ja.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.nex-software.com/what-is-nsd-exe
Submission Tags: falconsandbox
Submission: On April 17 via api (April 17th 2021, 7:37:07 pm UTC) from US

Summary HTTP 129 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 27 domains to perform 129 HTTP transactions. The main IP is 2606:4700:3032::6815:4aa6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.nex-software.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2020. Valid for: a year.

This is the only time ja.nex-software.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3032::6815:4aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.198.248.63 143.198.248.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:206... 2600:9000:206f:2c00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:800:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3034::ac43:cc49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:202... 2600:9000:2021:8a00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:202... 2600:9000:2021:3600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	3.122.26.231 3.122.26.231	16509 (AMAZON-02) (AMAZON-02)
1	3.213.224.136 3.213.224.136	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:202... 2600:9000:2021:7e00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 7	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
2 2	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
129	38

21 2606:4700:3032::6815:4aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.63 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:2c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:800:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3034::ac43:cc49 (United States)

ASN13335 (CLOUDFLARENET, US)

nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sw.swwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2021:8a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2021:3600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.26.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.224.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-224-136.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2021:7e00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.108.145.8 (Berlin, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.85.162 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	122 KB
27	nex-software.com ja.nex-software.com nex-software.com pic.nex-software.com	1 MB
20	doubleclick.net 4 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	178 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	177 KB
9	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com	38 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com	6 KB
6	2mdn.net s0.2mdn.net	183 KB
3	googletagservices.com www.googletagservices.com	100 KB
3	zx-adnet.com cdn.zx-adnet.com	20 KB
2	o2online.de 1 redirects partner.o2online.de portal.o2online.de	2 KB
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	1 KB
2	telefonica-partner.de 2 redirects www.telefonica-partner.de	550 B
2	gstatic.com fonts.gstatic.com	31 KB
2	google.com adservice.google.com www.google.com	553 B
2	consensu.org stat.optad360.mgr.consensu.org c.sharethis.mgr.consensu.org	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	optad360.io get.optad360.io	202 KB
1	awin1.com www.awin1.com	704 B
1	googleapis.com fonts.googleapis.com	686 B
1	ad4mat.net ad4mat.net	1 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	swwpush.com sw.swwpush.com	3 KB
1	nawpush.com na.nawpush.com	352 B
1	cstwpush.com cst.cstwpush.com	40 KB
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz	20 KB
129	27

	Domain	Requested by
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	pic.nex-software.com	ja.nex-software.com
12	nex-software.com	ja.nex-software.com nex-software.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	s0.2mdn.net	ja.nex-software.com s0.2mdn.net
6	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	ad4m.at	db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com ad4m.at
5	platform-cdn.sharethis.com	ja.nex-software.com
4	googleads.g.doubleclick.net	db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com ja.nex-software.com
3	www.googletagservices.com	securepubads.g.doubleclick.net db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
3	db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cdn.zx-adnet.com	ja.nex-software.com cdn.zx-adnet.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	as.ad4m.at	ad4m.at as.ad4m.at
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	ja.nex-software.com
2	counter.yadro.ru	1 redirects ja.nex-software.com
2	get.optad360.io	ja.nex-software.com get.optad360.io
1	ade.googlesyndication.com
1	portal.o2online.de	as.ad4m.at
1	partner.o2online.de	1 redirects
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	fonts.googleapis.com	s0.2mdn.net
1	ad4mat.net	ad4m.at
1	www.google.com	db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	l.sharethis.com	platform-api.sharethis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	sw.swwpush.com	cst.wpu.sh
1	na.nawpush.com	cst.wpu.sh
1	platform-api.sharethis.com	ja.nex-software.com
1	cst.cstwpush.com	ja.nex-software.com
1	cst.wpu.sh	1 redirects
1	load5.biz	ja.nex-software.com
1	ja.nex-software.com
129	45

This site contains links to these domains. Also see Links.

Domain
nex-software.com
de.nex-software.com
it.nex-software.com
fr.nex-software.com
ro.nex-software.com
pt.nex-software.com
sv.nex-software.com
no.nex-software.com
nl.nex-software.com
da.nex-software.com
bg.nex-software.com
lt.nex-software.com
lv.nex-software.com
pl.nex-software.com
et.nex-software.com
fi.nex-software.com
hu.nex-software.com
sk.nex-software.com
sl.nex-software.com
uk.nex-software.com
ru.nex-software.com
hr.nex-software.com
cs.nex-software.com
vi.nex-software.com
tr.nex-software.com
th.nex-software.com
id.nex-software.com
hi.nex-software.com
sr.nex-software.com
ms.nex-software.com
ko.nex-software.com
el.nex-software.com
ar.nex-software.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-11` - `2021-06-11`	a year	crt.sh
load4.biz R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
www.cevision.tech GTS CA 1D2	`2021-03-21` - `2021-06-19`	3 months	crt.sh
cstwpush.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
na.nawpush.com R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
sw.swwpush.com R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
stat.optad360.mgr.consensu.org R3	`2021-02-27` - `2021-05-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ja.nex-software.com/what-is-nsd-exe
Frame ID: C09F95292768ABAC5C3111FB6312F1DC
Requests: 64 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: ED0E448BA500DA179B6F83514144E117
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 613E0898DE508D8A05845000BBB66933
Requests: 2 HTTP requests in this frame

Frame: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D0F42AA816E1CF8AF978086B5FC837F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYt5H8gwEwAQ&v=APEucNURL5_rfCNUS05uMdRPVq6l-yqUTjvURP5eAnWlGw0KIOKkTFnkILQOwoOc6Yx4--sFPOLhcNwLAVr52AGJsTguLoIIi0qWge0Zz7_fpEpJQ8l3KIFijdVPlBfp6mnNpGzPe-3T01XT8QGi9dQ7tUHdU4BxUJto0bhkX83mvl26h_3KpY3CMisPmeavQOk_06bDvKa4zjTQOHxCNmZfso0Tzf6Q_dsp0ZkVBldIrOxIEjQmFzY
Frame ID: 0127551489A9544ED934177471B566F6
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0D816957DED5D15F564C0D11D7D79E9
Requests: 3 HTTP requests in this frame

Frame: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 170B493201C35AE9D52F0111345F0B08
Requests: 16 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D2C88902BFE991B4F9BAD633A21285E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY-OnynQEwAQ&v=APEucNW8NNP0FvTEMzTGFVr1Z_9F6CsuP-wAgASWMvmJZmUmB4D5tjCFkWlCGH8rSi5MjD7UbrI3ID0n14LgcMiIw3Wy1Mqqm0ZgX1FYWdufb_M6fZTJfOusXhKgUIn_lRWMSOT8DHu8IPpZ8OsyTGvZD9hu7Pl3kFxioZWHGG-W_Ys-upNV2aJA-YjAjsykYUVcOZIPqrrFW9ODq_oIm9XnML-UdnvUnrIl_B0nd37BX0rnwGbRJNc
Frame ID: AB2A452E293C32A5550187B864F14ECB
Requests: 4 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 107BAD56DA69EB4FF1BC1B1F73B9FF8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A78E8325B1E10FE64580217912225190
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6444309/1616160911840/index.html
Frame ID: 2E8E849C2387C3CDD81CA08256AA02E9
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Frame ID: 2FF08651B7ADF71F62649AE8B8126376
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

129
Requests

100 %
HTTPS

53 %
IPv6

27
Domains

45
Subdomains

38
IPs

4
Countries

2154 kB
Transfer

4034 kB
Size

3
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://nex-software.com/download/reimage
Title: Windowsのエラーと最適化システムのパフォーマンスを修正するにはここをクリック

Search URL Search Domain Scan URL

URL: https://nex-software.com/que-es-nsdexe

Search URL Search Domain Scan URL

URL: https://de.nex-software.com/was-ist-nsdexe

Search URL Search Domain Scan URL

URL: https://it.nex-software.com/che-cos39e-nsdexe

Search URL Search Domain Scan URL

URL: https://fr.nex-software.com/qu39est-ce-que-nsdexe

Search URL Search Domain Scan URL

URL: https://ro.nex-software.com/ce-este-nsdexe

Search URL Search Domain Scan URL

URL: https://pt.nex-software.com/o-que-e-um-arquivo-nsdexe

Search URL Search Domain Scan URL

URL: https://sv.nex-software.com/vad-ar-nsdexe

Search URL Search Domain Scan URL

URL: https://no.nex-software.com/hva-er-nsdexe

Search URL Search Domain Scan URL

URL: https://nl.nex-software.com/wat-een-nsdexe-bestand

Search URL Search Domain Scan URL

URL: https://da.nex-software.com/hvad-er-nsdexe

Search URL Search Domain Scan URL

URL: https://bg.nex-software.com/kakvo-e-nsdexe

Search URL Search Domain Scan URL

URL: https://lt.nex-software.com/kas-yra-nsdexe

Search URL Search Domain Scan URL

URL: https://lv.nex-software.com/kas-ir-nsdexe

Search URL Search Domain Scan URL

URL: https://pl.nex-software.com/co-jest-nsdexe

Search URL Search Domain Scan URL

URL: https://et.nex-software.com/mis-nsdexe

Search URL Search Domain Scan URL

URL: https://fi.nex-software.com/mika-nsdexe

Search URL Search Domain Scan URL

URL: https://hu.nex-software.com/mi-az-nsdexe

Search URL Search Domain Scan URL

URL: https://sk.nex-software.com/co-je-nsdexe

Search URL Search Domain Scan URL

URL: https://sl.nex-software.com/kaj-je-nsdexe

Search URL Search Domain Scan URL

URL: https://uk.nex-software.com/sho-take-nsdexe

Search URL Search Domain Scan URL

URL: https://ru.nex-software.com/chto-takoe-nsdexe

Search URL Search Domain Scan URL

URL: https://hr.nex-software.com/sto-je-nsdexe

Search URL Search Domain Scan URL

URL: https://cs.nex-software.com/co-je-nsdexe

Search URL Search Domain Scan URL

URL: https://vi.nex-software.com/nsdexe-la-gi

Search URL Search Domain Scan URL

URL: https://tr.nex-software.com/nsdexe-dosyasi-nedir

Search URL Search Domain Scan URL

URL: https://th.nex-software.com/what-is-nsd-exe

Search URL Search Domain Scan URL

URL: https://id.nex-software.com/apa-itu-nsdexe

Search URL Search Domain Scan URL

URL: https://hi.nex-software.com/what-is-nsd-exe

Search URL Search Domain Scan URL

URL: https://sr.nex-software.com/shta-je-nsdeke

Search URL Search Domain Scan URL

URL: https://ms.nex-software.com/apakah-nsdexe

Search URL Search Domain Scan URL

URL: https://ko.nex-software.com/what-is-nsd-exe

Search URL Search Domain Scan URL

URL: https://el.nex-software.com/ti-einai-nsdexe

Search URL Search Domain Scan URL

URL: https://ar.nex-software.com/ma-ho-nsdexe

Search URL Search Domain Scan URL

URL: https://ar.nex-software.com/
Title: ja.nex-software.com - 2021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 34

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-nsd-exe;0.035097331676095855 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-nsd-exe;0.035097331676095855

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1

Request Chain 78

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs40y4dAGmJYH.4O46K8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs40y4dAGmJYH.4O46K8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2

Request Chain 122

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021041721365248573038599X117663V1225131106MSoneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021041721365248573038599X117663V1225131106MSoneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117663

Request Chain 125

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021041721365248573038601X117679V1226132702MSoneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&spid=2021041721365248573038601X117679V1226132702MSoneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021041721365248573038601X117679V1226132702MSoneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117679

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request what-is-nsd-exe Show response
ja.nex-software.com/ 39 KB
7 KB 123ms
82ms Document
text/html 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5270a1db02455ae4e985beaf7a34531545d9d00cf9d964be1fcad031615318e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ja.nex-software.com
:scheme: https
:path: /what-is-nsd-exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6aab452af9e99273ab74f2cc21e50bd91618688210; expires=Mon, 17-May-21 19:36:50 GMT; path=/; domain=.nex-software.com; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0982ef0cad00004a7afc937000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=snk4JrsRM3binNjnYAU5FbmjzH2jxfi3hHJC%2BUL6HjfeUwCnxtIf1PbKerx2CWXJF%2BasbZhkQKkeyP5bbU8Eh0aAwvFpuzkoJhl4LVL5NWjTookB4DpqPZuE1slgDCgP"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64181ac11da14a7a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 20 KB
20 KB 81ms
23ms Script
application/javascript 143.198.248.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7baed6c8e3c0afc5d4a2c21e38953f4e632f9fb05bf5092b5e0a791bad46cdca

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Apr 2021 19:36:50 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 css.css
nex-software.com/template/css/ 6 KB
837 B 30ms
19ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/css.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d1200004a7a6f396000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"180a-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sf5MPjanF5wpKPhEfkK0zYs1yARlDC5J6XLzyrb5SW4PK5vILS0yD%2FQT2d%2FdcYKL6cE1oJBknZv69Gw9Y3%2FsKftjlAcMbonUen%2FprJW2mjYzWUX%2FYTo5TliQjKQk"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1bf254a7a-FRA

GET
H2 200 bootstrap.min.css
nex-software.com/template/css/ 132 KB
18 KB 38ms
28ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/bootstrap.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d1100004a7a373d4000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211f6-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UmlAv5ViPR%2FdzAwEABlrlCSbQTQ3Sxz%2BeQ6rxrjckEx6acJNgRQcNFCFMBqusHJRdEDtbvyPvdivCOT5B1yfmKt6K47pCIiMJMkKU4Wuk7Yba8Nuz52kBPitg76C"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1bf244a7a-FRA

GET
H2 200 jquery.bxslider.css
nex-software.com/template/css/ 3 KB
1 KB 28ms
18ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/jquery.bxslider.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d1100004a7a380e3000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dfd-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mhsaESgHKJD72W2EWftvaVvg4KE46bQfbGA0AEX942VDLu8FYQa%2F%2BrRd8V7GWByiUXcOyE7XvZEOpCpq%2BZEJkYl6g1TXmE7j9A9b2OlbRN%2BTZ6cE7z7ebASRgqUX"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1bf204a7a-FRA

GET
H2 200 style.min.css
nex-software.com/template/css/ 30 KB
5 KB 28ms
18ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/style.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d1100004a7a69851000000001
last-modified: Thu, 25 Feb 2021 19:47:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7999-5bc2e6d21c340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LrRgtIeQrSFk91IuF1nLFwE8qVIv3rh2d8EN1MOaxaw6SV4qxlc5JiNU8%2BXQUQypiDp8oQnoHzgKG5qFG1ov%2Frr%2BSlyg3PyEE8pBoiMqaWTcFvdMzmtMSXYgCu8T"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1bf1d4a7a-FRA

GET
H2 200 lang.min.css
nex-software.com/template/css/ 30 KB
20 KB 27ms
17ms Stylesheet
text/css 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/lang.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d1100004a7a230ae000000001
last-modified: Mon, 24 Feb 2020 17:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"76b8-59f556d479e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxpbA24N1z%2FfTh8zxyR8mWYPLLi6bNs7ulOWU%2FMrl26i%2FCO4SCSH4mLznaW5j%2BeDzu%2F3%2BzgxFEv7hSVQfKDz4m8Kvpd53%2ByBFT%2BV1FaeRaCPChjmQ15Ifw05kc2T"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1bf224a7a-FRA

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 47ms
12ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

869a22e82111ba0c1bd9a0dc3024ae66b0f0c675312a94109133f2a645efef8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 22 Mar 2021 12:57:52 GMT
x-timer: S1618688210.224167,VS0,VE1
etag: "58bdb5e5c645560c69a4932a876ee11b25f26785891b84d17b6391df2cb719f7-br"
x-served-by: cache-hhn4023-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sat, 17 Apr 2021 19:36:50 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19590
x-cache-hits: 1

GET
H/1.1

200
OK

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

39 KB
40 KB

33ms
7ms

Script
text/plain

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1759c7be725e88d3b517a94fa444f083fc24cc92e961c1f2d3ce4c8af1787fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 19:36:50 GMT
Connection: Keep-Alive
Last-Modified: Fri, 05 Feb 2021 10:57:06 GMT
x-amz-meta-s3cmd-attrs: atime:1612522612/ctime:1612522612/gid:0/gname:root/md5:0a25a7f5a397ade1149c4bf41f8ab35d/mode:33188/mtime:1612522398/uid:0/uname:root
x-amz-request-id: tx0000000000000691c7a36-00607b3608-bee2558-fra1a
ETag: "0a25a7f5a397ade1149c4bf41f8ab35d"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1618688210.dop206.fr8.t,1618688210.cds258.fr8.shn,1618688210.cds258.fr8.c
Content-Type: text/plain
X-Amz-Storage-Class: STANDARD
Cache-Control: max-age=2886
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 39828

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Sat, 17 Apr 2021 19:36:50 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/ 271 KB
73 KB 49ms
11ms Script
application/javascript 2600:9000:206f:2c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:25:53 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 08:39:38 GMT
server: AmazonS3
age: 658
etag: W/"17e80f6c6feec0780f80abd32f10552b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: RWNrInml-m3EctYeGb48I5u-jlgfFAwVGPH69gXlQsvVQwZ8uhWycg==

GET
H2 200 what-is-nsd-exe.jpg
pic.nex-software.com/img/process-information/374/ 97 KB
98 KB 68ms
53ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/374/what-is-nsd-exe.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

316a653b533df827d2296f579f9540e4e9a3c82abab72d7c8ea4542794290d44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99665
cf-request-id: 0982ef0d1c00004a7a373d5000000001
last-modified: Sun, 09 Feb 2020 22:10:58 GMT
server: cloudflare
etag: "18551-59e2be5b24080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V%2FaT4U6KJiLaTawbgDDBp1ANZBhOR7PSQunu%2B7DaEfP0nSsRr1tDYMz6eTavuJLYtsfj6YbCZgY%2FFB1%2FjUv1YiTW2JfBAcAlSWZv9Fz1uM%2FB8qgvMgw5XluHjaJDLIOpbA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac1cf424a7a-FRA

GET
H2 200 what-is-windowslive-exe-min.jpg
pic.nex-software.com/img/process-information/1906/ 14 KB
14 KB 60ms
46ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1906/what-is-windowslive-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b4ad52d9e9b337152ac5a1b788b7e60f428121e5856687533dcd7778d3a07d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14223
cf-request-id: 0982ef0d1900004a7a65118000000001
last-modified: Sun, 09 Feb 2020 22:09:00 GMT
server: cloudflare
etag: "378f-59e2bdea9b700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KV3lnOPtdECRiW%2FjFeyiAEc45C1oerLv7o0MsSJICqsFHMQwtOPJUDjlf5MyKxCVtJDZwPGWNmDazjoIX%2F6G1%2BZKQx%2FD8Y0FVCx0Hsk%2Bbfs%2Bw%2B2qgbocrDdPf0HFv7H%2B%2BQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac1cf434a7a-FRA

GET
H2 200 what-is-winhlp32-exe-min.jpg
pic.nex-software.com/img/process-information/502/ 47 KB
48 KB 48ms
34ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/502/what-is-winhlp32-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ff792aaa1764e5bdbeafd4fd396b6e008ade63642082bc608771261c4b22851

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48447
cf-request-id: 0982ef0d1800004a7a3caf7000000001
last-modified: Sun, 09 Feb 2020 22:09:00 GMT
server: cloudflare
etag: "bd3f-59e2bdea9b700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cMqcXaPvuLoNNyhbhpJgGwY9%2FN%2FDRKju5%2BjdJWGizXT27cxWE5V1uhAN8EzzpJTxbVxOrY30Mo0uJAgWUA6VlRf2j4C9dZmCxEwrG0jjiqlq7xiIstVv9xqO7xDAxXF5ig%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac1cf3a4a7a-FRA

GET
H2 200 what-is-winvnc-exe-min.jpg
pic.nex-software.com/img/file-info/882/ 60 KB
60 KB 50ms
36ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/882/what-is-winvnc-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bdf4a7dcad3a686dadb7945273f537027e480e7c61159e6a9b24768cabf9c79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61116
cf-request-id: 0982ef0d1900004a7a4da78000000001
last-modified: Sun, 14 Jul 2019 08:06:00 GMT
server: cloudflare
etag: "eebc-58d9f9d2f6a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4d9UkA6RrRpCr1mKa7Ebv%2FLTkRoLnTG6OutS%2Bf0AFDdPsuotBg21%2FprUmEKEZhOaUC2lfm%2FBgV%2FCowRMEX3U7YN%2F3PMa4YVXoPUU2dRMGZRj3LnFYzwkzdXbBbazzF1bJA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac1cf454a7a-FRA

GET
H2 200 what-is-getwindows10-web_default_attr-min.jpg
pic.nex-software.com/img/process-information/675/ 45 KB
46 KB 57ms
43ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/675/what-is-getwindows10-web_default_attr-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97552a82da6cb691b2de4c08203ec1d89a04b96268ca70ca5dd506aba66d4142

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46464
cf-request-id: 0982ef0d1a00004a7a3f026000000001
last-modified: Sun, 09 Feb 2020 22:12:14 GMT
server: cloudflare
etag: "b580-59e2bea39eb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4E35oW5iav90OTazSWhKo11ANgQyrMoWbYukcZ5Bd2dh2zNisK5rg7qv%2FJZMcvnbzv4Jcn4Z0znHiT9FAJ43IjkH%2BqwWTWifR6hkuUPIfMZSRH6Kh9gJAIUYqzD1crgCEQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac1cf404a7a-FRA

GET
H2 200 what-is-ct-exe-min.jpg
pic.nex-software.com/img/process-information/1256/ 23 KB
24 KB 36ms
22ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1256/what-is-ct-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3840aec57a1ff49f92f132e7791fbc0578cc9e2a85d7ddd52cf324ff503090

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1185
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23480
cf-request-id: 0982ef0d1900004a7a1eb23000000001
last-modified: Sun, 09 Feb 2020 22:12:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5bb8-59e2becd94e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gkm6BXQR7rWzCH10RAWw7QablHFdWsj6Kgs6BKWtnDnrQn2kCw728%2B9iqpZ4lj46ZPAvyc7veK8FpknLNokjQiB6jbA33%2FkxnwXdx84cbOUc6931559exIw%2B2FGpIOGvaQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac1cf3f4a7a-FRA

GET
H3-29 200 what-is-7-zip-dll-min.jpg
pic.nex-software.com/img/process-information/2301/ 117 KB
117 KB 68ms
53ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2301/what-is-7-zip-dll-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2870dc6e6f3f589bd188c94b7a47f905adc5850eff143c8fc403879eeaeca97c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 119622
cf-request-id: 0982ef0d4e000018e58f2f9000000001
last-modified: Sun, 09 Feb 2020 22:13:54 GMT
server: cloudflare
etag: "1d346-59e2bf02fcc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=14Fko5R3dJrqWMdufm9mv3Ggvqo42tjXqlPSIKf9uxzdh%2Bp4jS1SCo%2B3FRy9P5vBT7nG7cCkSg13NqjHKsiwPq1FcwkW%2FnH%2Fn7nl39Zn77Bk0Y1O%2FwTYoz78GTjDBHRTXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218a218e5-FRA

GET
H3-29 200 what-is-cabinet-dll-min.jpg
pic.nex-software.com/img/process-information/3059/ 37 KB
37 KB 74ms
59ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3059/what-is-cabinet-dll-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caed653bd17ae868deab576acbe47205d37ef4f55f7184416adc9c8b77b5fe69

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37738
cf-request-id: 0982ef0d4f000018e5a82a7000000001
last-modified: Sun, 09 Feb 2020 22:13:18 GMT
server: cloudflare
etag: "936a-59e2bee0a7b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ad9fXVs3HBNd4MeCBleXJ6SMGxnYnWyEKKeCp232HeSo5zlTWrf1XOshEHwlUE3rWjyQx6bRS%2FqRL4K%2BACH1LKrxZmgAVGDpnc4eU%2BAUvIPfeuLlWpEkACV%2FHxAmSbEWJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218a518e5-FRA

GET
H3-29 200 what-is-wd-min.jpg
pic.nex-software.com/img/process-information/3168/ 47 KB
48 KB 49ms
34ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3168/what-is-wd-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17065139668f30f8255b554660ce490e543f43ca01f3e6c5f51bb76d0c404e60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4057
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48040
cf-request-id: 0982ef0d4e000018e5a82a6000000001
last-modified: Sun, 09 Feb 2020 22:09:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bba8-59e2bdf054480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eHE79vufcgJ28nA%2F376NDF8D0myN7GCCu5Cbu2NqPnNZf%2B8xaZufSBY7F1palVH%2B2LxiOGna7C%2FuTLtZ9jsNGI8%2BoqbeQjae6oY2ZuOkINYwGHkNx91mM4hyfpf%2B%2BU4DLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218a418e5-FRA

GET
H3-29 200 what-is-bm-exe-min.jpg
pic.nex-software.com/img/process-information/2739/ 38 KB
39 KB 75ms
60ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2739/what-is-bm-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

991ecbf1cd5f362f0dc65fdbce97140d803392c8629f6cc23a039a7f7dfa142a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39221
cf-request-id: 0982ef0d4f000018e53a9b3000000001
last-modified: Sun, 09 Feb 2020 22:13:22 GMT
server: cloudflare
etag: "9935-59e2bee478480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IT9iI5GRxWIyelqdnJjSuNOSYG00FnmwwRGrDFQwm%2B77OMcWn6qXhIEGsFqcfdHthZ5o3kdT8YEs0OeIV4Pe9ft7OtW7TLOo4hQSShEd7HFt0Ch4ZovBtsPbhRqgYvtpIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218a818e5-FRA

GET
H3-29 200 what-is-regcleaner-exe-min.jpg
pic.nex-software.com/img/process-information/392/ 39 KB
39 KB 78ms
63ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/392/what-is-regcleaner-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c028f967b2451c97bf07bcbe6af07db6bd18c437287b9c6c02c9b9befb31c44f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39737
cf-request-id: 0982ef0d4f000018e56198a000000001
last-modified: Sun, 09 Feb 2020 22:10:22 GMT
server: cloudflare
etag: "9b39-59e2be38cef80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QJ%2BSWz8FX2GgXu%2F7LyAvuqv5RC4pSKzVs%2Fw%2FLtQoF1Z2tWvTeXPo2ZdV2SnmjUukywTQ1jA4qSpK%2BkuQxmSrd18pKjlcxNdMxt5kBTpw5yhEWcJz46ELWfyVZKizpxes%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218aa18e5-FRA

GET
H3-29 200 what-is-sharemouse-exe-min.jpg
pic.nex-software.com/img/process-information/2248/ 48 KB
49 KB 82ms
68ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2248/what-is-sharemouse-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2465379aeb8f0ce6d96b26517eb7810dfa05d4858e03795e5a05e2bfc31c5cda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49306
cf-request-id: 0982ef0d4f000018e5ba9eb000000001
last-modified: Sun, 09 Feb 2020 22:10:04 GMT
server: cloudflare
etag: "c09a-59e2be27a4700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GaZCzeKoY1HH5wyVGTvCsOY8D6JJzeeImyrDkLdVs3vvpqtjKuLS5Z8VwPgVLfenrd0TCgU8vXR8AEEmCWh7gHV%2Flouy42GoUI3n0pL7UX7kxxafd5m4uWphk5cpMJ15pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218a618e5-FRA

GET
H3-29 200 what-is-expresscache-min.jpg
pic.nex-software.com/img/file-info/880/ 44 KB
45 KB 55ms
41ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/880/what-is-expresscache-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9bdb8e32b83cdf3374ad98add49cafd6e161b61df3c747c3d2d11d701119d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3426
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45178
cf-request-id: 0982ef0d4d000018e53226b000000001
last-modified: Sun, 14 Jul 2019 08:07:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b07a-58d9fa1f41e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i0G%2FtB8fNq248dknf58GlWTa80kM8naKfgRm4oCaiH2MVpk%2BEJTGC%2Fha7ixKWaN0%2FeJqXIFUwMGbvPx6J%2FyyLyYvvKS9aLGGMvxH9xjFx6bquxoDHcbPQd3BKiYqLoQB7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac2189e18e5-FRA

GET
H3-29 200 what-is-mbae64-min.jpg
pic.nex-software.com/img/process-information/89/ 217 KB
217 KB 91ms
76ms Image
image/jpeg 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/89/what-is-mbae64-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb79603eac72bc0fdb7be1a81a4d01b409bdafab1cf2c8c3851cb5df52232b76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 221764
cf-request-id: 0982ef0d50000018e5082e5000000001
last-modified: Sun, 09 Feb 2020 22:11:28 GMT
server: cloudflare
etag: "36244-59e2be77c0400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZQm4gzr5IwHIa%2B77BQB4RKpPUyZp0uqWYetnV9sG661aeRh8T3RVym%2FMqJdaLOtZ4sh9XDpKmnMwni0CqAtNpdfTKO5XOBONiFIUoO%2B%2FAL%2FBINkkWuNEZFUW3iUxceiV3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac218ad18e5-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 37ms
8ms Script
text/javascript 2600:9000:211e:800:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:27:33 GMT
content-encoding: gzip
age: 557
etag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 52O3HMUjCx26zqQ9IlKwzLaAKyqLLJYUrMWaJKBRxTC_dijIZt9Egw==

GET
H2 200 jquery-3.1.1.min.js Show response
nex-software.com/template/js/ 85 KB
29 KB 32ms
24ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery-3.1.1.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d1200004a7a2a866000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"152b5-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L2EHbgwKbANDloZ2c6gnvvMqUjRzzGW%2BHxYZrqp6GPntS0s%2B403scGkjyZiMqrO9W37Qf119OgG9as4MtGFYzKBzaJ2gaDIBLtMCz5b6V87qTRijKAUmfVijhYlQ"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1bf264a7a-FRA

GET
H3-29 200 jquery.slicknav.min.js Show response
nex-software.com/template/js/ 8 KB
3 KB 37ms
18ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.slicknav.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d3d0000dfbf0b3b4000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"20df-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xVwqZg91NLVEHxKyMuRKpq2N6mMFt%2B%2FPPvhVeztvhrv96q0idDEWTOU9Wq4M4SiyIMQcS3XcSNOcXdU2V%2Fj8ttmbsKFtEtNg9WEKU%2FkXWzwTqcLLMvte706dGCkD"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1f9e3dfbf-FRA

GET
H3-29 200 jquery.bxslider.min.js Show response
nex-software.com/template/js/ 23 KB
6 KB 42ms
23ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.bxslider.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d3d0000dfbff5b21000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bf7-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9NjUpTDC1CGTEh5RpSxbkoFacKawClqz%2FvTdu1f7ZKZi2ohh%2FNtHDNH0JGkoGvQLg7M3bL9mJWsyZf9izTVNxpC5jMHHZUwgw5RYeCgGCQxWPjieg%2BV3hSCiPm0Z"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1f9e9dfbf-FRA

GET
H3-29 200 script.js Show response
nex-software.com/template/js/ 2 KB
1 KB 33ms
14ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/script.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 508
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef0d3d0000dfbf0e80f000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63c-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8YEyGQIZD9mO%2FiBFJxjhgWtC%2FNu5FUbbSXHcCfP%2FX11yRUMcxXRRMZ%2BrTgz1RrjClL%2B%2FmOqwJ0OQxm3XDg1ZWjZxlpQRhYEIgooRJVIHTcUVRlMGrOsLQMiYHIo3"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 64181ac1f9e6dfbf-FRA

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
240 B 253ms
251ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.949148038768113

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 22 Mar 2021 12:57:52 GMT
x-timer: S1618688210.260287,VS0,VE242
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-hhn4023-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sat, 17 Apr 2021 19:36:50 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 0

GET
H2 200 1350 Show response
na.nawpush.com/tags/ 213 B
352 B 24ms
6ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1350
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aca4daa380e77e4a5e689d32c4a0e5790b802cdaed188896632438e0f50e0278

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Apr 2021 19:36:50 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
nex-software.com/template/css/ 18 KB
19 KB 69ms
48ms Font
application/octet-stream 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18728
cf-request-id: 0982ef0dbf0000d72d292e8000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4928-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kp0z02NZjGGpdazPtw6CUP45hazIXLcpadTabGmb%2BctmGkFz%2Fu8JeoWV5JXBA8xBuFOWtXhZorcDA6EdkZWmCosVzoqW2j0ch%2BFN2cGPHfh85uNADpUCPzoTdcmT"}]}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac2cd5ad72d-FRA

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
nex-software.com/template/css/ 18 KB
19 KB 81ms
60ms Font
application/octet-stream 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18684
cf-request-id: 0982ef0dc30000d72d369bc000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "48fc-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tzX2lqoZHez0g254b49N%2FVHSLYJaCG5Cr9tC6YS6hy%2BJuh%2FtL8AmRUGtrFM7OXq%2FjguPjJbmPZ%2B0B1ivoub37v1wDCo9zRIVnLiFTaAxhmeMAXmgKLpdoy5pH20p"}]}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac2cd5dd72d-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
nex-software.com/template/css/ 19 KB
19 KB 55ms
35ms Font
application/octet-stream 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18956
cf-request-id: 0982ef0dbf0000d72d198b6000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4a0c-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YcwaY5aYxHtF%2FxHynIayawFRoTYrIttf1xoAA8Dkp2Mr4qCiUXDO9SsjvudfFLvR2WParIOxwh1x6bB8UaPhVIsHdpQPjz2lAEjAvmiiLxctAn8dCA%2BKFHMw3GD0"}]}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64181ac2cd58d72d-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-nsd-exe;0.035097331676095855
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-nsd-exe;0.035097331676095855

43 B
496 B

61ms
61ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-nsd-exe;0.035097331676095855

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:50 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 17 Apr 2020 08:07:12 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:50 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-nsd-exe;0.035097331676095855
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 17 Apr 2020 08:07:12 GMT

GET
H2 200 csub.js Show response
sw.swwpush.com/npc/sdk/wpu/ 6 KB
3 KB 34ms
7ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sw.swwpush.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 17 Apr 2021 20:36:50 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 33ms
8ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b34c67107f1b7dd18c382366913a00a08956cc138ebed347df972e81b56ce299

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Apr 2021 19:36:50 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 52ms
27ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "846 / 938 of 1000 / last-modified: 1618610925"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21051
x-xss-protection: 0
expires: Sat, 17 Apr 2021 19:36:50 GMT

GET
H2 200 prebid4.19.0.js Show response
get.optad360.io/sf/ 410 KB
129 KB 23ms
22ms Script
application/javascript 2600:9000:206f:2c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.19.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 09:18:14 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 09:52:06 GMT
server: AmazonS3
age: 37117
etag: W/"08b0612ac0c68ebf519b28323f4e2aa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: D3DvqUU8vU6P1VEo1Mtfgk4tHiQlF3z8fUQSdeL5u2SygMQcUd9abQ==

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
771 B 111ms
46ms Script
text/javascript 2600:9000:2021:8a00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:8a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
via: 1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "8f8c95d8315dedb8a7c82f24235b706f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 434
x-amz-cf-id: -6CeOhyBbc_L36HPva-vBkEud-7oZJbj_b26cz8yfNcReZyNwoEgLA==

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame ED0E 2 KB
1 KB 99ms
32ms Document
text/html 2600:9000:2021:3600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:3600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Sat, 17 Apr 2021 19:00:14 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8c1689d985cebe3591673210a2254e9f.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: qnbEf5GgnUUaBHEYu14AZKcavTayME3ryZC_zEsYjgCyOqRvVPJ9IQ==
age: 2196

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 74 B
379 B 209ms
208ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.nex-software.com/what-is-nsd-exe
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.949148038768113
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 85
x-served-by: cache-hhn4023-HHN
server: Google Frontend
x-timer: S1618688211.603621,VS0,VE200
etag: W/"4a-U3myf635cTml8/jliRIqPS6GEqY"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 0337b13d92809e802c063c6637e1d5ee
cache-control: max-age=3600,public
function-execution-id: 09jw8mwbpr0l
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
x-cache-hits: 0

GET
H3-29 200 pubads_impl_2021041301.js Show response
securepubads.g.doubleclick.net/gpt/ 295 KB
104 KB 37ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106168
x-xss-protection: 0
expires: Sat, 17 Apr 2021 19:36:50 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210417

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a0be70bfb4eaf5cad8ead71a89c69b93a4122a64eaee9fe7074e68d9156354ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 41403
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 937
etag: W/"67c-X/+uH3yGjrWThKLV7Il/DxEDzyg"
x-served-by: cache-fra19160-FRA, cache-hhn4049-HHN
date: Sat, 17 Apr 2021 19:36:50 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 19:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 B
261 B 976ms
975ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2265361927555129&correlator=379128540656223&output=ldjh&impl=fif&eid=31060439%2C31060789%2C31060735&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=121764058%2Cnex-software.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1618688210&dt=1618688210705&dlt=1618688210177&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=2276114153&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=686015510.1618688211&ga_sid=1618688211&ga_hid=338206317&ga_fc=false&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a2872dfe6a03cd41366ab2797424febf55bebca9fac5d64604126bd0d47db702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
267 B 1127ms
1126ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2265361927555129&correlator=379128540656223&output=ldjh&impl=fif&eid=31060439%2C31060789%2C31060735&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=121764058%2Cnex-software.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1618688210&dt=1618688210713&dlt=1618688210177&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=397&adks=756292859&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x100&ga_vid=686015510.1618688211&ga_sid=1618688211&ga_hid=338206317&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d13e095de03aed147792992ae16497a4811043d41b028369198dc7d578a62129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 644ms
643ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2265361927555129&correlator=379128540656223&output=ldjh&impl=fif&eid=31060439%2C31060789%2C31060735&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=121764058%2Cnex-software.com_am_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1618688210&dt=1618688210717&dlt=1618688210177&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=971&adks=3643186935&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x100&ga_vid=686015510.1618688211&ga_sid=1618688211&ga_hid=338206317&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ae0b415cc13035d71f79bedc6c1aedc894e1b4157f676159e10183d7ea3452b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8385
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
272 B 367ms
365ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2265361927555129&correlator=379128540656223&output=ldjh&impl=fif&eid=31060439%2C31060789%2C31060735&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=121764058%2Cnex-software.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1618688210&dt=1618688210722&dlt=1618688210177&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=198&adks=4062027437&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x90&ga_vid=686015510.1618688211&ga_sid=1618688211&ga_hid=338206317&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3c6cbef713f89c82504761cc8f42dee0a0b5c07434ab95c1dfd46b4be66bb78c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 808ms
808ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2265361927555129&correlator=379128540656223&output=ldjh&impl=fif&eid=31060439%2C31060789%2C31060735&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=121764058%2Cnex-software.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1618688210&dt=1618688210725&dlt=1618688210177&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=1119&adks=2674700253&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x600&ga_vid=686015510.1618688211&ga_sid=1618688211&ga_hid=338206317&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7a192fded482a690211b3eddcd1cc8fa77f1c3f6d6e2abf1997677d93a6dae61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7517
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
266 B 1307ms
1307ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2265361927555129&correlator=379128540656223&output=ldjh&impl=fif&eid=31060439%2C31060789%2C31060735&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=121764058%2Cnex-software.com_adi_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1618688210&dt=1618688210727&dlt=1618688210177&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=250&adks=2135080088&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x250&ga_vid=686015510.1618688211&ga_sid=1618688211&ga_hid=338206317&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b003edc7ff6b0aa8219cef765c5f852854cc0527cda168477b0931005f7d6b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
341 B 36ms
12ms XHR
text/plain 3.122.26.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=ja.nex-software.com&location=%2Fwhat-is-nsd-exe&product=unknown&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=nsd.exe%E3%81%A8%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&bsamesite=true&consent_cookie_duration=179&consent_duration=179&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=%E7%9C%9F%E3%81%AEnsd.exe%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%AF%E3%80%81%20IBM%E3%81%AEIBM%EF%BC%88Lotus%EF%BC%89Notes%E3%81%AE%20%E3%82%BD%E3%83%95%E3%83%88%E3%82%A6%E3%82%A7%E3%82%A2%E3%82%B3%E3%83%B3%E3%83%9D%E3%83%BC%E3%83%8D%E3%83%B3%E3%83%88%E3%81%A7%E3%81%99%E3%80%82%20Notes%20System%20Debugger%EF%BC%88NSD%EF%BC%89%E3%81%AF%E3%80%81IBM%20Lotus%20Notes%20%2F%20Domino%E3%82%A8%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%97%E3%83%A9%E3%82%A4%E3%82%BA%E9%9B%BB%E5%AD%90%E3%83%A1%E3%83%BC%E3%83%AB%E3%81%8A%E3%82%88%E3%81%B3%E3%82%B3%E3%83%A9%E3%83%9C%E3%83%AC%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0%E3%81%AE%E3%83%88%E3%83%A9%E3%83%96%E3%83%AB%E3%82%B7%E3%83%A5%E3%83%BC%E3%83%86%E3%82%A3%E3%83%B3%E3%82%B0%E3%83%84%E3%83%BC%E3%83%AB%E3%81%A7%E3%81%82%E3%82%8A%E3%80%81%E3%82%A8%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%97%E3%83%A9%E3%82%A4%E3%82%BA%E9%9B%BB%E5%AD%90%E3%83%A1%E3%83%BC%E3%83%AB%E3%81%AF%E9%9B%86%E4%B8%AD%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E3%81%A7%E7%B6%AD%E6%8C%81%E3%81%95%E3%82%8C%E3%80%81%E3%82%AF%E3%83%A9%E3%82%A4%E3%82%A2%E3%83%B3%E3%83%88PC%E3%81%8A%E3%82%88%E3%81%B3%E3%83%A2%E3%83%90%E3%82%A4%E3%83%AB%E3%83%87%E3%83%90%E3%82%A4%E3%82%B9%E3%81%8B%E3%82%89%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%95%E3%82%8C%E3%81%BE%E3%81%99%E3%80%82%20Notes%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E5%85%A8%E4%BD%93%E3%81%AE%E3%82%AF%E3%83%A9%E3%82%A4%E3%82%A2%E3%83%B3%E3%83%88%E5%81%B4%E3%81%AE%E3%82%A2%E3%83%B3%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%88%E3%83%BC%E3%83%AB%EF%BC%88%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B38.0%E4%BB%A5%E9%99%8D%EF%BC%89%E3%81%A7%E3%81%AF%E3%80%81%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%88%E3%83%BC%E3%83%AB%E6%99%82%E3%81%AB%E4%BD%9C%E6%88%90%E3%81%95%E3%82%8C%E3%81%9F%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%E3%82%92%E3%80%81Java%E3%81%AEEclipse%20IDE%E3%81%A8%E7%89%B9%E5%88%A5%E3%81%AA%E3%83%97%E3%83%A9%E3%82%B0%E3%82%A4%E3%83%B3%E3%82%92%E8%A7%A3%E5%87%8D%E3%81%97%E3%81%A6%E5%89%8A%E9%99%A4%E3%81%97%E3%81%BE%E3%81%99%E3%80%82%20%E7%89%B9%E3%81%ABNSD%E3%82%92%E3%82%A2%E3%83%B3%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%88%E3%83%BC%E3%83%AB%E3%81%99%E3%82%8B%E3%81%AB%E3%81%AF%E3%80%81%E3%83%8D%E3%83%83%E3%83%88%E3%83%AF%E3%83%BC%E3%82%AF%E7%AE%A1%E7%90%86%E8%80%85%E3%81%8C%E5%BF%85%E8%A6%81%E3%81%A7%E3%81%99%E3%80%82%20NSD%E3%81%AF%E3%80%81%E3%82%B5%E3%83%9D%E3%83%BC%E3%83%88%E3%83%87%E3%82%B9%E3%82%AF%E3%81%AE%E6%8B%85%E5%BD%93%E8%80%85%E3%81%8C%E5%88%86%E6%9E%90%E3%81%99%E3%82%8B%E3%81%9F%E3%82%81%E3%81%AE%E3%83%AD%E3%82%B0%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E7%94%9F%E6%88%90%E3%81%97%E3%81%BE%E3%81%99%E3%80%82%20%E8%87%AA%E5%8B%95%E7%9A%84%E3%81%AB%E8%B5%B7%E5%8B%95%E3%81%99%E3%82%8B%E5%A0%B4%E5%90%88%E3%81%AF%E3%80%81Notes%20%2F%20Domino%E7%92%B0%E5%A2%83%E3%81%8C%E6%B7%B1%E5%88%BB%E3%81%AB%E4%BE%B5%E5%AE%B3%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%82%8B%E3%81%93%E3%81%A8%E3%82%92%E7%A4%BA%E3%81%97%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82%20%E3%81%BE%E3%81%9F%E3%80%81%E3%83%88%E3%83%A9%E3%83%96%E3%83%AB%E3%82%B7%E3%83%A5%E3%83%BC%E3%83%86%E3%82%A3%E3%83%B3%E3%82%B0%E6%99%82%E3%81%AB%E3%80%81%E3%82%AF%E3%83%A9%E3%82%A4%E3%82%A2%E3%83%B3%E3%83%88%E3%81%BE%E3%81%9F%E3%81%AF%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E3%81%A7%E6%89%8B%E5%8B%95%E3%81%A7%E5%AE%9F%E8%A1%8C%E3%81%99%E3%82%8B%E3%81%93%E3%81%A8%E3%82%82%E3%81%A7%E3%81%8D%E3%81%BE%E3%81%99%E3%80%82%20IBM%E3%81%AF%E7%B1%B3%E5%9B%BD%E3%83%8B%E3%83%A5%E3%83%BC%E3%83%A8%E3%83%BC%E3%82%AF%E5%B7%9E%E3%82%A2%E3%83%BC%E3%83%A2%E3%83%B3%E3%82%AF%E3%81%AB%E6%9C%AC%E7%A4%BE%E3%82%92%E7%BD%AE%E3%81%8D%E3%80%811911%E5%B9%B4%E3%81%AB%E8%A8%AD%E7%AB%8B%E8%80%85%E3%81%A7%E3%81%82%E3%82%8B%E3%83%88%E3%83%BC%E3%83%9E%E3%82%B9%E3%83%AF%E3%83%88%E3%82%BD%E3%83%B3%E3%81%AB%E3%82%88%E3%81%A3%E3%81%A6%E8%A4%87%E6%95%B0%E3%81%AE%E4%BC%81%E6%A5%AD%E3%81%8B%E3%82%89%E8%A8%AD%E7%AB%8B%E3%81%95%E3%82%8C%E3%81%BE%E3%81%97%E3%81%9F%E3%80%82%E3%83%88%E3%83%BC%E3%83%9E%E3%82%B9%E3%83%AF%E3%83%88%E3%82%BD%E3%83%B3%E3%81%AF1924%E5%B9%B4%E3%81%AB%E3%82%AB%E3%83%8A%E3%83%80%E3%81%AE%E5%AD%90%E4%BC%9A%E7%A4%BE%E3%81%8B%E3%82%89%E7%8F%BE%E5%9C%A8%E3%81%AE
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 19:36:50 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ja.nex-software.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 144 B
390 B 428ms
118ms Script
text/javascript 3.213.224.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-nsd-exe
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-136.compute-1.amazonaws.com
Software: / Express
Resource Hash: 3e519316fb2c453e0ca96da7eecb91a1b8c6935b8ca471a67c900a9ed150e7ea

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 19:36:51 GMT
Cache-Control: public, max-age=900
ETag: b424f7dd4be0ff5cabc86532238961c3
Connection: keep-alive
X-Powered-By: Express
Content-Length: 144
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
680 B 99ms
31ms Image
image/svg+xml 2600:9000:2021:7e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:7e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Apr 2021 20:40:38 GMT
via: 1.1 37f5991a07ae02f8608ee075767a6bfd.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 514573
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 301
x-amz-cf-id: GQ0W8zSVAteN3f-TXf9K44M4zex3CilWjDPQJZxOilHO5cXs9GuVBw==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 99ms
31ms Image
image/svg+xml 2600:9000:2021:7e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:7e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 06 Apr 2021 20:03:17 GMT
via: 1.1 37f5991a07ae02f8608ee075767a6bfd.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 948813
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 731
x-amz-cf-id: Dcu9fEoxzw9sLcoiDxFwpfasgIa--O_pJW6LBHZbZ2c6PGkDYw_WMg==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 99ms
31ms Image
image/svg+xml 2600:9000:2021:7e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:7e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 13 Apr 2021 03:43:22 GMT
via: 1.1 37f5991a07ae02f8608ee075767a6bfd.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 402814
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 771
x-amz-cf-id: r2olGDtBI2PRWtvhRd9FNJpp6jPzuUsRF0KFFdF0xyhG1zctb5OrFQ==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
722 B 100ms
32ms Image
image/svg+xml 2600:9000:2021:7e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:7e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 05 Apr 2021 03:40:48 GMT
via: 1.1 37f5991a07ae02f8608ee075767a6bfd.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1094163
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 343
x-amz-cf-id: oiR072sqX_udlpSTcQ1XL7kgBniI86OIIJj18h8U-TBE9oWnPZmTNA==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
892 B 100ms
32ms Image
image/svg+xml 2600:9000:2021:7e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:7e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Apr 2021 10:00:13 GMT
via: 1.1 37f5991a07ae02f8608ee075767a6bfd.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 552999
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 514
x-amz-cf-id: kF_n_uJdo91cbPzNPq2vQ5s_YjLvhsD5uQBtdLVPLIDojPTWGVehYw==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 41ms
20ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f266f72eb0457a4965ece65da9a0e52b49fe0f8b2ca15f918a8bb2bb76b5166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7092
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 613E 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 17 Apr 2021 15:25:26 GMT
expires: Sun, 17 Apr 2022 15:25:26 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15085
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 613E 14 KB
6 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 278911
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

GET
H3-29 200 container.html Show response
db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D0F 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 17 Apr 2021 19:36:50 GMT
expires: Sun, 17 Apr 2022 19:36:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0127 478 B
563 B 20ms
19ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYt5H8gwEwAQ&v=APEucNURL5_rfCNUS05uMdRPVq6l-yqUTjvURP5eAnWlGw0KIOKkTFnkILQOwoOc6Yx4--sFPOLhcNwLAVr52AGJsTguLoIIi0qWge0Zz7_fpEpJQ8l3KIFijdVPlBfp6mnNpGzPe-3T01XT8QGi9dQ7tUHdU4BxUJto0bhkX83mvl26h_3KpY3CMisPmeavQOk_06bDvKa4zjTQOHxCNmZfso0Tzf6Q_dsp0ZkVBldIrOxIEjQmFzY

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CICHEhC30jMYt5H8gwEwAQ&v=APEucNURL5_rfCNUS05uMdRPVq6l-yqUTjvURP5eAnWlGw0KIOKkTFnkILQOwoOc6Yx4--sFPOLhcNwLAVr52AGJsTguLoIIi0qWge0Zz7_fpEpJQ8l3KIFijdVPlBfp6mnNpGzPe-3T01XT8QGi9dQ7tUHdU4BxUJto0bhkX83mvl26h_3KpY3CMisPmeavQOk_06bDvKa4zjTQOHxCNmZfso0Tzf6Q_dsp0ZkVBldIrOxIEjQmFzY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 17 Apr 2021 19:36:51 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkAEk80RRur_pU3v2QKJb2m1e6nbzk9FomxuPL76CnmidAQFD1anIyt6Nfa; expires=Thu, 12-May-2022 19:36:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D0F 23 KB
11 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4OfYmHcKURHvPKob2fzXbk5pe2zgisQBvcSz4sg75imWCg8Fz0dB4bpdaksNYQk9xXJbTfuKijxw8IloJTVQklnqHLf58N2f_Nf3G1juNfLZB0l-LCBCpI-HMTtNg_R7_wKXFSMiC5ebKuJRiwEv1Ijs6Kw&cry=1&dbm_d=AKAmf-D1J-ZLItcIbY0eARNgF1T6VNKQOAwkpjdwMLFPbdeaQA7cZQCc0BwDuU_9CkKYTSuvuQKNkN1SrfoQ20w02hpVCjrCccPDYhuR3Thwn08ZsqFkVWP2MbYiWsY3T58QIr2_kIE8nHHn9CsW2SUmE7cEPLRiM5TXCUG12TNd5TZ4nb65QLaEf5H3cidtzN0KIW9Fy-0Y2pD0WNLGpS5mZkphbTS7uEbY9g7kfqkOVhjiY6s26_4HNsK7jPZ5XYkC-3Iw2OPZ9O5zHq0OQmZUwzAqhitZTuYGTCqCBuvOIwiX6AXwXWsLMADDMnIF73kvqkgfYRzVLNxG6PDHTh5G04UCapbh72pbaK6zDKBkpm-y3J7axjkTE5K1qZi2GQNN95_t0cxYEI-HwFjF9VcsxEFjENdHOK3q9tTqqedtg1n23R9AvCjJ8F1vLP7UPibh_5qsgZBtCNGfNmjUHaTdQcJj792NFnR-z_QwXPAbq2qoLPuIK632CFd2IELV2SCminxC-FfsLWw2Zwzpcz43OfGZHtHJEEQ7AB761G5AzJzYJaaSJqyLHp6RSxdLDp_uzpmkeAWPPck0fjOR5vg4vsj9h6Ve3gFdehOJiDxmVThE4Ll9_5Bg3ptONpGmbhnOCIDkc3e1UYwJPVIlRh8Dh1TiJhcx6gwRrJMDyoK3L4UAKQD3Uizdi4kEUy12UvK8RMFukeG3MEkni5Gud3S-sa7pS8z9GWDYWGfiPOd3glaQACzfpZXCXdgEvdk104GEyMr_sf0N4vWqPwyrs-HV2rXe-D89PQ4rocVOjQ2LYyfdqGpIaeclvJ977y0TMkCfZUIYqzlQcFNSNWxDGGglll1Bl2M6eMS1RWnZAVna6fbOB9vSXe470WmpeJCqrL3dBUphlBAlTM0wJ_AmJx8lHHjh9ER2uasYoOFM3UJvlHSQqk1KmiEEH2HFr9eWy0aHmYJa8UQADoIrjKat7Q4v9Jak94PV3z3bZY9mBr-74PV21ZeG43DMwtaII7w0npV9Am3HVqNY6kaMFNAHT87dc5yG6x7EbZPfdijW_FJM5nCw_UzBnbrE688OPqK-DPXBTSOkBm71IzI-PkYORxdAs6Ht74yEAPBJkHwHImQ8_svgWNY_rmCE87LXaB5fZVLXNUEsohGENWlDyb0AUcln8QplUzdUNz4PIKZMWuQvVmkRxFXCkPTanMfC3wcFGZZaIuq_hbv4evZFVHhoSMKO52ghSRS7Z7u4bYX7YmF6v7HMa37wz40EXoFzxl35lkeNGaBCH5ZZUbPQVMuOWn76F6c9f2c4AJoKsqs-3OXa3U1OF1X0LHivtjwHMiW6zUB1XeFuWYXWUV1r_8c4M1WUOVSKGd-sdH--T3L294GGPBoKRnmX821rOOJt5dudujmYXQLqHotN3-NQ3fw0LROmyrHuGPJ9kbEsZ2eRjdZdJrWJZ5DATLhX_aH5LfAxRCwFPdgDwdtZ4v0SVG4ZVUkRLaoFrKK9XtqtM2obOhCAVAzFKEf36RsKF1hP0PSUBPAZSYUI9m6jYSpN6HtyX5uMyi5aWIFzG5KCPd_jh-1qsMVRI9QmyOHgGHSxZGYV6T3FlSqqeL9Q1XaeShUXgwbjA_OI-_l5q-MpwUvwYHU604NVULSsxxOIvD27-knkonWmS3KE_DQPBGcRxakz0Czoc7ClN8l6lpx4zYxd67Hv3tHQvgLYzlZJ6yGhckz-m2g-JfJQimjOvQpIeOurKtNJexUT6NcxFgxvYcHqfATopjpAuPLv-Kob1worMRpQDCpNtuTkabl1HFA9wK3U0yK-ZO23Bvj3rJTdt_G8tbHWlP1go05_yiqqEy5mazAMqqaKO-C9jwhcEPljz84Zp1e8EKYrTMXQaPXk_dk_BcGV74j1Uz0WCZesliTN5_vz8yfCHSwG6Z4b8yT8g4iJXMehU7GcBnbhkz3aJTqmMMkAYrgAbAqgn8-M9O01i9QQMHRjdZbS-WgGJz5RUCQss-9SPLbxHTt9dIdf_ApBoN9-YKuJVBrSQxpQ4e5x48FDH8hDo77py9pFY0z12HkrE_CQQlkdpgE9MlGKt5c5AZsACqAG-qUkvnoQAbQ9m44RvFWWzmPijjNCI-NWkisUp_LjXQIpDiAjMnQ_gdDu6A_N9vfOBnOAeC9IdrHImGMaf6r0dA9tjlJf0kY6BmQNj2oKE2nn2eZ_9cgPs8kxTBPt2wjTb27Uet6jtvgjjDcAVYmjhDNH31VYum9FJF5NUbvtPGykDaG-2WTRsG7V_BhhDYX2Acvmuy5OHH_3aKm89vCSrrt-V8CTxgXYYe9nbrM78YekpBtMLPklN_Cj0q0WGjpzqf5R8lwloVh7GGntVBpxWMmHzqXGjFCpPwGzotcwcohn-pRd6wGsk9zVbcVhpLJoN397fjFpUSXu67bBQD4rSVdeVCjWS7JFBwwcZ1yZONdQS4mGB1cVp_ZxyUK6abz4wslYFWmkf5hm628LD3wWkQt2gQR8XW8xHtnetNL-JsT4E_vSIMdV6SE8rKdYPhkX-1Bg2fKAMeIb27_sco7sC0t-TzqLFp7erjq53qWxAST4ywbG1daES0y6ijAx-HuzVayPejxaOqE3BEztO2RodjjX19TDUsSvlnzzK2SPomh2pQJCHje1F8qhDSqx4IJmh1A3FEVxg-fUEwvHCcSaGw5rTlaPKvB3U6V3uCS1DUCqUYWaa7KDwBkonx4eDT_OR_sWdvI1wDHNDQDGXI-2-3ldChmy3t160e-alnQMDA0BeEl8Pfut2MEDSgZncdY8Xm9HgeysAWXVmb69GG7duwdX25KVd0Gd43p4xATwF2RBwRnY8zsuKyNnwoBeRfKPG_L2w45CgpAApnFy9BHDOLr05EQLlRUjWr_tx_HXLkGTr787b6OnuqALeGyVbF7WQS66uH5kqeDsc7-UHqq1Bw3R5prqrDQXi31Lqc7r22GJtQAyPDGsk9SpY_JCTcvUIwVKWhKJXfcqX-mFGHOXs_krO9IV8izjrGhk2fJk1F-tE3o4ctCSkYMO4fMDds9ect88_mMG2OIsIrPHwUsqCvlvIQJcEwsAd35IYjFipoatchlxy5wHsOVpZXG0asYn8IPIumQ3_BqZzSEkn_fbYRMjn4J4ED6cH-pxD4RU5Rcfg4XZc5HmfRmQTeSZjECapBSmP-Gtc6I4X8VSyBXnosJyT_zcLa8VV38jIPe54BzPvMWtUtn8V5k3ASStOSVZTU9E9XACpvDp6vH-BGIzCgMwBMLUlcKuUAdgCj91sfICU5Wfup2fjLpbt4wCbesx1j3vYzPTbO28_NmTQY7P760QAhOJluQg6QkYaD13HLmLkWb62g&cid=CAASB-RoqYOzayA&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fed89c081a22c5e69d2a9728988498fa3ae4f89dee4206583b316f8f200c4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11433
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D0F 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDQ_FJCvi08XaB9JsA1k34rxmP-42Zifx0ojSane1rtquO5ZXsTA8nlLjGnbGAKB7JfvcGvsi-1kgfm0HNC8Bu3EZHfKQDde6HeEWGoL1HzPiAF9k

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0D0F 36 KB
12 KB 43ms
25ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b684bb683e9214771c03aeca125e09425d5cb5e76911f6d2a43ef39fb55e1c56

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=s2482A==, md5=j1jRJaHZBV79FmSAFAai6Q==
date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10160
x-guploader-uploadid: ABg5-Uxf5ERJo5XMONJXFFQw6iJYsKBrTdgGi5CMm2ThniYI6baP9PJgxVKfUIY6jzeUERJY__dt_dOU4MQlm0--OtE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef11fb000005fda62b6000000001
last-modified: Fri, 16 Apr 2021 16:47:14 GMT
server: cloudflare
etag: W/"8f58d125a1d9055efd1664801406a2e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zh5TPW9FV%2FRfyxymv37AR1fvcQVDodF1VYbXEtL2iZUUklhU0ZyC2L3Nfry5WORcDXgbVCNSiI8bgYrfCqQeS2bu2e4k%2FJsdtW0s1AbvSdlPc6BK"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1618591634770240
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11821
cf-ray: 64181ac9894b05fd-FRA
expires: Sat, 17 Apr 2021 16:47:31 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 0D0F 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:36:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D0F 118 KB
36 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 0D0F 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:30:39 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 0D0F 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4OfYmHcKURHvPKob2fzXbk5pe2zgisQBvcSz4sg75imWCg8Fz0dB4bpdaksNYQk9xXJbTfuKijxw8IloJTVQklnqHLf58N2f_Nf3G1juNfLZB0l-LCBCpI-HMTtNg_R7_wKXFSMiC5ebKuJRiwEv1Ijs6Kw&cry=1&dbm_d=AKAmf-D1J-ZLItcIbY0eARNgF1T6VNKQOAwkpjdwMLFPbdeaQA7cZQCc0BwDuU_9CkKYTSuvuQKNkN1SrfoQ20w02hpVCjrCccPDYhuR3Thwn08ZsqFkVWP2MbYiWsY3T58QIr2_kIE8nHHn9CsW2SUmE7cEPLRiM5TXCUG12TNd5TZ4nb65QLaEf5H3cidtzN0KIW9Fy-0Y2pD0WNLGpS5mZkphbTS7uEbY9g7kfqkOVhjiY6s26_4HNsK7jPZ5XYkC-3Iw2OPZ9O5zHq0OQmZUwzAqhitZTuYGTCqCBuvOIwiX6AXwXWsLMADDMnIF73kvqkgfYRzVLNxG6PDHTh5G04UCapbh72pbaK6zDKBkpm-y3J7axjkTE5K1qZi2GQNN95_t0cxYEI-HwFjF9VcsxEFjENdHOK3q9tTqqedtg1n23R9AvCjJ8F1vLP7UPibh_5qsgZBtCNGfNmjUHaTdQcJj792NFnR-z_QwXPAbq2qoLPuIK632CFd2IELV2SCminxC-FfsLWw2Zwzpcz43OfGZHtHJEEQ7AB761G5AzJzYJaaSJqyLHp6RSxdLDp_uzpmkeAWPPck0fjOR5vg4vsj9h6Ve3gFdehOJiDxmVThE4Ll9_5Bg3ptONpGmbhnOCIDkc3e1UYwJPVIlRh8Dh1TiJhcx6gwRrJMDyoK3L4UAKQD3Uizdi4kEUy12UvK8RMFukeG3MEkni5Gud3S-sa7pS8z9GWDYWGfiPOd3glaQACzfpZXCXdgEvdk104GEyMr_sf0N4vWqPwyrs-HV2rXe-D89PQ4rocVOjQ2LYyfdqGpIaeclvJ977y0TMkCfZUIYqzlQcFNSNWxDGGglll1Bl2M6eMS1RWnZAVna6fbOB9vSXe470WmpeJCqrL3dBUphlBAlTM0wJ_AmJx8lHHjh9ER2uasYoOFM3UJvlHSQqk1KmiEEH2HFr9eWy0aHmYJa8UQADoIrjKat7Q4v9Jak94PV3z3bZY9mBr-74PV21ZeG43DMwtaII7w0npV9Am3HVqNY6kaMFNAHT87dc5yG6x7EbZPfdijW_FJM5nCw_UzBnbrE688OPqK-DPXBTSOkBm71IzI-PkYORxdAs6Ht74yEAPBJkHwHImQ8_svgWNY_rmCE87LXaB5fZVLXNUEsohGENWlDyb0AUcln8QplUzdUNz4PIKZMWuQvVmkRxFXCkPTanMfC3wcFGZZaIuq_hbv4evZFVHhoSMKO52ghSRS7Z7u4bYX7YmF6v7HMa37wz40EXoFzxl35lkeNGaBCH5ZZUbPQVMuOWn76F6c9f2c4AJoKsqs-3OXa3U1OF1X0LHivtjwHMiW6zUB1XeFuWYXWUV1r_8c4M1WUOVSKGd-sdH--T3L294GGPBoKRnmX821rOOJt5dudujmYXQLqHotN3-NQ3fw0LROmyrHuGPJ9kbEsZ2eRjdZdJrWJZ5DATLhX_aH5LfAxRCwFPdgDwdtZ4v0SVG4ZVUkRLaoFrKK9XtqtM2obOhCAVAzFKEf36RsKF1hP0PSUBPAZSYUI9m6jYSpN6HtyX5uMyi5aWIFzG5KCPd_jh-1qsMVRI9QmyOHgGHSxZGYV6T3FlSqqeL9Q1XaeShUXgwbjA_OI-_l5q-MpwUvwYHU604NVULSsxxOIvD27-knkonWmS3KE_DQPBGcRxakz0Czoc7ClN8l6lpx4zYxd67Hv3tHQvgLYzlZJ6yGhckz-m2g-JfJQimjOvQpIeOurKtNJexUT6NcxFgxvYcHqfATopjpAuPLv-Kob1worMRpQDCpNtuTkabl1HFA9wK3U0yK-ZO23Bvj3rJTdt_G8tbHWlP1go05_yiqqEy5mazAMqqaKO-C9jwhcEPljz84Zp1e8EKYrTMXQaPXk_dk_BcGV74j1Uz0WCZesliTN5_vz8yfCHSwG6Z4b8yT8g4iJXMehU7GcBnbhkz3aJTqmMMkAYrgAbAqgn8-M9O01i9QQMHRjdZbS-WgGJz5RUCQss-9SPLbxHTt9dIdf_ApBoN9-YKuJVBrSQxpQ4e5x48FDH8hDo77py9pFY0z12HkrE_CQQlkdpgE9MlGKt5c5AZsACqAG-qUkvnoQAbQ9m44RvFWWzmPijjNCI-NWkisUp_LjXQIpDiAjMnQ_gdDu6A_N9vfOBnOAeC9IdrHImGMaf6r0dA9tjlJf0kY6BmQNj2oKE2nn2eZ_9cgPs8kxTBPt2wjTb27Uet6jtvgjjDcAVYmjhDNH31VYum9FJF5NUbvtPGykDaG-2WTRsG7V_BhhDYX2Acvmuy5OHH_3aKm89vCSrrt-V8CTxgXYYe9nbrM78YekpBtMLPklN_Cj0q0WGjpzqf5R8lwloVh7GGntVBpxWMmHzqXGjFCpPwGzotcwcohn-pRd6wGsk9zVbcVhpLJoN397fjFpUSXu67bBQD4rSVdeVCjWS7JFBwwcZ1yZONdQS4mGB1cVp_ZxyUK6abz4wslYFWmkf5hm628LD3wWkQt2gQR8XW8xHtnetNL-JsT4E_vSIMdV6SE8rKdYPhkX-1Bg2fKAMeIb27_sco7sC0t-TzqLFp7erjq53qWxAST4ywbG1daES0y6ijAx-HuzVayPejxaOqE3BEztO2RodjjX19TDUsSvlnzzK2SPomh2pQJCHje1F8qhDSqx4IJmh1A3FEVxg-fUEwvHCcSaGw5rTlaPKvB3U6V3uCS1DUCqUYWaa7KDwBkonx4eDT_OR_sWdvI1wDHNDQDGXI-2-3ldChmy3t160e-alnQMDA0BeEl8Pfut2MEDSgZncdY8Xm9HgeysAWXVmb69GG7duwdX25KVd0Gd43p4xATwF2RBwRnY8zsuKyNnwoBeRfKPG_L2w45CgpAApnFy9BHDOLr05EQLlRUjWr_tx_HXLkGTr787b6OnuqALeGyVbF7WQS66uH5kqeDsc7-UHqq1Bw3R5prqrDQXi31Lqc7r22GJtQAyPDGsk9SpY_JCTcvUIwVKWhKJXfcqX-mFGHOXs_krO9IV8izjrGhk2fJk1F-tE3o4ctCSkYMO4fMDds9ect88_mMG2OIsIrPHwUsqCvlvIQJcEwsAd35IYjFipoatchlxy5wHsOVpZXG0asYn8IPIumQ3_BqZzSEkn_fbYRMjn4J4ED6cH-pxD4RU5Rcfg4XZc5HmfRmQTeSZjECapBSmP-Gtc6I4X8VSyBXnosJyT_zcLa8VV38jIPe54BzPvMWtUtn8V5k3ASStOSVZTU9E9XACpvDp6vH-BGIzCgMwBMLUlcKuUAdgCj91sfICU5Wfup2fjLpbt4wCbesx1j3vYzPTbO28_NmTQY7P760QAhOJluQg6QkYaD13HLmLkWb62g&cid=CAASB-RoqYOzayA&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0
server: cafe
etag: 17868783254023373946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:31:50 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D0F 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 15:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16269
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 15:05:42 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041301&jk=2265361927555129&bg=!g4ClgMTNAAZUuIlwVLg7ACkAdvg8WtlDVrw9PTnUhkrDww-j20Jn_rPC7NaXF8LPfRUyhknz5wy3LQIAAAB6UgAAADRoAQcKAK9nxWqRbRyu3wc033DL-Q-yFwICxJ5I1sN0S-46r-Kl3LA4AOpoASjKCCWD3EXDFoJL-QcEcB-i4BnM8ymK9NNWKMl9PrZhCHYExnzxE3ttCR6s50cgh28mrp7Lq-2xtQr-8yENSy5IOVGXxXp8SPKcd9OpEjTOmRDiJWzEwzT7v3GeorL2qFsJuQHBvgRsShMCrBCJVbdUTkIEqSQkJ6Gff7Io5LATpNWQ7LoZOgNZmQIuS9DnxdVYkEYD7cLI4KG124fEyhMNscGwhai99bmIiIMENIEsA8ZGyY4rYkfr8oYrTDJYWkEOzqPOUDlo68X50s-R8V5WCy7U6W98QJlrQrIgv90Gd3VIrtBHPJ2LIA3pv1tpmoWuTIcKx7Fjn9YN8s5VxbwCbB3EWQwffwtXm4-TmMY52NIu9N6lcDX4TTwKmTI8SprdnaBQnKJP_IyL1EwLGa7MyYd9C2T29rfinn-Qm6B0stpb8Q2X9gjmFENetFkIN2URCSv9etITeK1Gu1aKjAkvruFoh3HV5lMLYYeJeNU3yLOJXpFs4yyNPTIX_Srz8VMNxf-3JonrGVIdpX_GGr59gx3ftIWAWyXiNttQNexF7IMTxAznKnmjo2egN0_uE_2_oGKpr9pM9iourTicxlDCndoOUwHsOZbmFY0M7QgSH7jRbfXbh-UCsL2XAkaK_704RRofsr_mKoDR7Lg4WARnU5KyIZzvZJhU6litpbB3_SbchyEXhaqBkbRmGxgMEB4nP1NW8iMm6grrZtPpovklEbLVuh4Xy7M7-GLPZTIs-l5Hf8I6Aet9J47A45l269FMo39apkb3-D1MSDRlqRPT0ZmQRfuc9pHye-u74XvZ9slHvkhLU9wJyBusiLeQZQ8rnKDWFY2TMZJn4XxUTE2RkqJ52d9pURGs19WTpd-MHyT-LkT3qIVmGnjBKOtAiQtOgtJzjyvOjEHTq0BUQxfeA4hfLbIQCdhW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0127 170 B
506 B 40ms
18ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYt5H8gwEwAQ&v=APEucNURL5_rfCNUS05uMdRPVq6l-yqUTjvURP5eAnWlGw0KIOKkTFnkILQOwoOc6Yx4--sFPOLhcNwLAVr52AGJsTguLoIIi0qWge0Zz7_fpEpJQ8l3KIFijdVPlBfp6mnNpGzPe-3T01XT8QGi9dQ7tUHdU4BxUJto0bhkX83mvl26h_3KpY3CMisPmeavQOk_06bDvKa4zjTQOHxCNmZfso0Tzf6Q_dsp0ZkVBldIrOxIEjQmFzY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0127
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1

43 B
1014 B

55ms
54ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYt5H8gwEwAQ&v=APEucNURL5_rfCNUS05uMdRPVq6l-yqUTjvURP5eAnWlGw0KIOKkTFnkILQOwoOc6Yx4--sFPOLhcNwLAVr52AGJsTguLoIIi0qWge0Zz7_fpEpJQ8l3KIFijdVPlBfp6mnNpGzPe-3T01XT8QGi9dQ7tUHdU4BxUJto0bhkX83mvl26h_3KpY3CMisPmeavQOk_06bDvKa4zjTQOHxCNmZfso0Tzf6Q_dsp0ZkVBldIrOxIEjQmFzY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Apr 2021 19:36:51 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0127
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs40y4dAGmJYH.4O46K8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2

43 B
894 B

46ms
45ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYt5H8gwEwAQ&v=APEucNURL5_rfCNUS05uMdRPVq6l-yqUTjvURP5eAnWlGw0KIOKkTFnkILQOwoOc6Yx4--sFPOLhcNwLAVr52AGJsTguLoIIi0qWge0Zz7_fpEpJQ8l3KIFijdVPlBfp6mnNpGzPe-3T01XT8QGi9dQ7tUHdU4BxUJto0bhkX83mvl26h_3KpY3CMisPmeavQOk_06bDvKa4zjTQOHxCNmZfso0Tzf6Q_dsp0ZkVBldIrOxIEjQmFzY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Apr 2021 19:36:51 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B0D8 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 17 Apr 2021 15:06:07 GMT
expires: Sun, 17 Apr 2022 15:06:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16244
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0D0F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 757b4926716e73e53f5c40426c5269e22ba08497a3fc5f49d863d7f94c06a580

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 r62eglto.js
ad4m.at/ Frame 0D0F 36 KB
12 KB 24ms
15ms Other
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b684bb683e9214771c03aeca125e09425d5cb5e76911f6d2a43ef39fb55e1c56

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=s2482A==, md5=j1jRJaHZBV79FmSAFAai6Q==
date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10160
x-guploader-uploadid: ABg5-Uxf5ERJo5XMONJXFFQw6iJYsKBrTdgGi5CMm2ThniYI6baP9PJgxVKfUIY6jzeUERJY__dt_dOU4MQlm0--OtE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0982ef128200004e86b2118000000001
last-modified: Fri, 16 Apr 2021 16:47:14 GMT
server: cloudflare
etag: W/"8f58d125a1d9055efd1664801406a2e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aTjpkcE9u%2BIP3VLtNSshgnRh10MIAkH4N5NU9YB3vaRgZ2ByJq5W7dmh7HYmDm1yqm8reBHre%2FRJoolzNn6pfUlY4%2B1c%2BJxaLGBaY0WlxuVBFrEA"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1618591634770240
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11821
cf-ray: 64181aca6dfb4e86-FRA
expires: Sat, 17 Apr 2021 16:47:31 GMT

GET
H3-29 200 container.html Show response
db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 170B 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 17 Apr 2021 19:36:50 GMT
expires: Sun, 17 Apr 2022 19:36:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame D2C8 2 KB
2 KB 14ms
14ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-type: text/html
set-cookie: __cfduid=d1a05593b67703dfa0db889e8267de9761618688211; expires=Mon, 17-May-21 19:36:51 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Sat, 17 Apr 2021 20:36:51 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2548942
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0982ef128d00004e868f1a4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AOK9a0eKfUOI7FjESuUc72NubD0yzo2Azf%2FQWqVtq0bXgK4jTqxtOsqRMgWjLTJVZe7hBPZhA6xdOi0WnMMI4XRiH4d8sHdimxnR9bXmxQIzzbSO"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64181aca7e1e4e86-FRA
content-encoding: br

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AB2A 478 B
253 B 27ms
25ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY-OnynQEwAQ&v=APEucNW8NNP0FvTEMzTGFVr1Z_9F6CsuP-wAgASWMvmJZmUmB4D5tjCFkWlCGH8rSi5MjD7UbrI3ID0n14LgcMiIw3Wy1Mqqm0ZgX1FYWdufb_M6fZTJfOusXhKgUIn_lRWMSOT8DHu8IPpZ8OsyTGvZD9hu7Pl3kFxioZWHGG-W_Ys-upNV2aJA-YjAjsykYUVcOZIPqrrFW9ODq_oIm9XnML-UdnvUnrIl_B0nd37BX0rnwGbRJNc

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPDkLxDD7WMY-OnynQEwAQ&v=APEucNW8NNP0FvTEMzTGFVr1Z_9F6CsuP-wAgASWMvmJZmUmB4D5tjCFkWlCGH8rSi5MjD7UbrI3ID0n14LgcMiIw3Wy1Mqqm0ZgX1FYWdufb_M6fZTJfOusXhKgUIn_lRWMSOT8DHu8IPpZ8OsyTGvZD9hu7Pl3kFxioZWHGG-W_Ys-upNV2aJA-YjAjsykYUVcOZIPqrrFW9ODq_oIm9XnML-UdnvUnrIl_B0nd37BX0rnwGbRJNc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnBQwXmWbgCrdXwMP3_7ypfaF8ORtu7wk2IcWH7ltfkkKJA3fpt5wL63puc_vY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 17 Apr 2021 19:36:51 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 170B 57 KB
23 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbOwqkw2rh9MuzGl3qPiiupv8wyzuzDMT6kGjfCknWac_wiG9oer-l-AB44lR2LLRNyemzCxIj7hI2jp0H3pqtq_gXh6OB6hu_7Ua_tbxr4lyLJGQ-GOt5lRfg7JOP8dYR-jHXgGYa84mJa8ioN4vGjOJ16w&dbm_d=AKAmf-A8jLbm7QpbDmgfzWkZWgiqIUVCO671nslvn1ZPJmZHp4r5icW0BGktFWynsZvamf5OQ-XouotQ0nuoUxi9tRnGo80iFkHYZvsWo4GeXOCK-CvvawsGzt7cC1Wvt1_JsZ_lcIjo33WsUP5eEd119rtsoHzAOM2dSrzL85eg6qW8XBbi5b89oD3x9dJX5CC3GLbkVePJx5Rt7trYNYaxHEHODunFqhL4mB05Zfboll3tYOYAhMO16zhsyBWs1RxioI2AHL6FFqykDXn-jvzZfnDnobzAicSQovAYMbTs1H2H7MsJmulobnMNiQ19E6fYFbglllCVegyOLC-hnrYBJJrJc0FAyAHh6LL9lEkwpnWKh3sSXe8r_lXF_AGGER1esdPMIRSdQwbKvWtnFaP3aA9uZaJK5fFuBjMi_ovbS54ADXZrDXpRJKX-7S367rprTFq382bL3ikuR1JP_VfGO9p4riV24dRlmAcE_mm0HohCwWYpf1PisSPtNyads8FYRi5eSFBo6_MJWnXUBPhipSAZAKfhOtkDHYfTE5OaME_B2cGVE5IQsn2-TsvQkby4BkHc8MZfhvbqDkbDWQmekIGZQbupOGaqRQ-rNljgJ_TL77pnrqy4aNc-unkoEM7GB3Ernyeo8WnXCWzcQCUqOhG0A-VC7AsPftPpTvan637fTMz3XS2a6o4HKSTH7EjiSFTyPGTE_Wq5pJGgVe0LhAeowr15d3Eh4Gqm2ENXqck7FRbPExHx7Nm3rHhTN0SvmsUN5eF6H1Ii-N_BunRD2MAWngtGWrexXFuSo1AUkFcCy-joW8ibEhg6X_Z9sXRI5cK_68RW9RTaB92mcXHf--D-HzbEgBZdFGykFT7EYVInoL2qw1ScZCZ2T_yL2JiS8R376odG-qCej0H4ro2Bkf2vV8jGfClqwKhBlZukSmqSe7sW32Hz_xJENEtjCmcYjfrU9JblTBLY77xRFvUF4zf918EKr1lRwDIdL1ib0RcXHF4TImuwGm7gLJm9s72zgAeIltsQgIQgds386SIclUnhR31SYqEIsCvoxgz20gq_o2hloZK-qaKPKKKOl9MhZhDKRuZkYLPkFu-cyA79pu_MKl61IdYpxhZAW19eGSJ984mjQi9Glccv6lEGqBmkhiIIL7pSDSBS79raXEJXIzChwz7WpooOvbRDS4ezqd3OsRjM-HHUKfX3GMHHXE6eQulizgiivvKG7QCOB60pL1-WJkBwx2uIXqU3gSFdrisK-NtquuTxSFU5LtE5BnHLFFVhNoxbE_GmjE-5NP5PpTGMAuVd7qq-n6yRpEZyFyeahmKg6LVGrSjVKcPQnkkr_gM3ozyuqOiXn3Fmpth73jSPUPkvqsO4fSUvHcVPkG7YPFNSNx6H0FE6MjYJ66Q3SHcqGFq19a5wvpTDIVB00hP7Jfn7elPom9AE7vJStLpN3GnWodGYztp8Wat3n6awLkXFCwYlda-4O2IcsDhQdCDbaBa3BEPOUFxkQD_Feisc50K4BWJMhNFy7GIne0vZyf7JFEGLHJv9XFp3NT2D82l3kCIIbQxmmAcRKWcYxCvOXhK_zNzLYbKfv87hbierelo_8WwL9F3FvGArsMQdV4IG__rAFdOt9CG20uDnOYMSzilkyTOcBY8FbNKyRgBc7UUB3OL8OAaGBZsliWKsz2RGbQ3hCG0qudRFPWenMDxHWQXCWKoL2_Z-WeRV8suGaNmKBf3ccJmNXOfsTVSGFBHUMah2Rn0_HF_HcfrgrDQwkW2zwQ6yi13AFrPoZvqAohwg1no_spG_J4uOgfn0MLLtoauC6N68ZblAiZ4ppqOH1HMoHV0xuzP4G1KWPTMnNFdOnpYb_NumqsbIDqUgH8h49-57OhgJ6HVvZRdWZbgI2aNIm6l9kbTTOYoOIh9-YxDK45bLldvgYSJbwj-N9mh9ungagVkD6PN1CDIwprHYL9tzZfm6jlFUHfBUUPtY_FiDnzQgl3bk-iHOvhRIWgaezVKWQUfvXvCKhHMqMOjiWGD0zTuyg3Jf6FUSeYHF-Xnb7ZxBHtWrd4hwKGVnr86djITaUupHCR6CRbSrRpohM9kjpO8sN65eOkiul5s0ptCIgEchprU-eziCy1uVXU101pRyxAXOoUhlKNxhvMRF2gJVu0GWk-gUocR-HcAniL7vgt1EyUMwchVyyKebmIm--WF_RM2JshNBYdTQ-o8VGmW2Zjc78xl1Ul0FFp447ywb0rSb3zLwE4xuU4RpWq1riApnK0KYI7j0g0iGb-0sBXZRJ3g5KjyMMSJ4k3UFWV-VKXOD2tTfhmuMjrBZtr-iJ8pyEjPq5ljtWLlpFL4YWD9KGnp5dhXr_1NhuYVHC4YyAbm5vkMrzdLSKt2S5R0hzYQEmoSz8JxGsy4ezuy6Whkf7Ic_3tfD4kgCw3pQoV4GokMjCpDoAexITq0D7AJv9f_rOPZJ0wQL93uju51qTtaZ3B82nmsBlDTDSzZx_JQmLlrAeHqJmREz_En_UU9W01LdzphYMfr8vMnDBxYEq9_U8xmy7QbRwVsSKsKKEKlnBxdgUUnl7NaipftD7QX3VkGBsFQZN7HDuUNls2xbx7E0Hma49CToGTAENTSgJZQQG_et08QygC84FJeBthiB8bBZiMS1cgfKAqJ3HzIZ3q2YjcsQTgv-Kf07C6UQETPQ2MIEkmpvxHQ9pQndO8hZdpiYsPWs-SjWTLfshbI7OcCMFoZimCbPLT97quXf-2Xn0foCWHBUP7GEhtwSGpxI4y-uTYODynh_eG1ZDDnHW_UWj0aWAfNfjzdLhCg1JWbhgVo-TZcHmPRZ-PnJfg8rn5qSJWbrnnncNYpLsm_ilYDWWmuFQ6udqiaAB5QZicJHHoqh6txYURC1aY0AMYCyM9diHCjYHlpj_BSgRYK0ipgBPV-UX9YABjIr0xlNsAWYCpjdL6RVoiizBsXpbCe_aQszxgvKCbDNsRiVOWaY__GO6RLCw_AjBRlzQRFuqzU6etkB-vLm07n1Ilf_OPneetUCnv0drWWnEEtCX0_naEHzOIksUmqx5CS8Hc4bHTbmL0pUBvQI90oTM419pHJYuqGClgO32QyqF3yegLH9DTSVLzY&cid=CAASPeRosDEYWorcEmeXHJEFVMQru4-DGhNFAUTE-a6CbMwjaUU_YN1lCLMGjDMcTf5hAng_RTGKd8HgTuuQMzI&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eee414710c772f83156670d9b106bb4043b6863fefd25e725a6a83977aea4bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 170B 42 B
63 B 40ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoGCE83sQ3ULgmM0yV3ivDczU7Jx5C2rl8gUAoLN7MSJFCZsR_10_ROi0OaF735irQ2brnjWi49YRmFfWBF3y4wypoC-yaFawCbaZmZHQ9Uw5N8BU

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 170B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:36:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 170B 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 170B 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:30:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 170B 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZjazkHVPfQiUoTMJL8Xok-g_JfDNELaywyXDOhN3SByRPAtYFN6qoY53iru5u5fT9v4dQ
Requested by: Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame B0D8 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 278911
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 107B 1 KB
1 KB 43ms
20ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-type: text/html
set-cookie: __cfduid=da71d4d423e2c9a4b128e42dc64d1e13a1618688211; expires=Mon, 17-May-21 19:36:51 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 1759
cf-request-id: 0982ef12bf00002b1a5418a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kIN%2FKnCG8gV3D4er%2BSjb2oSExlPGcQ27sKY80bDRk%2F%2FLEUinjp9JPPe3jv3VjTVaYIYId4wLiphoOVAZnwLNgf1GyCdWXsmtRTFHNhawPeagiOZ%2FZcKO"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64181acacc5d2b1a-FRA
content-encoding: br

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame AB2A 170 B
188 B 25ms
24ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY-OnynQEwAQ&v=APEucNW8NNP0FvTEMzTGFVr1Z_9F6CsuP-wAgASWMvmJZmUmB4D5tjCFkWlCGH8rSi5MjD7UbrI3ID0n14LgcMiIw3Wy1Mqqm0ZgX1FYWdufb_M6fZTJfOusXhKgUIn_lRWMSOT8DHu8IPpZ8OsyTGvZD9hu7Pl3kFxioZWHGG-W_Ys-upNV2aJA-YjAjsykYUVcOZIPqrrFW9ODq_oIm9XnML-UdnvUnrIl_B0nd37BX0rnwGbRJNc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AB2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1

43 B
894 B

31ms
31ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY-OnynQEwAQ&v=APEucNW8NNP0FvTEMzTGFVr1Z_9F6CsuP-wAgASWMvmJZmUmB4D5tjCFkWlCGH8rSi5MjD7UbrI3ID0n14LgcMiIw3Wy1Mqqm0ZgX1FYWdufb_M6fZTJfOusXhKgUIn_lRWMSOT8DHu8IPpZ8OsyTGvZD9hu7Pl3kFxioZWHGG-W_Ys-upNV2aJA-YjAjsykYUVcOZIPqrrFW9ODq_oIm9XnML-UdnvUnrIl_B0nd37BX0rnwGbRJNc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Apr 2021 19:36:51 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AB2A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs40y4dAGmJYH.4O46K8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2

43 B
894 B

42ms
41ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY-OnynQEwAQ&v=APEucNW8NNP0FvTEMzTGFVr1Z_9F6CsuP-wAgASWMvmJZmUmB4D5tjCFkWlCGH8rSi5MjD7UbrI3ID0n14LgcMiIw3Wy1Mqqm0ZgX1FYWdufb_M6fZTJfOusXhKgUIn_lRWMSOT8DHu8IPpZ8OsyTGvZD9hu7Pl3kFxioZWHGG-W_Ys-upNV2aJA-YjAjsykYUVcOZIPqrrFW9ODq_oIm9XnML-UdnvUnrIl_B0nd37BX0rnwGbRJNc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Apr 2021 19:36:51 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jK9B5S1pgtgDmv7Vlxq4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 170B 111 KB
39 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 678
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Apr 2021 19:25:33 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame 170B 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbOwqkw2rh9MuzGl3qPiiupv8wyzuzDMT6kGjfCknWac_wiG9oer-l-AB44lR2LLRNyemzCxIj7hI2jp0H3pqtq_gXh6OB6hu_7Ua_tbxr4lyLJGQ-GOt5lRfg7JOP8dYR-jHXgGYa84mJa8ioN4vGjOJ16w&dbm_d=AKAmf-A8jLbm7QpbDmgfzWkZWgiqIUVCO671nslvn1ZPJmZHp4r5icW0BGktFWynsZvamf5OQ-XouotQ0nuoUxi9tRnGo80iFkHYZvsWo4GeXOCK-CvvawsGzt7cC1Wvt1_JsZ_lcIjo33WsUP5eEd119rtsoHzAOM2dSrzL85eg6qW8XBbi5b89oD3x9dJX5CC3GLbkVePJx5Rt7trYNYaxHEHODunFqhL4mB05Zfboll3tYOYAhMO16zhsyBWs1RxioI2AHL6FFqykDXn-jvzZfnDnobzAicSQovAYMbTs1H2H7MsJmulobnMNiQ19E6fYFbglllCVegyOLC-hnrYBJJrJc0FAyAHh6LL9lEkwpnWKh3sSXe8r_lXF_AGGER1esdPMIRSdQwbKvWtnFaP3aA9uZaJK5fFuBjMi_ovbS54ADXZrDXpRJKX-7S367rprTFq382bL3ikuR1JP_VfGO9p4riV24dRlmAcE_mm0HohCwWYpf1PisSPtNyads8FYRi5eSFBo6_MJWnXUBPhipSAZAKfhOtkDHYfTE5OaME_B2cGVE5IQsn2-TsvQkby4BkHc8MZfhvbqDkbDWQmekIGZQbupOGaqRQ-rNljgJ_TL77pnrqy4aNc-unkoEM7GB3Ernyeo8WnXCWzcQCUqOhG0A-VC7AsPftPpTvan637fTMz3XS2a6o4HKSTH7EjiSFTyPGTE_Wq5pJGgVe0LhAeowr15d3Eh4Gqm2ENXqck7FRbPExHx7Nm3rHhTN0SvmsUN5eF6H1Ii-N_BunRD2MAWngtGWrexXFuSo1AUkFcCy-joW8ibEhg6X_Z9sXRI5cK_68RW9RTaB92mcXHf--D-HzbEgBZdFGykFT7EYVInoL2qw1ScZCZ2T_yL2JiS8R376odG-qCej0H4ro2Bkf2vV8jGfClqwKhBlZukSmqSe7sW32Hz_xJENEtjCmcYjfrU9JblTBLY77xRFvUF4zf918EKr1lRwDIdL1ib0RcXHF4TImuwGm7gLJm9s72zgAeIltsQgIQgds386SIclUnhR31SYqEIsCvoxgz20gq_o2hloZK-qaKPKKKOl9MhZhDKRuZkYLPkFu-cyA79pu_MKl61IdYpxhZAW19eGSJ984mjQi9Glccv6lEGqBmkhiIIL7pSDSBS79raXEJXIzChwz7WpooOvbRDS4ezqd3OsRjM-HHUKfX3GMHHXE6eQulizgiivvKG7QCOB60pL1-WJkBwx2uIXqU3gSFdrisK-NtquuTxSFU5LtE5BnHLFFVhNoxbE_GmjE-5NP5PpTGMAuVd7qq-n6yRpEZyFyeahmKg6LVGrSjVKcPQnkkr_gM3ozyuqOiXn3Fmpth73jSPUPkvqsO4fSUvHcVPkG7YPFNSNx6H0FE6MjYJ66Q3SHcqGFq19a5wvpTDIVB00hP7Jfn7elPom9AE7vJStLpN3GnWodGYztp8Wat3n6awLkXFCwYlda-4O2IcsDhQdCDbaBa3BEPOUFxkQD_Feisc50K4BWJMhNFy7GIne0vZyf7JFEGLHJv9XFp3NT2D82l3kCIIbQxmmAcRKWcYxCvOXhK_zNzLYbKfv87hbierelo_8WwL9F3FvGArsMQdV4IG__rAFdOt9CG20uDnOYMSzilkyTOcBY8FbNKyRgBc7UUB3OL8OAaGBZsliWKsz2RGbQ3hCG0qudRFPWenMDxHWQXCWKoL2_Z-WeRV8suGaNmKBf3ccJmNXOfsTVSGFBHUMah2Rn0_HF_HcfrgrDQwkW2zwQ6yi13AFrPoZvqAohwg1no_spG_J4uOgfn0MLLtoauC6N68ZblAiZ4ppqOH1HMoHV0xuzP4G1KWPTMnNFdOnpYb_NumqsbIDqUgH8h49-57OhgJ6HVvZRdWZbgI2aNIm6l9kbTTOYoOIh9-YxDK45bLldvgYSJbwj-N9mh9ungagVkD6PN1CDIwprHYL9tzZfm6jlFUHfBUUPtY_FiDnzQgl3bk-iHOvhRIWgaezVKWQUfvXvCKhHMqMOjiWGD0zTuyg3Jf6FUSeYHF-Xnb7ZxBHtWrd4hwKGVnr86djITaUupHCR6CRbSrRpohM9kjpO8sN65eOkiul5s0ptCIgEchprU-eziCy1uVXU101pRyxAXOoUhlKNxhvMRF2gJVu0GWk-gUocR-HcAniL7vgt1EyUMwchVyyKebmIm--WF_RM2JshNBYdTQ-o8VGmW2Zjc78xl1Ul0FFp447ywb0rSb3zLwE4xuU4RpWq1riApnK0KYI7j0g0iGb-0sBXZRJ3g5KjyMMSJ4k3UFWV-VKXOD2tTfhmuMjrBZtr-iJ8pyEjPq5ljtWLlpFL4YWD9KGnp5dhXr_1NhuYVHC4YyAbm5vkMrzdLSKt2S5R0hzYQEmoSz8JxGsy4ezuy6Whkf7Ic_3tfD4kgCw3pQoV4GokMjCpDoAexITq0D7AJv9f_rOPZJ0wQL93uju51qTtaZ3B82nmsBlDTDSzZx_JQmLlrAeHqJmREz_En_UU9W01LdzphYMfr8vMnDBxYEq9_U8xmy7QbRwVsSKsKKEKlnBxdgUUnl7NaipftD7QX3VkGBsFQZN7HDuUNls2xbx7E0Hma49CToGTAENTSgJZQQG_et08QygC84FJeBthiB8bBZiMS1cgfKAqJ3HzIZ3q2YjcsQTgv-Kf07C6UQETPQ2MIEkmpvxHQ9pQndO8hZdpiYsPWs-SjWTLfshbI7OcCMFoZimCbPLT97quXf-2Xn0foCWHBUP7GEhtwSGpxI4y-uTYODynh_eG1ZDDnHW_UWj0aWAfNfjzdLhCg1JWbhgVo-TZcHmPRZ-PnJfg8rn5qSJWbrnnncNYpLsm_ilYDWWmuFQ6udqiaAB5QZicJHHoqh6txYURC1aY0AMYCyM9diHCjYHlpj_BSgRYK0ipgBPV-UX9YABjIr0xlNsAWYCpjdL6RVoiizBsXpbCe_aQszxgvKCbDNsRiVOWaY__GO6RLCw_AjBRlzQRFuqzU6etkB-vLm07n1Ilf_OPneetUCnv0drWWnEEtCX0_naEHzOIksUmqx5CS8Hc4bHTbmL0pUBvQI90oTM419pHJYuqGClgO32QyqF3yegLH9DTSVLzY&cid=CAASPeRosDEYWorcEmeXHJEFVMQru4-DGhNFAUTE-a6CbMwjaUU_YN1lCLMGjDMcTf5hAng_RTGKd8HgTuuQMzI&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:33:23 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 170B 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0
server: cafe
etag: 17868783254023373946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 19:31:50 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 170B 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
URL: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 15:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16269
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 15:05:42 GMT

GET
DATA 200
OK truncated
/ Frame 170B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 282a1231df9fa2a50e72feb11309fa81463696ce5e305e25c6763c90773fa430

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A78E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 17 Apr 2021 15:06:07 GMT
expires: Sun, 17 Apr 2022 15:06:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16244
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/6444309/1616160911840/ Frame 2E8E 84 KB
20 KB 21ms
7ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6444309/1616160911840/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76f98b5a789b65e512f6a7ed9372e51e06e312b2f13427b8f0e53fc2aa0052d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /6444309/1616160911840/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20177
date: Sat, 17 Apr 2021 09:50:10 GMT
expires: Sun, 18 Apr 2021 09:50:10 GMT
last-modified: Fri, 19 Mar 2021 13:35:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 35201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 170B 0
575 B 71ms
49ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHfjHxY4BqH7FZ1abA1lm3UzHcwOk8KM7Nar1NZpgv2DXv8TXVvaiH6I5K0P3Bm2CGQcPKQYaVKZ0hbbc07vo2Ahbwu27SrWGTrqLzieHJNXppZHCaU4gblFMkaaXOMtbE6FXxZ-tA7rcfOsNQVd1ZN_dOaDU4SUbjaxOBYyu9PZ4hFL-OE4jFqDWzse_Q88bNNEXO17KH52oEtOtZ14Axvbr_BwbGQ8KE_wR_WBngdgIK67o7-n9REVxu1Uzmj0_-qoRzzXHbPBj-cQzqle6xLLh59cKyEyYbhf9JTw23bqCHjvIBomet321ZKoqTk1RCrILRdUz94dtsIeK-fsGwCuM87drlcrdhnFjUbQBwKgNLxPmjJGjvqSCkOXxG0i1EhGmcD_RZ9cuIBi6GgYuz2lzcdsWM58aFQuxiULRLw3KRGI5Er817jsiWc4GMl3nFoPZuDPT1BPb4QC_JQxf3JRxppgrNknwClSrNs8nFMMZgESLFAOJkXEI_eVuzNZ45mL07-BjJhSk7D7uPydT7nOtZQVB0yhkOSQXEECnuX1ZH6A3i80osjRWUsqK9JZFR2ewloUo7O7VlmO2F2e2AlJv7awB8Ab6Gb1Vy5J-EGPAyWDp5JTRyQQLAhfwiI19lkz4sc7mQemhYifwGq46NtkI9FPGigEduv7C8BT7oVZihE2237Cte0gTlEwTv12t3wfbrHT4MUdw8dMMS_7-61h84Mmn6vaCVG5EziSMR4I-wK4pFU0Xbc9k4M_c6BvJAMsc5yOaQsWKxzkSEjaJEVgRHa5DGFL3OabpACbEnR-F5pOr6p5KZIw5bv5qqWg-0heh1xk6GY6aVnHCd6gGishwTgXTsux1etnXI7wL9joOxNbJzzFjgbTPZisihnFFv2Kc3yuCCudgI_FAMpAsOyujoH9e88yfe1xelbChw_Q9W_TJeLU-bk1eHfEZ9gskAIFt5v7uc6MoiRVdrN5wQAuRbFTzN2YmuuXCy0nZQyQ3LoFQ7yFCzz3ITdOaKcu3IsZ0X3_RLkyE4JVX7hrc_ONdmyj-pndULxdkFlXa4sP5ibJw8cBUBCCun9tBMmWsn_8_fdtwWiEcLArKNFmbFc190V66wgKs0b9w4rwSCFi1FWYrFQxUozCX_TkPJjY2X9ZJJuXThGoslRjlgKzCWSeP1d4hhyTpI9VFCrX7F-m0zm7NaI-uog8wtBs0gQx40Ktvs_bekIg&sai=AMfl-YQypzn0zKVnU1Jnurvsqwf0DImm7NY7-UPeG8jEpcSu_QLPXuDYpZv7T15OUV7HeW2R_a82N-wwo4mcDFNpC5p4y5PMhcueBecrZffBeZf-iVkuxrK8TgShoz_Fp5jkdGdNbdWLxGzUQokrhML-32KvFRdFH2pkNCosYQHHAOi6ZEINSLsMK2aywFyCsn-DmbW2QWdkIr-0oCERvGUSlt5lbWJttMfPQXEUxQJPNjWjfjCbSvvJG07chJinl3UA&sig=Cg0ArKJSzBMfn6HBNLdLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=100&cbvp=1&cstd=96&cisv=r20210414.19332&adurl=

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 17 Apr 2021 19:36:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 rs Show response
ad4m.at/ Frame 0D0F 2 KB
2 KB 46ms
46ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56710f0b80c53fa3faae13091a1f9e42d65e662713d0f8d605614b480b1c2725

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 0982ef1376000097a20281b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tXZ8Dox%2Fi4ybPYuSgOOmvU4LIZGokRFPD%2BveS72c%2B1LPStFj8inHRYRHsR%2BaGLbeLG%2BflkmJ47mQHSUcB7tRL%2BqXNw%2BM97SSf30zhJAvpr7WhJbr"}],"max_age":604800}
content-type: text/plain
access-control-allow-origin: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 64181acbf88897a2-FRA

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 31ms
23ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-rvz5
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0982ef135e000097a20abd1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HXVhW%2BKvBQ4PklwDBz0PQzTGTwYnuaMUYgUxHvL6Eqf9otqIdQVnMWSLxc0YkdNut%2B48t%2Fu%2F%2FRTzSGTN5vxbVWCwhAxc7h5crxMGMJ%2FJExTpomnV"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64181acbc87d97a2-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 2E8E 4 KB
686 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6444309/1616160911840/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a200de114d432846f05e8d78b8158d883577e7d3f194c505815ba28b6386983c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 18:40:06 GMT
server: ESF
date: Sat, 17 Apr 2021 19:36:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Apr 2021 19:36:51 GMT

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 2E8E 28 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6444309/1616160911840/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6444309/1616160911840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 12:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26594
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Apr 2021 12:13:37 GMT

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame A78E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 278911
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2E8E 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 426062
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2E8E 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 346886
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 13 Apr 2022 19:15:25 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2FF0 10 KB
4 KB 24ms
22ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec7f5bcc149bd87a00f7edcc4acd559de5a147d2ee06a2fa45f52069a29ac189

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de4f382e065e92e045f00405371ff1c0d1618688211; expires=Mon, 17-May-21 19:36:51 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0982ef13bf000005fda70eb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64181acc684505fd-FRA
content-encoding: br

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 170B 0
23 B 57ms
43ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-nsd-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 19:36:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Award.png
s0.2mdn.net/6444309/1616160911840/ Frame 2E8E 17 KB
17 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6444309/1616160911840/Award.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a204f01afcf9144e50d67ee44fd07c04cb1b83973354a8501912f09a617f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6444309/1616160911840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 13:45:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 13:35:11 GMT
server: sffe
age: 21096
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17236
x-xss-protection: 0
expires: Sun, 18 Apr 2021 13:45:15 GMT

GET
H3-29 200 Bte_300x600.png
s0.2mdn.net/6444309/1616160911840/ Frame 2E8E 64 KB
64 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6444309/1616160911840/Bte_300x600.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b94375335a37f32dd7981feb546df92892f0b749ec896c9f60a32fab0485d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6444309/1616160911840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 13:45:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 13:35:11 GMT
server: sffe
age: 21096
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65625
x-xss-protection: 0
expires: Sun, 18 Apr 2021 13:45:15 GMT

GET
H3-29 200 Fnd-300x600.jpg
s0.2mdn.net/6444309/1616160911840/ Frame 2E8E 33 KB
33 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6444309/1616160911840/Fnd-300x600.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b38b9a9c25aa5910bb2f97735b63accce5280f0d0fb478b1891b887be666e273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/6444309/1616160911840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 13:45:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 13:35:12 GMT
server: sffe
age: 21096
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34181
x-xss-protection: 0
expires: Sun, 18 Apr 2021 13:45:15 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.3/one-ad/ Frame 2FF0 58 KB
8 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.3/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 19:36:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 801427
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
cf-request-id: 0982ef13ed00004e86c01c0000000001
cf-ray: 64181accab284e86-FRA
expires: Sat, 17 Apr 2021 20:36:51 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2FF0 18 KB
19 KB 21ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 17 Apr 2021 19:36:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 257507
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwDGt8Ydxg4Y8g_5tC13qpFO0gjCXsiixDJ9JayY7sOFqFjSwpWtsZPEcvImSLzcM_9xcN8273mUpgII0i37XY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-request-id: 0982ef13f1000005fdf6924000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o9x16ZuQzEYO3rV2XiY17RpN2cXPP6Ovp7V5f2q4LedSsmIkeudTypQH%2F9sUspAZ9tTMQovxQ4H5Bg%2FTik8aUe4qdMLLi6FZe3Wr6qoTG0nReLZrizv4AC8ghQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 18 Apr 2021 19:36:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 64181accb91405fd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 2FF0 2 KB
2 KB 27ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 17 Apr 2021 19:36:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1928
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Ux7RgqsVbRk27MRBiecINjK2VLQTSQsm2Gc2qtYnzBslX7whGsDbltfOxxe4rEjEUQt5oDljno5RQjOREk0AqU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1598
cf-request-id: 0982ef13f3000005fdf6925000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gx9EuVkJSNfhzQfESAgq59fybFZRtqaZQvtPLT%2BMdsRUb%2FXbXW9dOwGdAtrYXCzP4Utiv5W1mS3kRoFK%2Fv5nZgMRdDL40w6evrX%2Ba8XoXoD%2F%2BApI2fwFmLED0g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 18 Apr 2021 19:36:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 64181accb91805fd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2FF0 43 B
704 B 44ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidEjMcDfEfA3JhzHAHjt4t3QwF4tVTYgoneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 19:36:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 2FF0 9 KB
10 KB 26ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Sat, 17 Apr 2021 19:36:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 255744
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ABg5-UzvxeHBjx_QRjVsVeJScXMKRiKIME3g2TExLz92S5OVTtLbd16l9ZRBSHmh2B46Mk1WTm_pwIihhD9U2OXOCOM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-request-id: 0982ef13f2000005fdaf8cf000000001
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8%2B3jOHWmYORMFoqiibg2YNvpXmBwO%2BzJBjNH75KcF6U%2BusD0M6NFtTAI30O3tFMjtZgjh5kG0wOSrl0i%2BmS3eHiBPX8qYJ5ejtSlGmg798FRUzacvT1FB4F2Kw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Sun, 18 Apr 2021 19:36:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 64181accb91905fd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9E89065D7819B33A36EE348E8D314F4C903CAD6421C87DC8C04665E5FBE2F064978D17012A25C2D3CCA050996BF273A84C65AAFD33EB3BF19ED0A467E4E66FB9
assets.ad4m.at/product_image/ Frame 2FF0 30 KB
31 KB 27ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9E89065D7819B33A36EE348E8D314F4C903CAD6421C87DC8C04665E5FBE2F064978D17012A25C2D3CCA050996BF273A84C65AAFD33EB3BF19ED0A467E4E66FB9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c8b716232b3efb3a3e4e2d06282701aed651e38fde666a257b6a911a102cf4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EGDmmw==, md5=6f4Z7eF0dbAWZF/wps0ORw==
date: Sat, 17 Apr 2021 19:36:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 256840
cf-polished: qual=85, origFmt=jpeg, origSize=109800
x-guploader-uploadid: ABg5-Ux8gxqbeJJ65V-E9bH5XRe7gcwjOJ4dB26dF4-JG5icp4XS9ba6hvRvxpsXqfUYqf4pnJgzLDVjpcG-UDCEtw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31120
cf-request-id: 0982ef13f1000005fdeb17b000000001
last-modified: Fri, 02 Apr 2021 16:31:58 GMT
server: cloudflare
etag: "e9fe19ede17475b016645ff0a6cd0e47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lVMIIJYGizKTNvAuEPNwyPqG9PMV276eWfDRQYAnlkmNYYgCNK1h0rQoPnPotNdXo9BY4s3ksTiC6lclrHaxleu5pm%2B9nWrmHOElaqIbUeH9p9I6uRuDYPm9OA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1617381118251146
content-type: image/webp
expires: Sun, 18 Apr 2021 19:36:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 109800
accept-ranges: bytes
cf-ray: 64181accb91a05fd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame 2FF0
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0...
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdp...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021041721365248573038599X117663V1225131106MSoneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rt...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210417213652485730385...

43 B
772 B

28ms
9ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021041721365248573038599X117663V1225131106MSoneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 19:36:52 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sat, 17 Apr 2021 19:36:52 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021041721365248573038599X117663V1225131106MSoneidzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8oneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2FF0 53 KB
54 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sat, 17 Apr 2021 19:36:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 761902
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ABg5-UzLhfLRHeCW7yKYESJb0v2iDtct5MntyXeyOfTyba77fQ7DcOqMeDq3SVtD_leJQ7NFYBodA8wRsPa4ytmUE3U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-request-id: 0982ef13f2000005fdf4aa3000000001
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mUu8QrP73biJBZobkWFk%2BVeLy3smHYhUYUc3nLwcajImoZ8Cv5dsu3HEW1Ew2zKDKE%2B0O8uiaUyc4xnioGckB68hNR5UYbTb8vfUVY3WZbdLtu1YQ9lNc3zAVA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Sun, 18 Apr 2021 19:36:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 64181accb91b05fd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 C36EBE4CE32BB275676EE7FA5805A5FC5FB60236C0668261D1B8C4D11BA110FD51A671436B844909B5287BE0B0727F86E914B01FB4A98DB8DDCB11C0734E00DC
assets.ad4m.at/product_image/ Frame 2FF0 20 KB
21 KB 25ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C36EBE4CE32BB275676EE7FA5805A5FC5FB60236C0668261D1B8C4D11BA110FD51A671436B844909B5287BE0B0727F86E914B01FB4A98DB8DDCB11C0734E00DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfaf23d03d1a0850b4e7d94a69f8a8d24feed4509f8afb4c52793c5f5015fa65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=a4Yhvw==, md5=0AFWc/HRIB0XV4akhoR4Sw==
date: Sat, 17 Apr 2021 19:36:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 255976
cf-polished: qual=85, origFmt=jpeg, origSize=44377
x-guploader-uploadid: ABg5-UyH8pkRYEW1EYxCr_7RKfqieDluVEwB53df9tRQAHzB1Tmxi5CHSiF5H2fpadWFhvbTKmVZnvkEDhP-TLT0inM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20922
cf-request-id: 0982ef13f2000005fdd98f8000000001
last-modified: Fri, 15 Jan 2021 10:58:45 GMT
server: cloudflare
etag: "d0015673f1d1201d175786a48684784b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PaxukbcILhI9Y8o30%2BxmfQYvhVLpSh8tQ95SuvQqPoH7IrLprTuKclnT99wkgKeYESWKZrwxcVq1XA6Ge9ZXDXUGbT3c8ykzTI2bKUmycA55p83nRJ9jji7fCw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1610708325569705
content-type: image/webp
expires: Sun, 18 Apr 2021 19:36:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44377
accept-ranges: bytes
cf-ray: 64181accb91c05fd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 2FF0
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&gdpr_consent=&gdpr=0&gdp...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021041721365248573038601X117679V1226132702MSoneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202104172136524857303...

43 B
774 B

29ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021041721365248573038601X117679V1226132702MSoneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117679
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C12820%2C19456&b=EjMcDfEfA3JhzHAHjt4t3QwF4tVTYg%2CzmKHRfYf1PVCpHBHMtqtzzpabtwTQ8%2C62kHef3fDZ4CeHmHYtktWW8amt1T3P&f=ADBtYfqfb9VSAHRH4tMCPd1CMt4TR9%2C8RgfDf8fJdAagHJHEtqCkk2UwtwTpr%2CXxeSzfrfrmeU6H4Het1CBBKC8tkT5g&c=300&d=250&e=Hxvrk4xso2rtU7NwBYJqN-9864d2MRmD&g=9666fd7f8c303d01a11eba9a699ca628%2F7365967391414179796&i=25007%2C20773%2C20774&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach06_DC&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTwoh0zh7YMz4BduFlQfqoKXwBvXv5NVe4bHa6Y0MoJzysLwaEAEgqoDDImCV4pCCoAfIAQmpAiAC5XwjGrQ-qAMBqgTXAU_QLgCWrQiSSRfrSXJej-uxtk-YjcikoxVa-Tnii4fG7VVyCozsDSrrsfngXqnhq8hnOyiDNUEB0L_mURThfinbZ3QLdPQDBZ6K4ALacYuyuf1ZN-jI8NgJd54tolF1NNeEqydmb1ySuROl-1C4II6R2flyqV_reCU4jJKY6GnzGjNERISt7niQCGSklNBiKv6i3IEaHto1b6sKPrxR3qyainSgAxEfyL6M3Yv8MPXeX-w50MKZByebLbNp0uIWcnQJ_akQ8D718r8fy8re_PmNmpDrAyFjwASD7qj7oQPgBAOQBgGgBk2AB-qTn0OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkxNjE4NjM2ODU4MjY5NTaACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASB-RoqYOzayA%2526sig%253DAOD64_2JvsUrHuEpPCr7PlGjRNexdtAByA%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-DsPUXekTiknP5f1OEJTzVGJwZvaBpJ4l132KAjbvdvdlDP_KOgsVrIc5_IGyW_GRU7ujld__m8LJjkuqzXNKcv1kN7zsoNf0gxBQ4GiWn4TGhSwWip4eqP6X6YX13iFDLT-NLR6r8X66DcKTYW6NGte05TWQ%2526cry%253D1%2526dbm_d%253DAKAmf-BRL8-MYHOZQIVUq0y6mdT2iPpsZ9XU6_scTYwcIHCP_TQ71ZmI-6gbYa_rtV9U1DbxZoeQ3eYeoftZSXAfdEEoPOzJ-lvXnyZUEj5zRkh8mOYbag3JipvbM8qb6F57AseVME0T_cMUd6SoVpYssJd4yj95yTwB7NF1Vh8o5MHx8JwndRVip1g2gbZjHKK1ZkMz1aiuXSaTn3nWK2pWkkkkNBIgKEDOolmpVm9RidCkZBvOunQoXPJ2lTba0CU2vB0HOVZbSuqhPridjh9MjZ89PXwkBqYFzTy-NuvVe3dH0UgneQnUvILv8GBWezfpx9zkfaFczPv6hCwGqAlt996N1hI4XlwYCpIy2NggkpUGpNsevF6BbpdNF7BYw7N-gn7yOM94e6SxgnfegbBEU7re7AQkbjmXtAHnJdrv8A5uQ8VNIHM_n6h0LMwgRIoluCwLZYlJkZ5rhVP1j1V4gVrdF72rxGFLEFxUSCxEsCw7fYU5gGM1r-vr5oFgln76SBmaVDiz%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 19:36:52 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sat, 17 Apr 2021 19:36:52 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021041721365248573038601X117679V1226132702MSoneid62kHef3fDZ4CeHmHYtktWW8amt1T3Poneid__asuidHxvrk4xso2rtU7NwBYJqN-9864d2MRmDasuid__dbm_Netmix_Reach06_DC&wfid=117679
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0D8 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRnBY0zh7YLGfG6DO7_UPlv6H4AgAAAAAOAHgBAI&bg=!ODulO3_NAAZUuIlwVLg7ACkAdvg8WkihLMKaOGizIsV0GOs0fD2554KzfK3GOedj3x0Wj7EtoTVSJwIAAAEjUgAAABJoAQeZAno3gEqFX_59hI7sqt0UkFmU8WCV9jLvzpvhU3Qi044ande9CbwNgKZ1NCHfha-QUPv6cMTpGyZgtPzq43fy_a4iJp2Njo0663kacprxTNa5PYlc2KN6JKD2AV6p-8mZOHryiKYdF5BCsLnlBkXgSm_5jFGRdyi64mkobnI3bQ7Sv_gwR6vvP9oesOpLMNI09V2klJSHVlD5mVbxmMY6gg0R92uoT64VggE58UmgcUWdQcSJXbQjQ4X_pjXo0zeTHoB6h9zChGLQ6iuZq6vKm8qOmZvggDrWNcc6J2aiUD6OMys83g4Fe6eRLc1tAQVqUBlQE9iKqMTM0xq15tkro4q98bNNbNDtAcjYeGH1BG3qEl1N2BBmuJuc59oOSGlFL82TvVenyneLNwBMuZVpd0GybVCQ9l1MYPTdMZT_x8rvPujlScSG3Y308is_oRogQzuogczNW77g1J2mf9Zb7tRI-ovSdyx8TCBglnbsjbxVLu_9auFgN6bJ3Xbyra7ipaQRl5kzjhJ_POxhmwtT4GHQta0Q_tUaKDcT7LEdFKhPq_L0JMFWCDpO-C4DSbh_OdIAoH95O0vcyxln5h3OJh7EjMsRXgZv9fly46B6MqM3gdhzPXusBXmQ_xweAx_LxXHJ3rwDhJ13QCSA07R66qr88IP1Meso18JkdOI-rXnOYwZe067pDG2DmNmFYsRSO08AomWw9qytyxw9Fpvut7HCnYLc5kvYjQTVyaLvweamw2SaQKir6Qhej6JtVMM7WzngqQ45XWHZ2sJzalmchwyrD-p5EY-orCLoU7xy1voFlj4wEqCoLDxHdKXQ-T4pUeB39LOR1M_iJsYq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A78E 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz3ne0zh7YODIJomv3wPB65H4DgAAAAA4AeAEAg&bg=!NjWlNXHNAAZUuIlwVLg7ACkAdvg8WtyNGOf0fIrshqUGLIyoh4gBPDOkw7DdWj8ZtFuPttUF8OO41wIAAACiUgAAAAloAQeZAmy6ss9EAsuJY2eqVwyPDl1zKHMQBr7UiiH_SNznA3oW85g0pwZkEQBPaoWLNRCEC40tV0xCg200qCWbFMqkkHlLL_t61ce20-wZ0nBFggj6GodFHzILTMg2vSB0qgv6F0U9pBoyzg0AaQJOb0jjCOcVvslO9Pfb-BlqFWwjDSFbqSQFRCIngs-QbB7XckZl0J8yynRzut7vOlwAeAf1THwNyPjWlfEtZpdM3boZOhggE6KFsg_NP7zJN6QlIM20DwN74RSZ0xn2m4A-UYG6WxN-aWoCLdW4U9v8qbVIzCe0l8ivC9xEoJBdABBk_W7Wbo-sC-ZUz7GbP6acN2DsQKG49OYYMpB4DIZ1jwZdV8mPTu47jSxxZNKWyG0EXCDuNJRrfU11EE-dHSOOAiBWu64xSMETQNTivOXh6Xhl8Z5vSXhDrfoxbTzyN93dgkTxA8D3I0xUCF2Gc1tkKEHROfxnVPlBPyw99D2ZejuT2sWKBepQceF6Ze8LN50gCH0ClqnV088GFy8EfZS-1Rp8squ6CgNUHzJoS-dpqq1ifVFB52qMWGwAxpP2isk0YK9C-NM0NfFuxQ0y_LZDj88gu8nrLVtsfj6NMVYHBt-XlPtsJfih4bOW61fQxehrJz-DCKZTVriQId0eJ84Qa2mat-zIKxnDHLE8NeajGORGdzBuXHHNPtgcv2DOpt0-Z5qV9UGAy7VMkXahlk2ekPEvKKyu4RtOEUE8gh3T2tViru49JlFNAparp6xBnPx6vHFhcB6t3Xg_xSFeJgP5MrLGrztZ9ZXwHNRpZYqpQ11iGgtbEab9nd4yRvmy9ZBHgA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D0F 42 B
64 B 56ms
41ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJhM0vdle7t453K6ytNkrkhKj11RFITbpBOIi1A8L3tenb5_Uyjyvjaagl4REy3v9Z4kyNQBUaREkW0cOwMehBRgFbcvqcjlmE_SJz_9j3nCSU&sai=AMfl-YTzg-PqDhNXrp3k9cOVIyLlrMJxfCKImxxO8FItMqGn6mfJdyAAhzwTyg5XZ7R1icvhrN4qT4GNJw2KiJVguD8dOQINHIuFR4yh5vKFq0uC8jYjTK6lJ0cHMs0E_Zg&sig=Cg0ArKJSzM9zVnZKBFa-EAE&cid=CAASB-RoqYOzayA&id=lidar2&mcvt=1000&p=971,508,1221,808&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=20&adk=3643186935&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1618688211393&dlt=27&rpt=196&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 170B 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvu-rXt3FPPYl1IEegqc-mMcieEjbZW4QSo8BmI5xd9arsWDMAJaYwxGLBEycbP6hJ5BvEZaintjS1nJsKIH_qvWrjJed-Aqe44Lis6Bo2YaKeli2INQbD-KwQYjQ&sai=AMfl-YTN271SQp4dsIW12f6bspZ7XzQB88edX2JivZCOqnYX7lKj7a3cpCNEiaVyiCpKjXu6HGMfKob_AuOzGr__gYl1iJGeavZ_TyFdt-tkvnoMid6V879Fm34vKlrXKac&sig=Cg0ArKJSzIpqmMrya5hIEAE&cid=CAASPeRosDEYWorcEmeXHJEFVMQru4-DGhNFAUTE-a6CbMwjaUU_YN1lCLMGjDMcTf5hAng_RTGKd8HgTuuQMzI&id=lidar2&mcvt=1000&p=1119,1382,1159,1423&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2674700253&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1618688211585&dlt=14&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIoP7svoOG8AIVidd3Ch3BdQTvEAAYACCY-cJGQhMI1NvcvoOG8AIVOcu7CB23TAnh;met=1;&timestamp=1618688221917;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 170B 42 B
498 B 65ms
43ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoP7svoOG8AIVidd3Ch3BdQTvEAAYACCY-cJGQhMI1NvcvoOG8AIVOcu7CB23TAnh;met=1;&timestamp=1618688221917;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 19:37:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ja.nex-software.com/	1969-12-31 23:59:59	Name: st_shares_https://ja.nex-software.com/what-is-nsd-exe Value: [object Object]
.nex-software.com/	1970-01-20 02:59:44	Name: __gads Value: ID=8b596e89ad66ebc3-222726fa27bb0082:T=1618688210:S=ALNI_Ma-HMaOnvTyzbwEwyhPBw2j5oevjA
.nex-software.com/	1970-01-19 18:21:20	Name: __cfduid Value: d6aab452af9e99273ab74f2cc21e50bd91618688210

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 1.3.0
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js(Line 2) Message: zxnt->domain abuse ->no ads

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ad4mat.net
ade.googlesyndication.com
adservice.google.com
as.ad4m.at
assets.ad4m.at
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
count-server.sharethis.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
db560529b8d02254251bd7ec0c5db65b.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ja.nex-software.com
l.sharethis.com
load5.biz
na.nawpush.com
nex-software.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pic.nex-software.com
platform-api.sharethis.com
platform-cdn.sharethis.com
portal.blau.de
portal.o2online.de
s0.2mdn.net
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
sw.swwpush.com
tpc.googlesyndication.com
www.awin1.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
104.108.145.8
104.111.239.217
142.250.185.162
142.250.185.194
142.250.186.162
142.250.186.98
143.198.248.63
151.101.65.195
18.196.233.38
205.185.216.10
213.174.135.24
2600:9000:2021:3600:c:a9b7:ddc0:93a1
2600:9000:2021:7e00:1d:85c3:6640:93a1
2600:9000:2021:8a00:c:abe:f440:93a1
2600:9000:206f:2c00:11:a4de:2580:93a1
2600:9000:211e:800:1c:8a07:5e80:93a1
2606:4700:20::681a:ad1
2606:4700:3032::6815:4aa6
2606:4700:3032::ac43:aa7a
2606:4700:3034::ac43:cc49
2a00:1450:4001:801::2001
2a00:1450:4001:808::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a04:4e42:1b::621
3.122.26.231
3.213.224.136
46.4.91.20
78.46.85.162
82.113.101.132
82.113.101.236
84.200.5.215
88.212.201.210
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdf4a7dcad3a686dadb7945273f537027e480e7c61159e6a9b24768cabf9c79
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fed89c081a22c5e69d2a9728988498fa3ae4f89dee4206583b316f8f200c4f6
0ff792aaa1764e5bdbeafd4fd396b6e008ade63642082bc608771261c4b22851
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17065139668f30f8255b554660ce490e543f43ca01f3e6c5f51bb76d0c404e60
1759c7be725e88d3b517a94fa444f083fc24cc92e961c1f2d3ce4c8af1787fbf
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1e9bdb8e32b83cdf3374ad98add49cafd6e161b61df3c747c3d2d11d701119d6
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
2465379aeb8f0ce6d96b26517eb7810dfa05d4858e03795e5a05e2bfc31c5cda
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
282a1231df9fa2a50e72feb11309fa81463696ce5e305e25c6763c90773fa430
2870dc6e6f3f589bd188c94b7a47f905adc5850eff143c8fc403879eeaeca97c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
316a653b533df827d2296f579f9540e4e9a3c82abab72d7c8ea4542794290d44
31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
3c6cbef713f89c82504761cc8f42dee0a0b5c07434ab95c1dfd46b4be66bb78c
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3e519316fb2c453e0ca96da7eecb91a1b8c6935b8ca471a67c900a9ed150e7ea
43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
56710f0b80c53fa3faae13091a1f9e42d65e662713d0f8d605614b480b1c2725
56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
6b94375335a37f32dd7981feb546df92892f0b749ec896c9f60a32fab0485d0b
72a204f01afcf9144e50d67ee44fd07c04cb1b83973354a8501912f09a617f54
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
757b4926716e73e53f5c40426c5269e22ba08497a3fc5f49d863d7f94c06a580
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
7a192fded482a690211b3eddcd1cc8fa77f1c3f6d6e2abf1997677d93a6dae61
7baed6c8e3c0afc5d4a2c21e38953f4e632f9fb05bf5092b5e0a791bad46cdca
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7f266f72eb0457a4965ece65da9a0e52b49fe0f8b2ca15f918a8bb2bb76b5166
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
869a22e82111ba0c1bd9a0dc3024ae66b0f0c675312a94109133f2a645efef8c
8a3840aec57a1ff49f92f132e7791fbc0578cc9e2a85d7ddd52cf324ff503090
900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97552a82da6cb691b2de4c08203ec1d89a04b96268ca70ca5dd506aba66d4142
991ecbf1cd5f362f0dc65fdbce97140d803392c8629f6cc23a039a7f7dfa142a
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
a0be70bfb4eaf5cad8ead71a89c69b93a4122a64eaee9fe7074e68d9156354ad
a200de114d432846f05e8d78b8158d883577e7d3f194c505815ba28b6386983c
a2872dfe6a03cd41366ab2797424febf55bebca9fac5d64604126bd0d47db702
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b4ad52d9e9b337152ac5a1b788b7e60f428121e5856687533dcd7778d3a07d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
aca4daa380e77e4a5e689d32c4a0e5790b802cdaed188896632438e0f50e0278
ae0b415cc13035d71f79bedc6c1aedc894e1b4157f676159e10183d7ea3452b9
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40
b003edc7ff6b0aa8219cef765c5f852854cc0527cda168477b0931005f7d6b2a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34c67107f1b7dd18c382366913a00a08956cc138ebed347df972e81b56ce299
b38b9a9c25aa5910bb2f97735b63accce5280f0d0fb478b1891b887be666e273
b684bb683e9214771c03aeca125e09425d5cb5e76911f6d2a43ef39fb55e1c56
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb79603eac72bc0fdb7be1a81a4d01b409bdafab1cf2c8c3851cb5df52232b76
bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b
c028f967b2451c97bf07bcbe6af07db6bd18c437287b9c6c02c9b9befb31c44f
c5270a1db02455ae4e985beaf7a34531545d9d00cf9d964be1fcad031615318e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c76f98b5a789b65e512f6a7ed9372e51e06e312b2f13427b8f0e53fc2aa0052d
caed653bd17ae868deab576acbe47205d37ef4f55f7184416adc9c8b77b5fe69
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d13e095de03aed147792992ae16497a4811043d41b028369198dc7d578a62129
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6
dfaf23d03d1a0850b4e7d94a69f8a8d24feed4509f8afb4c52793c5f5015fa65
e0c8b716232b3efb3a3e4e2d06282701aed651e38fde666a257b6a911a102cf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
ec7f5bcc149bd87a00f7edcc4acd559de5a147d2ee06a2fa45f52069a29ac189
ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed
eee414710c772f83156670d9b106bb4043b6863fefd25e725a6a83977aea4bf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

ja.nex-software.com Open in urlscan Pro 2606:4700:3032::6815:4aa6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

100 %HTTPS

53 %IPv6

27 Domains

45 Subdomains

38 IPs

4 Countries

2154 kBTransfer

4034 kBSize

3 Cookies

35 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.nex-software.com Open in urlscan Pro
2606:4700:3032::6815:4aa6 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

100 %
HTTPS

53 %
IPv6

27
Domains

45
Subdomains

38
IPs

4
Countries

2154 kB
Transfer

4034 kB
Size

3
Cookies

129 HTTP transactions
3 data transactions