag: "f7f10698b0e6bb748101b0917e29d311"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1623696239.dop204.pa1.t,1623696239.cds043.pa1.shn,1623696239.dop204.pa1.t,1623696239.cds046.pa1.c
Content-Type: text/plain
Cache-Control: max-age=3106
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60434

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Mon, 14 Jun 2021 18:43:59 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/ 271 KB
73 KB 43ms
10ms Script
application/javascript 2600:9000:21f3:e600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 17:51:03 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 08:39:38 GMT
server: AmazonS3
age: 3177
etag: W/"17e80f6c6feec0780f80abd32f10552b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: FQOChEynvxbYBABjnYZFVNESodqqqwyooM0DhZY-7erZe37EufUtcw==

GET
H2 200 how-remove-csrse-virus.jpg
pic.nex-software.com/img/process-information/453/ 100 KB
100 KB 453ms
442ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/453/how-remove-csrse-virus.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e879f58b1f83617af8bf8b7d1c22caedb1cfda8659afc267b715ead50f211b6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 102206
cf-request-id: 0aad6f81e100001eceb0be7000000001
last-modified: Sun, 09 Feb 2020 22:14:16 GMT
server: cloudflare
etag: "18f3e-59e2bf17f7e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yS%2Fhu1YVxOwBFv%2Ftj03L9%2BghqHTA5mXz1FX09i%2FGd15KBmdNRecYyuyJj49Li4rcse5N5MHG5uzWJcQQ7ipcQcQZobq%2FwSjMQyfk2Z0MdjM5T8qHR6K2HsFS4LJYttlLFjk4ODI5YTCnHEi5Rjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5163d7a1ece-AMS

GET
H2 200 what-is-trayicon-exe-min.jpg
pic.nex-software.com/img/process-information/2727/ 146 KB
146 KB 616ms
605ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2727/what-is-trayicon-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

715f22da06e1492dcb549d67b8de8bafb0fd0cb9bb06b95444ffbc2b1cb44b79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 149020
cf-request-id: 0aad6f81e200001ecebe14f000000001
last-modified: Sun, 09 Feb 2020 22:09:30 GMT
server: cloudflare
etag: "2461c-59e2be0737a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZIlmWq2QIPMfsKO%2Fs1g24D4GwM%2BsdluRCauMKK4J0AHXFqoplghiWfVX%2FkjfX7w0mOgsokhajxiwuyTWgfd11X6rRznbvqCms%2FqxXlXPM3TsQ9HCMcuFF3gUCBRa%2F4%2FcVJHpebKkCjgc2yz8%2BUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5163d7d1ece-AMS

GET
H2 200 what-is-pcfix-exe-min.jpg
pic.nex-software.com/img/process-information/3020/ 197 KB
198 KB 514ms
503ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3020/what-is-pcfix-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175fd80f9a67ccab1b12b86117dbe11e213e53083bf30f27f6d9654e97d9c027

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 201988
cf-request-id: 0aad6f81e000001ecefd3e7000000001
last-modified: Sun, 09 Feb 2020 22:10:46 GMT
server: cloudflare
etag: "31504-59e2be4fb2580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TeFnu5P%2FIy6Aa9%2FzTsKSCd8CuJ339qXhFFB1c2QAjSC9KgNVFyQb5wYrnXjFKsRNqT%2FbCMFHtxzjx5tdybSjqvsQtasB3jAgnoUWt9UZGNjQlANvrLAWsd%2F73cgj4A9CEUP3fgWEyy7i8%2BRLWWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5163d761ece-AMS

GET
H2 200 what-is-rtkvhd64-min.jpg
pic.nex-software.com/img/process-information/713/ 36 KB
36 KB 364ms
353ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/713/what-is-rtkvhd64-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865f056fdae3b0fc51c3b1aa51bc8829d7d000f8e44d968d5f7d6af29cc5588f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36688
cf-request-id: 0aad6f81e200001ecef8242000000001
last-modified: Sun, 09 Feb 2020 22:10:16 GMT
server: cloudflare
etag: "8f50-59e2be3316200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xziqqJk3SyTSP3UwatGrZIiMwCbQNLEVzJ8gcFlqMGyidkJ94F%2FUYtiMkPHSQ%2BbkSr3mjmdFcvxHZeG9sMxGduGXYpMjGFh4%2BLfYbD4mm86GwdGwbGMfux8cwbk4j%2F2bsRQB6VUAvCpyI51Q778%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5163d7f1ece-AMS

GET
H2 200 what-is-ss_conn_service-min.jpg
pic.nex-software.com/img/file-info/457/ 69 KB
69 KB 378ms
367ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/457/what-is-ss_conn_service-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9fafdc569221783efbec594b1bb1a016e7f0a8e1bbe74336602d62034a81d6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 70210
cf-request-id: 0aad6f81e200001ecebb899000000001
last-modified: Sun, 14 Jul 2019 08:06:18 GMT
server: cloudflare
etag: "11242-58d9f9e421280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u0GRmGJWxurbwtc%2BZgaiLAU1AUMevY4gVMDNZZbWYcs0Nszziwb6OHddPiz8tGi2JyAx9TPE2%2B3cZ7m2TQkUk99qyy5Fxy5ZGYjM7a5GEo3dY%2F1CsZ8OAiRsrv0ipgJeFxGT21cdx7Oew6dXgw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5163d7e1ece-AMS

GET
H2 200 what-is-updateservice-min.jpg
pic.nex-software.com/img/process-information/1937/ 41 KB
42 KB 506ms
495ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1937/what-is-updateservice-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bc0a07f98ec22855d4e4deaad8bbdecf0e60c50fd689057c82aecf3857ba4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42132
cf-request-id: 0aad6f81e200001ecec3bd2000000001
last-modified: Sun, 09 Feb 2020 22:09:24 GMT
server: cloudflare
etag: "a494-59e2be017ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=coPFZ4OlsGMBG4jF%2FYOJBGm%2BVNfrwCn6%2BhSePUbqvEd8jLmn6g1LZh5W%2FNZ6lpniFIIipEnPwnSnTWZboq%2Fr20PIuqDyoC%2BokuL5BjX5JuSMNkTuoOAL0Yc3vRlgY%2B%2FlL91XhCaP4M%2F8sYVogQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5163d821ece-AMS

GET
H2 200 what-is-vprot-exe-min.jpg
pic.nex-software.com/img/file-info/113/ 23 KB
24 KB 397ms
396ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/113/what-is-vprot-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79de87273a72a5da8933a924e6e62dda692dc668fd1aaeda62284f3712dbb7f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23787
cf-request-id: 0aad6f82ea00001ece9e9f3000000001
last-modified: Sun, 14 Jul 2019 08:06:04 GMT
server: cloudflare
etag: "5ceb-58d9f9d6c7300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K5Hico%2FoUD0bzPjaXih3GPnZkeAwmd3jSnwkGVgrZ0sHhrsWH1MN7XsyqX7xGJAwzKmlWyc6Krtypt%2BADt8x2Vea1qx11ANKDIBVT1Ame0utzJZWjnoCn82AoFeouWtVtZfXM3RJKF5wcmpCuFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d80c1ece-AMS

GET
H2 200 what-is-youcamtray-exe-min.jpg
pic.nex-software.com/img/process-information/2521/ 24 KB
24 KB 460ms
460ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2521/what-is-youcamtray-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a05974ec037c8c1ceae41b707a7e00f7338ba017819254cc9e1ecfb2fa1bd63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24129
cf-request-id: 0aad6f82ea00001ecedca73000000001
last-modified: Sun, 09 Feb 2020 22:08:46 GMT
server: cloudflare
etag: "5e41-59e2bddd41780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZplcQFd7k9ng%2BY%2F9xBnRICfHsrWQCtYP%2F91NHwMjis5oPTHiRcBRvTCojCkXFhGq1nZRw63X2pcrVfiTSQ90vt5ywbJiq1LK2zdbc7Fg6JEnzExtqTe8eAhlJyDJI5L76GZl3IsD03%2BXdEz4FEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d80d1ece-AMS

GET
H2 200 what-is-utorrent-exe-min.jpg
pic.nex-software.com/img/process-information/1381/ 10 KB
10 KB 349ms
348ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1381/what-is-utorrent-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5250ca7096fee4a0537971c9297099f855eb5eee06577aa837da1b92be96604

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10121
cf-request-id: 0aad6f82ea00001ecef124c000000001
last-modified: Sun, 09 Feb 2020 22:09:18 GMT
server: cloudflare
etag: "2789-59e2bdfbc5f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9FJyDiWgSXwO41xuPZs6zV2o3M18yO2xgKJClc66dUvVlTUsCSy8JYD9m%2F8vj%2FEpkOWvLovojt706a9r92%2BXdOPwUo4643a4xNRwHMaoMNFQ%2BugkJidFlW6jJ3OMbhUej5Jw2y8ny8fb5H%2BYW%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d80b1ece-AMS

GET
H2 200 what-is-jrun-exe-min.jpg
pic.nex-software.com/img/process-information/3212/ 33 KB
34 KB 477ms
476ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3212/what-is-jrun-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7d06b3df0dfa9cdbb8d7829b8919e8446e4540d930421f21822fca0381b900

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34289
cf-request-id: 0aad6f82ea00001eceee0ee000000001
last-modified: Sun, 09 Feb 2020 22:11:44 GMT
server: cloudflare
etag: "85f1-59e2be8702800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wel%2F65vCRLIkh1YXfq5V7hbOmbWBuAZwO7LOouswTYZr8GJ2JCnn47pl9S8IuFH3epBVJF7rzLSNRNGDsLvxHc6jL8aM7YF9rFVp0wuRwumjXbODvGFGykuITqyMnfJn1cWPb8UFkMvgTYJ6SlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d80f1ece-AMS

GET
H2 200 what-is-amigo-exe-min.jpg
pic.nex-software.com/img/process-information/2916/ 73 KB
73 KB 21ms
21ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2916/what-is-amigo-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59102e0b6d79bae3539563aa8d730418e6383edc9d7f0189983654ae997c6cbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6115
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74488
cf-request-id: 0aad6f82ea00001eceeb2e0000000001
last-modified: Sun, 09 Feb 2020 22:13:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "122f8-59e2bef973600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gu2YpBXCd25ZnUfScwT9TUyfZpYMTh%2FPdsnzEsADwRHLcHY4i%2B6HsSSxyq0%2Fs1oDhhzV13fzbPGr8z%2BuUWDZ2dvgLQWgiVRSWdeewSfS8dyIWKU0tAKIIz2h3LmttTJz1oN6W584Dk%2BrXEHjEDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d8111ece-AMS

GET
H2 200 what-is-root-exe-min.jpg
pic.nex-software.com/img/process-information/2131/ 31 KB
31 KB 455ms
454ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2131/what-is-root-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba347e542d0b874f9e09b710bb5a473f16a8dba2d5b6fa57faff2a507c4c559

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31416
cf-request-id: 0aad6f82e900001eceda974000000001
last-modified: Sun, 09 Feb 2020 22:10:18 GMT
server: cloudflare
etag: "7ab8-59e2be34fe680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RhZJ6LIE3K0czGRufMqA1uWdM0MRI%2F0MjBOMUtVjp2If91IF4KU0XyGGO%2BAkLx4ER4T4FbBYwP9WL6xkmJJiilZCUs6tgiAdaE9x7hl6%2BTqaIlBbktUKTZcITIkRaUTmN2NKGpEQQEGOeBb3iyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d80a1ece-AMS

GET
H2 200 what-is-wget-exe-min.jpg
pic.nex-software.com/img/process-information/905/ 101 KB
101 KB 456ms
455ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/905/what-is-wget-exe-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a37e17ebb5f45bda9a532244d4b3d390805f1fefe44a728a85641e2a78c82fe2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 103111
cf-request-id: 0aad6f82e900001eced6010000000001
last-modified: Sun, 09 Feb 2020 22:09:02 GMT
server: cloudflare
etag: "192c7-59e2bdec83b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B99m9QsKaGR%2Fykl2cHYmHqo1%2BPk1amqcpvmXJayUWcURfd3Phe0dbQuTCmY4LPOTG8bAq%2F%2F4MbxMMVgoJjCCpeN3KG2l5EzW1%2FSu%2BoWcIlU97qyO2z69YbteyT4uHoZbFSJmQ0qQf8fpEp17ZfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d8081ece-AMS

GET
H2 200 what-is-shellex-dll-min.jpg
pic.nex-software.com/img/process-information/3579/ 46 KB
47 KB 569ms
569ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3579/what-is-shellex-dll-min.jpg

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f39cd2826daf1ff6d1037c121999a522e25fbd5cd2486c5d2aa01909c205b77

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47323
cf-request-id: 0aad6f82ea00001ecefd3fa000000001
last-modified: Sun, 09 Feb 2020 22:10:04 GMT
server: cloudflare
etag: "b8db-59e2be27a4700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5vw%2B5S%2B2AZpPcXoANwqtySBidGabnqNgmZRGVI8aNB%2Fw50BHDWF3DCGGpjA5Y1zjBqajDlqjGhcEObQiwpRMJWL%2F7UjUGkQgaKSfxISuqAb2jsKKOwH3xFdNuhxu80Ldn98TaNfAXB2Y4BYh%2BLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b517d80e1ece-AMS

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 68ms
22ms Script
text/javascript 2600:9000:211a:4600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 398f847e21cc0c2fb2ed6decf4edffe1d89d68426a1866562e880a121c75828c

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:42:23 GMT
content-encoding: gzip
age: 96
etag: W/"1940d-jurO6jbG/VtZxO6Zt5jjbv50Xac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: w4lUk_i5DV_s420-9_tk8NW0BiErvFjO9pxbvloTMaSbk6GyIkO4PA==

GET
H2 200 jquery-3.1.1.min.js Show response
nex-software.com/template/js/ 85 KB
29 KB 32ms
26ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery-3.1.1.min.js

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7043
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81db00001ece9809c000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"152b5-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0%2Fq27715HE4DbGjtL27eTHy8kgJyVaxkEMRlnk7CY0OTCoj9Xd1w0hZA7HD7qDiY110lKwVgcMNO%2B3CN%2BNjjmC5wDfNbanYEq2j621U0GSPWZ0W8UCUZlVvmmTdN6mzz9%2BkxEhkUwm9CQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5162d721ece-AMS

GET
H2 200 jquery.slicknav.min.js Show response
nex-software.com/template/js/ 8 KB
3 KB 38ms
35ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.slicknav.min.js

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7043
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f81ff00001ecedd963000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"20df-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o%2Fwr0oqWaQHGtGEncSdlHJGsu8lDLe8AQkQyZNwNSuepCVB46ZS2yjr1MfKRt1kvpjXL7%2FQV4JcaiZSBtRuE01xYM8NbDDGJ8Cn0g%2FcNpQ7yhoGaSZABtHNRg2shUwF8xHT2KbgUMXPeTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5166dbe1ece-AMS

GET
H2 200 jquery.bxslider.min.js Show response
nex-software.com/template/js/ 23 KB
6 KB 34ms
31ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.bxslider.min.js

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7043
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f820200001ece991a8000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bf7-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Oj21C3wz%2BgqJvBSU28NZ9zbVqrg2T61K6Zob4IWhM8HGGwDlGucAX5i3AlDZ%2Foum%2BNzL%2BnMnaLhC7LPx1HPx3o2ag%2BLkR%2BSN7E93aAaCanocNAlVfqUnuPjRLQ17R8rN5oALb0Q8y3GDkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5166dc21ece-AMS

GET
H2 200 script.js Show response
nex-software.com/template/js/ 2 KB
821 B 47ms
44ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/script.js

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7043
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f820300001ece1227f000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63c-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wCSVs5K%2FYO%2Bt6to9GSQJPkSosIjGbtSqnVhAAbcdkv7CYomX88uOREwyS1MJErJ0qMxPHanS9EyGcXso1YnZikLIsujpQCdFoF2Oj0%2BXA2I40wEGp%2BdM9j6dZzJHAjD4Zt%2BbuZq0r4MVYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65f5b5166dc31ece-AMS

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
233 B 15ms
15ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623696239.134916,VS0,VE0
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-cdg20742-CDG
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Mon, 14 Jun 2021 18:43:59 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 2

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 74 B
387 B 170ms
170ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 85
x-served-by: cache-cdg20742-CDG
server: Google Frontend
x-timer: S1623696239.151484,VS0,VE156
etag: W/"4a-U3myf635cTml8/jliRIqPS6GEqY"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: d89e04be03b232c02fd827e9a5c242a2
cache-control: max-age=3600,public
function-execution-id: mgy4uezcmb3m
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: FR
x-cache-hits: 0

GET
H2 200 1350 Show response
na.nawpush.com/tags/ 240 B
355 B 73ms
23ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1350
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 18:43:59 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565c2deacf075bec74f24154c13f8b858ed38fda7ac6bc968a599d96bf7ea128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48376
x-xss-protection: 0
server: cafe
etag: 377241145516066931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Jun 2021 18:43:59 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
nex-software.com/template/css/ 19 KB
19 KB 29ms
17ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ro.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18956
cf-request-id: 0aad6f82a500002bcebe89d000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4a0c-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X9D9FGkPRdqgOY06DjjZw8EdVQLm5EiQcFxh158holmxDf1kx9wJCxfOasLCs5t5j%2F%2BcbiemTqDXNydN056MeQaG1Rt7K2WgZnhVF3C7%2FDjQcxygFMYDqure5v%2F3AJWMKoubUgmwQdhyEg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5176acf2bce-FRA

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
nex-software.com/template/css/ 18 KB
19 KB 52ms
40ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ro.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18684
cf-request-id: 0aad6f82a400002bcefb075000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "48fc-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dNHQAjYfcc6X6Zhk0rzGWrRi2V7pmQMdiRSQSauxKjIiv0g7BouCCsyFpIjOA74QQwz2PMBLc5%2FaU1UiSzkbDarbBIOcZMVoVI2neFlPaHPxN9F5eCL7qFvisHlPBJbE9I0NG5zeHDaTtA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5176ace2bce-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
nex-software.com/template/css/ 18 KB
19 KB 46ms
36ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ro.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18728
cf-request-id: 0aad6f82a400002bce9a1e4000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4928-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EoAz2p84UfRxOzAtWYGdWKoWAom0RmlOv%2B3lbeZE%2FfJg3s%2BFRqDelLRHtX7h5zso%2FBJt1DYaKVu27KfxWJzYpwBqpEq4%2FGpwPAw27kGuHDCnJyxRLWDOq4HPLnvwwSaqVyWLwl0YHy9r0w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5176ac82bce-FRA

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
nex-software.com/template/css/ 16 KB
17 KB 17ms
17ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f45e5cd76136dc8eb7eff15c965ccf53ee4bf2ccd4c65a46952999d041852d37

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ro.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16704
cf-request-id: 0aad6f82ab00002bcec1097000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4140-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eWYq9eGZjm%2Fcf%2FpznV8Y6Acolc%2FfdMg8nsrs%2FYaubV23mDNt41Tmye%2B6wDJXMAtWSKZk44zQFmdnX4TBZeXxKwbdoh0WvacW0gAUgTb8JeVMtbUsbT%2F4uOPw8xLMBaTzVAupgpWaSJC0bA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5177ae02bce-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gfD_u50.woff2
nex-software.com/template/css/ 16 KB
17 KB 24ms
24ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gfD_u50.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b7d25f3dbd09043e72e757fa4ecdf21fe65fd5952429f82a2f80aeade8fc45

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ro.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16716
cf-request-id: 0aad6f82c000002bce1eabf000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "414c-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4sD2VDLQGxb%2F1OylgWYI9Q1B6v2AaedMPEM%2FTUsfrfywQPdemcbz0FrKNBY87%2BXLS62cTUFe3w5NV2VjE2d9vTIUXFSbtHq%2BdMyN%2B6IEoUgBzVZF3OXyvZXFlG%2FSkn8S%2B3a7NGuYGfDyag%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5179b322bce-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2
nex-software.com/template/css/ 16 KB
17 KB 23ms
23ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413bb874e80e8d2c8520a472d14690d81ce01cee8196cc1e30991d41cb5b70be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ro.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5715
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16528
cf-request-id: 0aad6f82c000002bced91c6000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4090-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g49toz6R0teUNTiv1iWRR7fp8ZnJMK%2Fyh8F%2Frz8R0nxRgvJD5DQwetbrmVGyM1aJYpgkU0%2ByB2ShcnURsXua3vGjv4gyFXLVJMi9GTBAqDxwLM0U2gxQujj%2F7zP5NmAuuQS7ENa6gPvZ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65f5b5179b362bce-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ro.nex-software.com/cum-se-elimina-virusul-csrse;0.4215731233049069
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ro.nex-software.com/cum-se-elimina-virusul-csrse;0.4215731233049069

43 B
528 B

62ms
62ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ro.nex-software.com/cum-se-elimina-virusul-csrse;0.4215731233049069

Requested by

Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 18:43:59 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 18:43:59 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ro.nex-software.com/cum-se-elimina-virusul-csrse;0.4215731233049069
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 13 Jun 2020 21:00:00 GMT

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
777 B 73ms
27ms Script
text/javascript 2600:9000:206e:9400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:52 GMT
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
age: 28
etag: "8f8c95d8315dedb8a7c82f24235b706f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 434
x-amz-cf-id: xuO2omizPgnxo_gW4k7m_IUyB1_PYrDfhAl_jVKE0Q9G1aih8dDaew==

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 98ms
29ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8e721fdaed85657fea7e22eff33717764bbdd7249181ed3184a6eb3215f14d15

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 14 Jun 2021 18:43:59 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 95ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

023ab883637b19577d1a80c3742ffe15001d7657582b5cc376972472a8ba432d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "903 / 942 of 1000 / last-modified: 1623689565"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21452
x-xss-protection: 0
expires: Mon, 14 Jun 2021 18:43:59 GMT

GET
H2 200 prebid4.19.0.js Show response
get.optad360.io/sf/ 410 KB
411 KB 9ms
8ms Script
application/javascript 2600:9000:21f3:e600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.19.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:04:22 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Thu, 17 Dec 2020 09:52:06 GMT
server: AmazonS3
age: 182378
etag: "08b0612ac0c68ebf519b28323f4e2aa2"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 420147
x-amz-cf-id: 9TjIUSsr7djSCYm6ttZGXuGwotaGSZ3LM4DUgKstGcxvt3Zr5N02eA==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame AAAD 10 KB
5 KB 27ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ro.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: https://ro.nex-software.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 14 Jun 2021 17:09:07 GMT
expires: Mon, 28 Jun 2021 17:09:07 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 5692
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 82ms
26ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 14 Jun 2021 19:43:59 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame A267 2 KB
1 KB 31ms
7ms Document
text/html 2600:9000:214f:5200:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ro.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: https://ro.nex-software.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Mon, 14 Jun 2021 18:25:19 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: e_YrbgonWpHxhN866Q9fmj73SI0icOJ_W--Go19vRFj55ZxCxrq6Ag==
age: 1120

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 157 B
403 B 397ms
104ms Script
text/javascript 3.209.191.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.191.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-191-86.compute-1.amazonaws.com
Software: / Express
Resource Hash: d8742dcfe74638bdd7d4bcfb66a5716853d63e734f08edc877d7b4887f5cd854

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 18:43:59 GMT
Cache-Control: public, max-age=900
ETag: 5634feaa0cbcfa2149eded00cf80581f
Connection: keep-alive
X-Powered-By: Express
Content-Length: 157
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
680 B 64ms
21ms Image
image/svg+xml 2600:9000:211a:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 May 2021 02:42:02 GMT
via: 1.1 2acbf12c17a7f7f2ed99463cb4024587.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2476918
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 301
x-amz-cf-id: 9xXN2RD9wX9fnbjhpRvyx6XUz7w6nfU2yajxj-p7yNdujGLhSlA6eQ==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 65ms
21ms Image
image/svg+xml 2600:9000:211a:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 09:16:00 GMT
via: 1.1 2acbf12c17a7f7f2ed99463cb4024587.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2366880
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 731
x-amz-cf-id: Vnoyh7Fhey2zuXojK1jjzQTZ3YgiQM9L8i-_LpfIUZDUN3LSWfR1Ew==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 65ms
21ms Image
image/svg+xml 2600:9000:211a:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 May 2021 16:02:42 GMT
via: 1.1 2acbf12c17a7f7f2ed99463cb4024587.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2428878
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 771
x-amz-cf-id: ovHPLhZHQCv26_2_DejSWyKBw6BiVu0LzvT4eQsAkymesD0jsdZTpw==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
722 B 64ms
21ms Image
image/svg+xml 2600:9000:211a:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Jun 2021 00:33:37 GMT
via: 1.1 2acbf12c17a7f7f2ed99463cb4024587.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 324623
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 343
x-amz-cf-id: Ptpaw4gHU_TLQiSVFDDbrcri3fvGosVTfh83bruFxSnY5XYFH2Gy3w==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
892 B 65ms
21ms Image
image/svg+xml 2600:9000:211a:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: ro.nex-software.com
URL: https://ro.nex-software.com/cum-se-elimina-virusul-csrse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 16 May 2021 20:31:22 GMT
via: 1.1 2acbf12c17a7f7f2ed99463cb4024587.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2499158
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 514
x-amz-cf-id: GlhHJm26RirXRNV4qvq0hfLXfw8SSnvjTkhnL9Y1hvVL0Qy-la7X2A==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 32ms
15ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210614

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215597fac80c958e6651b9d926352b0c673f38917adbdc344d0c0b98d5bb980a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13358
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aad6f843800004dd6c4a28000000001
x-served-by: cache-fra19131-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"69b-NUMJCHxpn3wILHjTRRcDiOQRV/Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 65f5b519fc8f4dd6-FRA

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 63ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 18:43:59 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
341 B 99ms
25ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=ro.nex-software.com&location=%2Fcum-se-elimina-virusul-csrse&product=unknown&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Cum%20se%20elimin%C4%83%20virusul%20csrse&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&bsamesite=true&consent_cookie_duration=184&consent_duration=184&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Majoritatea%20programelor%20antivirus%20identific%C4%83%20csrse.exe%20drept%20malware%20-%20de%20exemplu%20Kaspersky%20%C3%AEl%20identific%C4%83%20ca%20Trojan.Win32.Scar.dreo%20%2C%20iar%20McAfee%20%C3%AEl%20identific%C4%83%20ca%20peruca%20Generic.dx!%20Fi%C8%99ierul%20csrse.exe%20este%20o%20component%C4%83%20software%20a%20Backdoor.Hesive%20.%20Backdoor.Hesive%20este%20un%20troian%20care%20este%20adesea%20declan%C8%99at%20de%20Backdoor.Hesive.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 18:43:59 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ro.nex-software.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
853 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ro.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ro.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 18:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 150ms
149ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=338371067275218&correlator=3677593999412700&output=ldjh&impl=fif&eid=31061300&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=121764058%2Cnex-software.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623696239&dt=1623696239858&dlt=1623696239045&idt=783&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=282205813&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=796119999.1623696240&ga_sid=1623696240&ga_hid=2118309637&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

b3ff4434104b7224600e4969dfd7080b5efc2cf12ca92eddb59a1f1a06b37448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ro.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1e2b81fb62ce0c7eed3401e10607c5bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1e2b81fb62ce0c7eed3401e10607c5bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
268 B 231ms
229ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=338371067275218&correlator=3677593999412700&output=ldjh&impl=fif&eid=31061300&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=121764058%2Cnex-software.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1623696239&dt=1623696239862&dlt=1623696239045&idt=783&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=416&adks=724758398&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=796119999.1623696240&ga_sid=1623696240&ga_hid=2118309637&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2998c01a9a4269ba8726049c65ce48d74bdc72462755d0106f2d18dee5a775fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ro.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
260 B 581ms
580ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=338371067275218&correlator=3677593999412700&output=ldjh&impl=fif&eid=31061300&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=121764058%2Cnex-software.com_am_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1623696239&dt=1623696239869&dlt=1623696239045&idt=783&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=962&adks=2080076628&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=796119999.1623696240&ga_sid=1623696240&ga_hid=2118309637&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

60e77a6146f25ec29237afb917f003561cd58d109936ceab96fd589bdaaeb4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ro.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
267 B 409ms
408ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=338371067275218&correlator=3677593999412700&output=ldjh&impl=fif&eid=31061300&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=121764058%2Cnex-software.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623696239&dt=1623696239875&dlt=1623696239045&idt=783&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=214&adks=2353773091&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=796119999.1623696240&ga_sid=1623696240&ga_hid=2118309637&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2890f88e551fcac13deb94375a8f1a6d94259e7a0bcfd43921b1b284aec24267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ro.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
262 B 493ms
491ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=338371067275218&correlator=3677593999412700&output=ldjh&impl=fif&eid=31061300&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=121764058%2Cnex-software.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1623696239&dt=1623696239877&dlt=1623696239045&idt=783&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=1082&adks=861264186&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=796119999.1623696240&ga_sid=1623696240&ga_hid=2118309637&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

b723ddc0f40440f3d901323d0d2b3465d6765c340628362a240eff2768813364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ro.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
263 B 313ms
312ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=338371067275218&correlator=3677593999412700&output=ldjh&impl=fif&eid=31061300&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=121764058%2Cnex-software.com_adi_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1623696239&dt=1623696239878&dlt=1623696239045&idt=783&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=266&adks=271838437&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fro.nex-software.com%2Fcum-se-elimina-virusul-csrse&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=796119999.1623696240&ga_sid=1623696240&ga_hid=2118309637&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8081c72daaa3da836e00e62bf5ab411869584f1984ab56e8c2354c32d1857051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ro.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

957018816d81a177da720d253f790598633b7a972b66bce17bb40e70225eacf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7814
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 18:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 18:44:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 495B 12 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ro.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: https://ro.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 18:43:59 GMT
expires: Tue, 14 Jun 2022 18:43:59 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7424 783 B
1012 B 37ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa10b741e3ed803e07c9ce6428b4252c9ce24f46a3e52234e08a2abb23215eac

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-9dtHVul3jL4b5/glyJmiiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ro.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: https://ro.nex-software.com/

Response headers

expires: Mon, 14 Jun 2021 18:44:00 GMT
date: Mon, 14 Jun 2021 18:44:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-9dtHVul3jL4b5/glyJmiiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 495B 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 15:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 15:04:44 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=338371067275218&bg=!sLOls_fNAAY6sG-_OrA7ACkAdvg8Wpa0cQaXLpHg3b_9gnmFwPYT7LYhO2KBN-WvHG0fClW6Xfj3VQIAAABIUgAAAApoAQcKAQ37_gSYucg16JT0DncPTc242PSP6Ugntz4nzIgjyZjLkeAKyX-mNwj1LceeDyLc7I8Ugk6SjpgVhctTgWzy1Ad97fIRpMT93mREokQmjIVQt44uLGk_EwUEZLzOnU_jTmvZzlwN7ThemcODsvLqBgm00qLOPlvMcBpqTigiUfN4NIzR2yjLN3EY2XGqhoCwaKgDCEqGGAEUg7amFtE4NIFtMIizrvUVkDUOC6O9y-gs6fILVxpGcpe2nRzN3WQO_IuHi7Sq0FD-aK3fPjGdrKv5u2ErhSvnXPqTBIWstQwp9K5jFh5t514Ybxq8eCq3C79YpabqqSwQ9BzQmbrz0t9hRVL21BueRIeZ6RFOq5kCaNyNNToOQTmpXriMe-ntc8sGp6FxGlxYv_PwMeZkP71YQu11Bp2NSVVmgYEpAdcairDXF5b3ajvM47qSNCm3YEXWp-Rl98XM05zxF29ZBEd1uwuEReJOQcdYROr3HdRP3VhXMi3pZrgmDFuTKXLQBytt8CKTnzpkCYlfeLXFYYDSzntTIIW2Udm4wDP6aSxMiyWOhxSxv6yjC2liXlz8kTFh26rn65NxaqGOKG_XuNNf-tn4NbmHHKk7tD5ohxljJzJfePdLiRMJ6P8i5BNaUmhtI9R-dutA0Hy0guG8UOXNPFBLYjmGNuKJ330RQOahijx1vV_IrxydnHtrqAkQZNx3m5JeBN-NqHNwlayk8rFpaPm7vzmhI9ddeRM9CYcp8CGgG27EpjXKxTa3YLnd8v5OamRNf7sPHf00voxSHMQIKQNpchbqtjvQH_WdpjIiDGAzYH1f3rkvrDvqFpHD_lmW8MhnLgnHDDt6aw3_CYd0NKu0KL2hFb_FFb63grTaBVHZV-ln4DkGXJyNunlZplcvCoSapU3MHfuwAjgdcg5cfiAOzqUIZ-O37dHQco6vh9rk_TmkwoilYDAMNi769p1Nb21BWDOeHT-_VTxUOnscIzQxptdCyzOCBtBAjOwMlAMa-d2Dg_0FdBSKF6yY7-jC1W_uT6Ffkw5enjAbFWqMhYIOdeYJ0FuCz-SD3gTlQhRHGjwqONvhzF7sAKQ5NZg8kgEp5gUKuTsCAfOKKhPgLLkVpfxv3zY6ORqX2Gw98EyzfY9rf7wHnptxzasSZXBkpmEXAgTGApaH6Vic1_t5runb5mB4eNA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ro.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 18:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ro.nex-software.com/	1969-12-31 23:59:59	Name: st_shares_https://ro.nex-software.com/cum-se-elimina-virusul-csrse Value: [object Object]

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	log	URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js(Line 2) Message: zxnt->domain abuse ->no ads
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.4
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e2b81fb62ce0c7eed3401e10607c5bc.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdn.zx-adnet.com
count-server.sharethis.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
get.optad360.io
googleads.g.doubleclick.net
js.wpushsdk.com
l.sharethis.com
load5.biz
na.nawpush.com
nex-software.com
pagead2.googlesyndication.com
pic.nex-software.com
platform-api.sharethis.com
platform-cdn.sharethis.com
ro.nex-software.com
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
tpc.googlesyndication.com
www.google.com
151.101.1.195
172.217.23.98
18.196.233.38
185.177.94.108
205.185.216.42
213.174.135.24
213.174.135.25
2600:9000:206e:9400:c:abe:f440:93a1
2600:9000:211a:4600:1c:8a07:5e80:93a1
2600:9000:211a:4800:1d:85c3:6640:93a1
2600:9000:214f:5200:c:a9b7:ddc0:93a1
2600:9000:21f3:e600:11:a4de:2580:93a1
2606:4700:3032::6815:4aa6
2606:4700::6810:5914
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
3.209.191.86
46.4.91.20
52.29.0.64
88.212.201.210
023ab883637b19577d1a80c3742ffe15001d7657582b5cc376972472a8ba432d
175fd80f9a67ccab1b12b86117dbe11e213e53083bf30f27f6d9654e97d9c027
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
215597fac80c958e6651b9d926352b0c673f38917adbdc344d0c0b98d5bb980a
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
2890f88e551fcac13deb94375a8f1a6d94259e7a0bcfd43921b1b284aec24267
2998c01a9a4269ba8726049c65ce48d74bdc72462755d0106f2d18dee5a775fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
398f847e21cc0c2fb2ed6decf4edffe1d89d68426a1866562e880a121c75828c
3a05974ec037c8c1ceae41b707a7e00f7338ba017819254cc9e1ecfb2fa1bd63
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3f39cd2826daf1ff6d1037c121999a522e25fbd5cd2486c5d2aa01909c205b77
413bb874e80e8d2c8520a472d14690d81ce01cee8196cc1e30991d41cb5b70be
43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
54b7d25f3dbd09043e72e757fa4ecdf21fe65fd5952429f82a2f80aeade8fc45
565c2deacf075bec74f24154c13f8b858ed38fda7ac6bc968a599d96bf7ea128
56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f
59102e0b6d79bae3539563aa8d730418e6383edc9d7f0189983654ae997c6cbc
59e7f6927cfcf630cd9a95713e047f3e855328fb82d685ea92b18ea3a191a62a
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
60e77a6146f25ec29237afb917f003561cd58d109936ceab96fd589bdaaeb4bd
715f22da06e1492dcb549d67b8de8bafb0fd0cb9bb06b95444ffbc2b1cb44b79
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
79de87273a72a5da8933a924e6e62dda692dc668fd1aaeda62284f3712dbb7f0
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
8081c72daaa3da836e00e62bf5ab411869584f1984ab56e8c2354c32d1857051
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
865f056fdae3b0fc51c3b1aa51bc8829d7d000f8e44d968d5f7d6af29cc5588f
8e721fdaed85657fea7e22eff33717764bbdd7249181ed3184a6eb3215f14d15
900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10
957018816d81a177da720d253f790598633b7a972b66bce17bb40e70225eacf7
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
a37e17ebb5f45bda9a532244d4b3d390805f1fefe44a728a85641e2a78c82fe2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bc0a07f98ec22855d4e4deaad8bbdecf0e60c50fd689057c82aecf3857ba4e
a9fafdc569221783efbec594b1bb1a016e7f0a8e1bbe74336602d62034a81d6e
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad7d06b3df0dfa9cdbb8d7829b8919e8446e4540d930421f21822fca0381b900
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40
b106cb50bbfe848f073a4bb16e3769c20b18cfccf9eb4f2e36e2c8a9ec246703
b3ff4434104b7224600e4969dfd7080b5efc2cf12ca92eddb59a1f1a06b37448
b723ddc0f40440f3d901323d0d2b3465d6765c340628362a240eff2768813364
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c5250ca7096fee4a0537971c9297099f855eb5eee06577aa837da1b92be96604
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6
d8742dcfe74638bdd7d4bcfb66a5716853d63e734f08edc877d7b4887f5cd854
dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
e879f58b1f83617af8bf8b7d1c22caedb1cfda8659afc267b715ead50f211b6e
ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f45e5cd76136dc8eb7eff15c965ccf53ee4bf2ccd4c65a46952999d041852d37
f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c
fa10b741e3ed803e07c9ce6428b4252c9ce24f46a3e52234e08a2abb23215eac
fba347e542d0b874f9e09b710bb5a473f16a8dba2d5b6fa57faff2a507c4c559
ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

ro.nex-software.com Open in urlscan Pro 2606:4700:3032::6815:4aa6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

54 %IPv6

16 Domains

27 Subdomains

24 IPs

4 Countries

1980 kBTransfer

3017 kBSize

1 Cookies

35 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ro.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

54 %
IPv6

16
Domains

27
Subdomains

24
IPs

4
Countries

1980 kB
Transfer

3017 kB
Size

1
Cookies

71 HTTP transactions
1 data transactions