fr.nex-software.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fr.nex-software.com/
Effective URL:
https://fr.nex-software.com/
Submission: On April 27 via api (April 27th 2023, 11:41:12 pm UTC) from US — Scanned from NL

Summary HTTP 128 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 43 domains to perform 128 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is fr.nex-software.com.
TLS certificate: Issued by GTS CA 1P5 on March 10th 2023. Valid for: 3 months.

This is the only time fr.nex-software.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 31	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:9e7d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 1	188.166.100.156 188.166.100.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2600:9000:209... 2600:9000:2093:2200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:6a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.34 13.32.99.34	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2010	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2600:9000:206... 2600:9000:206f:7800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.163.83 52.29.163.83	16509 (AMAZON-02) (AMAZON-02)
1	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.86 99.86.4.86	16509 (AMAZON-02) (AMAZON-02)
1	78.47.199.206 78.47.199.206	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2343::2	24940 (HETZNER-AS) (HETZNER-AS)
1	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:6e00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	34.249.220.178 34.249.220.178	16509 (AMAZON-02) (AMAZON-02)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2 3	2a01:4f8:c0:2... 2a01:4f8:c0:2f03::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:49... 2a02:128:7:4910::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
128	49

4 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fr.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fr.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cookieconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:9e7d (United States)

ASN13335 (CLOUDFLARENET, US)

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.100.156 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3be4572f0f.535a855e66.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2093:2200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6a0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.termsfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.163.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-163-83.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.47.199.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.199.47.78.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2343::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ntvpwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6e00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.220.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-220-178.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:c0:2f03::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

3fcf8b39a0.41f6f373a2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbrennab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4910::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, US)

btds.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.1vag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	nex-software.com 1 redirects fr.nex-software.com nex-software.com pic.nex-software.com	2 MB
24	googlesyndication.com 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	132 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	193 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	91 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	4 KB
4	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 359482	40 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3166 google-bidout-d.openx.net — Cisco Umbrella Rank: 3148	679 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5368 buttons-config.sharethis.com — Cisco Umbrella Rank: 6788 l.sharethis.com — Cisco Umbrella Rank: 5697	46 KB
2	41f6f373a2.com 1 redirects 3fcf8b39a0.41f6f373a2.com	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	314 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323	12 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 28615	407 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	3 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7108	1 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 33098	212 KB
1	1vag.com cdn.1vag.com — Cisco Umbrella Rank: 67859	335 B
1	zog.link 1 redirects btds.zog.link — Cisco Umbrella Rank: 35827	222 B
1	rtbrennab.com 1 redirects rtbrennab.com — Cisco Umbrella Rank: 34394	481 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3353	8 KB
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 46695	18 KB
1	ntvpwpush.com ntvpwpush.com — Cisco Umbrella Rank: 24832	654 B
1	535a855e66.com 3be4572f0f.535a855e66.com	207 B
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 11490	531 B
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 10793	1 KB
1	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 57884	3 KB
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 830353	416 B
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 13007	238 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 37964	1 KB
1	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 13125	56 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 625	5 KB
1	termsfeed.com www.termsfeed.com — Cisco Umbrella Rank: 93739	56 KB
1	cookieconsent.com 1 redirects www.cookieconsent.com — Cisco Umbrella Rank: 249111	491 B
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 264011	861 B
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz — Cisco Umbrella Rank: 384578	8 KB
128	43

	Domain	Requested by
20	pic.nex-software.com	fr.nex-software.com
15	pagead2.googlesyndication.com	7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
12	nex-software.com	fr.nex-software.com nex-software.com
11	s0.2mdn.net	fr.nex-software.com s0.2mdn.net 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
4	cdn.zx-adnet.com	fr.nex-software.com cdn.zx-adnet.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	3fcf8b39a0.41f6f373a2.com	1 redirects js.cabnnr.com
2	googleads4.g.doubleclick.net	fr.nex-software.com
2	oajs.openx.net	1 redirects fr.nex-software.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	googleads.g.doubleclick.net	7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fp.metricswpsh.com	js.wpadmngr.com
2	cdn.jsdelivr.net	get.optad360.io securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects fr.nex-software.com
2	get.optad360.io	fr.nex-software.com get.optad360.io
2	fr.nex-software.com	1 redirects
1	cdn.1vag.com	js.cabnnr.com
1	btds.zog.link	1 redirects
1	rtbrennab.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	fr.nex-software.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	www.googletagservices.com	7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	js.cabnnr.com	js.wpadmngr.com
1	ntvpwpush.com	js.wpadmngr.com
1	3be4572f0f.535a855e66.com	js.wpadmngr.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	notification.tubecup.net	js.wpadmngr.com
1	optad360.mgr.consensu.org	fr.nex-software.com
1	site2text-2021.web.app	storage.googleapis.com
1	js.wpshsdk.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	js.wpadmngr.com	cst.wpu.sh
1	storage.googleapis.com	cdn.zx-adnet.com
1	platform-api.sharethis.com	fr.nex-software.com
1	www.termsfeed.com	fr.nex-software.com
1	www.cookieconsent.com	1 redirects
1	cst.cstwpush.com	fr.nex-software.com
1	cst.wpu.sh	1 redirects
1	load5.biz	fr.nex-software.com
128	57

This site contains links to these domains. Also see Links.

Domain
nl.nex-software.com
en.optad360.com
clickadilla.com

Subject Issuer	Validity	Valid
*.nex-software.com GTS CA 1P5	`2023-03-10` - `2023-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-28` - `2023-08-28`	a year	crt.sh
username.digitalreceipt.co.ke GTS CA 1D4	`2023-03-10` - `2023-06-08`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-18`	5 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
js.wpadmngr.com R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
na.nawpush.com R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
js.wpshsdk.com R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
web.app GTS CA 1D4	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
notification.tubecup.net R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
3be4572f0f.535a855e66.com R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
js.cabnnr.com R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
41f6f373a2.com R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
cdn.1vag.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://fr.nex-software.com/
Frame ID: BC25FC653EFF04FD23630B3597EC8E1F
Requests: 78 HTTP requests in this frame

Frame: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B8B6F49404649D977EFE3EC73C61270
Requests: 1 HTTP requests in this frame

Frame: https://ntvpwpush.com/dl/cookies
Frame ID: 38650DDEB6C423D617A6368811AE4BB5
Requests: 1 HTTP requests in this frame

Frame: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2351C4B44947310F4B94143A93175633
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYodSH4QEwAQ&v=APEucNVXUav7vgi6NPSNyeNXpYyEls2lPP4sB4_Xkv0tTEFnQGhlPdMJ3qFuocXAgcDlMsPI2XPxF4B20ywS_xqKJBBAnHshiaQkJdGnk_fsagA4CJIcZLipRnzfZfhbyVuO8v7pIhEE9PZnSqiwBUZW7dwMFSOx-Fk05lTudfaLQXchJ5s0U0ecjoj7i142OGl-M20vmUiifAUqvYojmgWhuDyxB0q1og
Frame ID: BBD0DE48254442FDDEFD5EA5ED379961
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=fr.nex-software.com
Frame ID: E68609D6914C21AFBEC2C7A56958EE86
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7C1FC7EBB84F083C7B795033376208CD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
Frame ID: 59AF22EE35DB64AE17D0B387E3B48895
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AD8E06686B14380FE6B3C761452643DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D401C48D7F72ACE66BF5C2C13C06E8B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D34490E17CC2B5B0366CA3769AFC6D4
Requests: 2 HTTP requests in this frame

Frame: https://3fcf8b39a0.41f6f373a2.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlRvdXRlcyUyQ0xlcyUyQ0luZm9ybWF0aW9ucyUyQ1N1ciUyQ0xlcyUyQ0ZpY2hpZXJzJTJDTGVzJTJDUGx1cyUyQ1BvcHVsYWlyZXMlMkNBdnJpbCUyQzIwMjMsIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMjY2Mjg4NzgxIiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTAyNzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1hIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MCwidjIiOjEsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDI3NyIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9mci5uZXgtc29mdHdhcmUuY29tLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyZWVkMTdlZWM0NDMzZjQ5YzFjM2RiYmY4NWJiOWFlYSIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjgyNjM4ODcwNzE4fX0=
Frame ID: B5184D77C4122DB9A7FD542DCD68B747
Requests: 1 HTTP requests in this frame

Frame: https://cdn.1vag.com/1x1.png
Frame ID: 8EA55F24FB7527504AE3CA262EA23A14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toutes Les Informations Sur Les Fichiers Les Plus Populaires

Page URL History Show full URLs

http://fr.nex-software.com/ HTTP 301
https://fr.nex-software.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

128
Requests

92 %
HTTPS

50 %
IPv6

43
Domains

57
Subdomains

49
IPs

8
Countries

3388 kB
Transfer

5804 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://nl.nex-software.com/
Title: fr.nex-software.com - 2023

Search URL Search Domain Scan URL

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=fr.nex-software.com

Search URL Search Domain Scan URL

URL: https://clickadilla.com/?ref=tFpe80Ev&utm_source=label_test1&utm_medium=banner
Title: СlickAdilla

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fr.nex-software.com/ HTTP 301
https://fr.nex-software.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 9

https://www.cookieconsent.com/releases/4.0.0/cookie-consent.js HTTP 301
https://www.termsfeed.com/public/cookie-consent/4.0.0/cookie-consent.js

Request Chain 40

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//fr.nex-software.com/;0.28931671175052776 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//fr.nex-software.com/;0.28931671175052776

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&C=1

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEsIFKqse-.UnTMIyQS6iwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&google_hm=2

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG-Dat633-1dHwQ74h6-f1A&google_cver=1

Request Chain 88

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE0NDU5OTU2NTE3NTE1MjIwNw%3D%3D

Request Chain 89

https://oajs.openx.net/esp?url=https%3A%2F%2Ffr.nex-software.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ffr.nex-software.com%2F&rid=esp&cc=1

Request Chain 93

https://gum.criteo.com/sid/json?origin=publishertagids&domain=nex-software.com&sn=ChromeSyncframe&so=0&topUrl=fr.nex-software.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=QY1MOXxEU0NsNmdZNGlOQzZvNi84K3FGa3VrZXZtRDBrODdVVWVVZUwzK2hPbFh2Z000ZzNZYkFVbi9HQWkwVkRUSFlaaFFIVFZNNW4xc3ZtOGNOeTRWcSt2NndTQnF6bkNrd0NFZ3BweTFyYUF3WnR3V3FLekE0NXlTWkNXMFp5SGtqeDJXejFwTFFTUXJxdG5wRUVxUGhKL1hMa1BnUUZLMEx6Y3BCVUJhanZPbG53MVY2R3hqT2wwbEt5MlpZeDlaaHV1ZU5xMEZ5eUxOdGF6bGJwK2tZdm9PeUYzdmNqL1NjZ1JsYU02VWpuV2xRaW1xTXFZNWh6cnpiS2FJdmNQckdVMW5xNmVQWUFTd3dUemZJQTk2cW83WkUzMTkyKzVDZG82WHp5b2pHMXlGST18&cppv=2

Request Chain 127

https://3fcf8b39a0.41f6f373a2.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlRvdXRlcyUyQ0xlcyUyQ0luZm9ybWF0aW9ucyUyQ1N1ciUyQ0xlcyUyQ0ZpY2hpZXJzJTJDTGVzJTJDUGx1cyUyQ1BvcHVsYWlyZXMlMkNBdnJpbCUyQzIwMjMsIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMjY2Mjg4NzgxIiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTAyNzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1hIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MCwidjIiOjEsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDI3NyIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9mci5uZXgtc29mdHdhcmUuY29tLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyZWVkMTdlZWM0NDMzZjQ5YzFjM2RiYmY4NWJiOWFlYSIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjgyNjM4ODcwNzE4fX0= HTTP 302
https://rtbrennab.com/banner/in/show/?mid=8057911507031853168&pid=0&site=10277&sc=NL&usage_type=DCH&subid=266288781&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=fr.nex-software.com&hostname=auc-banner-hz-6&site_id=0&spot_id=10277&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4020:a034:1000::8&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=27.634216439048302&ml=&tag_ab=a&v2=1&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10277%26source%3D266288781%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10277%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DToutes%252CLes%252CInformations%252CSur%252CLes%252CFichiers%252CLes%252CPlus%252CPopulaires%252CAvril%252C2023%2C%26spot_id%3D10277%26p%3Dhttps%253A%252F%252Ffr.nex-software.com%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D27.634216439048302%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Toutes%2CLes%2CInformations%2CSur%2CLes%2CFichiers%2CLes%2CPlus%2CPopulaires%2CAvril%2C2023,&stratagem=nlabel-a&ssp=3972&refresh=1&priority=0&bb=0.0001 HTTP 302
https://btds.zog.link/in/912/?sid=10277&source=266288781&idzone=0&w=1&h=1&mo=&ve=&site_id=10277&utm1=&utm2=&utm3=&utm4=&ad_tags=Toutes%2CLes%2CInformations%2CSur%2CLes%2CFichiers%2CLes%2CPlus%2CPopulaires%2CAvril%2C2023,&spot_id=10277&p=https%3A%2F%2Ffr.nex-software.com%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=27.634216439048302&bf=0.0001 HTTP 302
https://cdn.1vag.com/1x1.png

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fr.nex-software.com/
Redirect Chain

http://fr.nex-software.com/
https://fr.nex-software.com/

39 KB
6 KB

114ms
73ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b283eb4e8e9e4490a7c4b8c98a98ce42b91f54362fec67cbec90cefaeeda408

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7beaea152d1c06c2-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 23:41:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY3NANPbg5zwZaT22%2B%2BbknS1EtsEI1Pgd9uU%2FX%2FAciHc6f7Us5AocPJA0nHSENCKW34UVN53Lzv5ElZ69%2FD0sin0jVqtq1F52xZpIXMD3%2BGhHQS%2FXIM5gc6VMysDaSYY%2F5UAvq66XTCK%2BBrhvhcNOmbL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7beaea14c91fb8a8-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 27 Apr 2023 23:41:06 GMT
Expires: Fri, 28 Apr 2023 00:41:06 GMT
Location: https://fr.nex-software.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6IgwO1BL%2F7jm0XeN4ZfrOuEtPnt6xinWXuYMQgliheg0VelLge4ZXuiTms7wDG0C5EeL%2BzMylizRLbj47JDvkjNrDU%2F6C%2BApbe4FY5jASSx8vQZrkvR49rBqVMd1btzPc6oxhUmuNd5I49iXXGFoi0i"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 18 KB
8 KB 89ms
33ms Script
application/javascript 2606:4700:3037::ac43:9e7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9e7d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d83dba90b9c09397b1d1d3aff209919e4e02aab97471725ad0ab6d57e5cdd0

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: img-src https: data:; upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vrh7RdVuWDzvWIoa018zB4sbNO7Wx9E3EqpsJ9Xr8l8C8A5NidC7mBC7%2BelZRfmSxRmx%2FYKxT86s1aM%2Fkhh6SDMC62iSQvof6vnPOWmT%2F5K1F%2BnG3ui3GAu01Fy07wxkbEoou2lw%2FjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7beaea160d77b724-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css.css
nex-software.com/template/css/ 6 KB
883 B 96ms
71ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/css.css

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"180a-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oXHIChSnKd2Sb%2Bmx20gss%2B3erKLZ7Sd77FRCy3ltyb7b8DORM4xoaOZORuEgaae%2BzWp0fuOxKHN3mEHDQk3xxs5pJnmGNl4erimygQ4dyLOrrz%2FlOtnrGRv9st7pRAwCeU4CyPCzgVkIeMe56Ml"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea15ddcc06c2-AMS

GET
H2 200 bootstrap.min.css
nex-software.com/template/css/ 132 KB
20 KB 127ms
102ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/bootstrap.min.css

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"211f6-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vye%2Bg9OqKYcVR5uUGKbSQQczc5B5UYkElJfur3C%2Bxlat62uzoK2wHtQjj5kyS3aTqVKVmiLUz805yIWaR8aG%2FNQWx1MngiR%2BqhWX1uU1bobMAlukJKKbpSjkCub%2BSHMcWkpyoNlRUkOc9RKZdZu"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea15ddcd06c2-AMS

GET
H2 200 jquery.bxslider.css
nex-software.com/template/css/ 3 KB
1 KB 95ms
70ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/jquery.bxslider.css

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"dfd-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bayojJiZ1zzsh6WMo4MhozvD%2Fol6ceq%2BORyR9l6oJfhsycX%2BpW9aVwampVHbZ8IGGMe5UO3gkRy0cTQEDV%2B7UEhQtaHDoMLWwFED%2F4zf7e6bcrVVUnBTuOANirmUjv1OWPsF6z0e8WzM2VBsUpP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea15ddd206c2-AMS

GET
H2 200 style.min.css
nex-software.com/template/css/ 30 KB
5 KB 90ms
66ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/style.min.css

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Feb 2021 19:47:49 GMT
server: cloudflare
etag: W/"7999-5bc2e6d21c340-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUU430XomVUSO%2BFMFz7QsxmhlL4QRF%2F857ai%2BGZhzCv7QW37wRBPg1CBaKHF0aYheRBnCcpTs2EgrjPU%2B%2BUBNTJMO9an7PkVh10TqeUb3aGg1xFG5BI1Q%2Fn6zozztgfFHnu4Q0T%2FVXIv9LIf39oD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea15ddd006c2-AMS

GET
H2 200 lang.min.css
nex-software.com/template/css/ 30 KB
20 KB 121ms
97ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/lang.min.css

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Feb 2020 17:08:58 GMT
server: cloudflare
etag: W/"76b8-59f556d479e80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFT7WLCyHYokgFFTo4R2cMneirfRC%2BKUkv6VbDYz9J6Hswc10b3m1JAcC4KQl8tAz%2BXUvq6UnJDOpvJDgPMEOfkVQ8E7iiJ00T23dpxPyk314BB6uI%2FWdrwEoHx%2Bmfha62TjqEBzgofj3WSnmmKJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea15ddcf06c2-AMS

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
20 KB 57ms
15ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bd10fa4ee1cd3b8fc26d592224ca0d6f2f955eb84e935431983de2592e4f2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 27 Apr 2023 23:41:06 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19711
x-served-by: cache-ams21043-AMS
last-modified: Thu, 20 Apr 2023 06:58:14 GMT
x-timer: S1682638867.911245,VS0,VE1
etag: "9f87dc41b33ca8bb6de402d70f1dcc52209d835dea394be1972b00009ae4a10f-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 1

GET
H2

200

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

1 KB
861 B

74ms
13ms

Script
application/javascript

45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: fr.nex-software.com
URL: https://fr.nex-software.com/
Protocol: H2
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 902269f1228994ac73ce1a3ed21d948beb250b5c3d945b459ac6a48a097968fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 27 Apr 2023 23:46:06 GMT
date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
server: nginx/1.18.0
etag: W/"638df416-4dd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Thu, 27 Apr 2023 23:41:06 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/ 267 KB
57 KB 143ms
28ms Script
application/javascript 2600:9000:2093:2200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Requested by: Host: fr.nex-software.com
URL: https://fr.nex-software.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:2200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e9a99fb226988ef3e2c29830058a81dac3efe0b35930e8a466336a59aec2939

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:41:14 GMT
content-encoding: gzip
via: 1.1 6c314f9bc806736c483494e492792b32.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 10:36:59 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 32393
etag: W/"a7dc4ad62269b1cffd69686ef5a3b5a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ElyDjuUReMHkJzIBDUbQIudK-iuFJ5pfJxOtqTwF0Ji9EYLRaX51fw==

GET
H2

200

cookie-consent.js Show response
www.termsfeed.com/public/cookie-consent/4.0.0/
Redirect Chain

https://www.cookieconsent.com/releases/4.0.0/cookie-consent.js
https://www.termsfeed.com/public/cookie-consent/4.0.0/cookie-consent.js

202 KB
56 KB

70ms
30ms

Script
application/javascript

2606:4700:20::681a:6a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.termsfeed.com/public/cookie-consent/4.0.0/cookie-consent.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Server

2606:4700:20::681a:6a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc1289eed4c57aaba8ca2129a9ae0efc22de7a2bd2e4cbf14a15a7508ae998e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-priority: 5/n
date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40104
cf-polished: origSize=206884
x-z: 5179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 26 Apr 2023 23:51:16 GMT
server: cloudflare
etag: W/"bc9c9049fc2d26ff416c67a57e80ec29"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVukq3yS5jnoz8zbVo%2BwwcZblr1LEbIAcuTlzDxebCmZJrFf3twdJbn1a%2BtxqaDMBF0OgEaSbAJQAuSpxjcPjoJpFxVZ1iSiaFCupSeZwzlRJR1%2FJ38XJXaR5KyJS8J%2BCpSMv%2BQZAmEWDJqvUGv%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, immutable, max-age=3600
cf-ray: 7beaea165e6db8a9-AMS
expires: Thu, 27 Apr 2023 01:51:16 GMT

Redirect headers

date: Thu, 27 Apr 2023 23:41:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvvHsn4tWAKlibdyoW7T1wl72bud9nQ4VZnE4QvOWRNihOTCcwjAAn7doecrVCD5g911j7mcYMQZKxVldiThgKW90BqNehVajuTN0Ynxiynr7RJA%2F9jsuUdaSFUBu9WHZR5BGia2CbRfweIl3bdjaVnkffA%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.termsfeed.com/public/cookie-consent/4.0.0/cookie-consent.js
cf-ray: 7beaea15f93406dc-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 what-is-gjagent-exe-min.jpg
pic.nex-software.com/img/file-info/149/ 54 KB
54 KB 128ms
100ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/149/what-is-gjagent-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc72305605737b5e6642b9ad1fa9689c68c18de3c8ea8a4716536f9568581d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55261
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:16 GMT
server: cloudflare
etag: "d7dd-58d9fa1b71500"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KS7OaTj3H8NAg1JMVrl9dreaMR7%2BpNbl6Bc84mmiNoRyk0F3tq2pxw%2B%2FEXk3QflDzJiFTSlQVPte6p8ng6gpVJeEa%2BfqtppposuyP5Dnl3bN8n%2B4JcHF0T%2FwVzlk3Dmw6yGBjoa63ZWn%2BTmLV8za%2B9gg8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea161e2406c2-AMS

GET
H2 200 what-is-fuel-service-min.jpg
pic.nex-software.com/img/file-info/184/ 74 KB
75 KB 94ms
67ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/184/what-is-fuel-service-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65566c7e793bddd2cde8c71b73e99fc1ac2fe087f6f2f5ca746b73bcd5d1c88b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76239
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:18 GMT
server: cloudflare
etag: "129cf-58d9fa1d59980"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnUmnmpMQhHg5KfuxTSftFkM8IvBPJdKijmisSFm9tLCrNGlUej8EPOhryl3Kd7bmacy5Lt4IcSK0zSi0yDJ0MlmWV%2BHxbfRfc7SP2L1%2FtC6iDhWeFUYZQ6A2Cot6XUa2qEAeMQYlsF3cFRq6OZQA09UYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea161e2306c2-AMS

GET
H2 200 what-is-officebackgroundtaskhandler-min.jpg
pic.nex-software.com/img/file-info/276/ 70 KB
70 KB 152ms
125ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/276/what-is-officebackgroundtaskhandler-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1e06c38df2007a8bac9725f6b08eaf56e33f121d85661fa3bb419de259bd9a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71478
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:44 GMT
server: cloudflare
etag: "11736-58d9f9fcecd00"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqLkE%2BwQVS57ltXB4rC2nsprXy8uHo20CusL9tNCV%2F83McZ3L%2FUWQbvAbUg9xVhJZ6mpTmtpXnYZTjFzMPsQvHNMb7TkBpsA8SdN8Wwy6%2BX%2BrQW49zrzyDzXNAYvHEMf59pyCbc4IgCxWZ8VXlgTmWcP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea161e2206c2-AMS

GET
H2 200 what-is-zlib-dll-min.jpg
pic.nex-software.com/img/file-info/794/ 334 KB
334 KB 150ms
123ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/794/what-is-zlib-dll-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c144f5b64f4af2a4c78c01ee6609eef9d32aaca339b705d87550cf60021e58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 341635
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:05:54 GMT
server: cloudflare
etag: "53683-58d9f9cd3dc80"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdyIZqc1n0NvMEFaF0je52n6HbzOdI6YUbr7jP7axUBT0hLU9moELn8qVzOTA8WiFEaEQZGMQZgqjbJ6KUICF4VTr50LbdNAQURK8qztpXdnaJDaFRc%2FRfS%2Fnm0b86w3EBm883tncMvILL6yTzMUo6KPWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea161e2006c2-AMS

GET
H2 200 what-is-fltmgr-min.jpg
pic.nex-software.com/img/file-info/583/ 80 KB
80 KB 145ms
119ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/583/what-is-fltmgr-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f746a923d80a543b847fa37688a18edf8ec81088685e12e137b72d14e9da92a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81475
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:18 GMT
server: cloudflare
etag: "13e43-58d9fa1d59980"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jaf2KWJFToQ1iiFU60Iy8L%2B4kuYlAF1sWuCWbOEw%2FVYS90o%2FoULKjWGafVeEAX5IECsfYYztDIUBDMfYJc0zTLlBLiGQ8t6Fm4PbJ3okqDaKaYuHKb%2B3aEtzEQx5py0B0vVHSK4rJoZjVrw0LguWMC%2BcYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea161e1f06c2-AMS

GET
H2 404 what-is-phobos-exe-min.jpg
pic.nex-software.com/img/file-info/263/ 0
0 91ms
65ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.nex-software.com/img/file-info/263/what-is-phobos-exe-min.jpg
Requested by: Host: fr.nex-software.com
URL: https://fr.nex-software.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 what-is-cmd-exe-min.jpg
pic.nex-software.com/img/file-info/68/ 35 KB
36 KB 143ms
141ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/68/what-is-cmd-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b58f173fa4389ef70d5ee3f0d1cf3bedca9d17ad4087781a0d26fa03400aee05

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35905
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:30 GMT
server: cloudflare
etag: "8c41-58d9fa28cb480"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op7dWbRb2MD7Ie40K8j1pji9Ir3PByR%2BS012ICr6u89VXOh7tR1qzz5ZItr3p%2FC79oJV6C5yZIvYXMxP8J3gMaUImssaTaTFnRzTE4c%2BntwCiAv96ZuP74W0dlfzQf8QdFI%2FfYDYc6IxHYvWV7I%2FrToeVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dcc0e39-AMS

GET
H3 200 what-is-sidebar-exe-min.jpg
pic.nex-software.com/img/file-info/240/ 26 KB
26 KB 71ms
69ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/240/what-is-sidebar-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f1e084697cfe407f1b6ed9aa2a8d312cf3c116555d93dc3282a419156942834

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26212
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:22 GMT
server: cloudflare
etag: "6664-58d9f9e7f1b80"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGTyLFfNERVmq%2BBzjtHNXf6xc%2FMIUrpMOOmXxd4ENo0CIY4nOzp%2Be87yQYWC9%2FGAUu8hw%2FcCAysXsCapmgP6CdjuAUva0WtdNXHvQ5n2zqdkYkOJ6yqKtTu%2FKPQmfHB3CI3YHkrt7qDxDKTzuEW%2BPQTUAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dcd0e39-AMS

GET
H3 200 what-is-ie4uinit-exe-min.jpg
pic.nex-software.com/img/file-info/258/ 35 KB
35 KB 141ms
139ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/258/what-is-ie4uinit-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da29fee5e1029fbe8c55baf492094205039cd7b36debc52027985fe84404356d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35406
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:07:08 GMT
server: cloudflare
etag: "8a4e-58d9fa13d0300"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZyQ0OkYysNLVX1s1CsXUiNvUfqIG0TAyw3L%2B32lyhBkzouZ%2BAQfthHcTHVEXZeDxcycrpw16DKZS7cFADgNK2DfVs2krIi7AJWvchlgVJpWD7tLKAHrRo4olzJ6B9KOt7GV9XOnOl7F%2B4HzDFGur%2BRHJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dcf0e39-AMS

GET
H3 200 what-is-unwise-exe-min.jpg
pic.nex-software.com/img/file-info/837/ 113 KB
114 KB 128ms
126ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/837/what-is-unwise-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcf7c5b0cbbd224688cc80e4399d1a6931ecff516b778d32fb2219e6ded4527

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115782
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:08 GMT
server: cloudflare
etag: "1c446-58d9f9da97c00"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGHU8Wnl9KWGaKtndGW05b23bUZbrVLoDVPCVPSuX7m1K5%2Bo003J05FJLrfOGwmQcLO5oTIK6TOzKLkvvu7zKAttItJVsZcKlHJ2Lza4ko%2FKbKxOjglTkiw9XuzGAwSUcbWP1Wj3hG26b6f3fgr8ZZNCtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd00e39-AMS

GET
H3 200 what-is-ravbg64-exe-min.jpg
pic.nex-software.com/img/file-info/52/ 65 KB
65 KB 99ms
97ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/52/what-is-ravbg64-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2fffea22d60657172fc83dab02f71f36f7023542cf60ca681604d73d53e25fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66285
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:34 GMT
server: cloudflare
etag: "102ed-58d9f9f363680"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuQRMXpmJcDEpGDiyOz5Q%2FOFO79tVvhCa%2FZkE05a6gMbZ7QkIfe0jeOiSc9mYvu7CISy%2BP2aUmVc4Q8Flv3DfYnA%2BPd%2Fzo9celL7QYPEYI14adxNGiwr6h6fZiYxP2ffPspX4DWUjscdqVkwejJv%2BnlkGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd20e39-AMS

GET
H3 200 what-is-pc-mechanic-exe-min.jpg
pic.nex-software.com/img/process-information/1435/ 18 KB
19 KB 114ms
112ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1435/what-is-pc-mechanic-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a688e7ca97b6ceb293188b433130dfae854e0a34dfc0d7369d3152543926169e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18782
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:10:46 GMT
server: cloudflare
etag: "495e-59e2be4fb2580"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FfwYalBO5UlJs5gEyLSyIikaxVxb3uUqctLAB1gntsaauHtMmq%2Bj1I%2BZIPLzJf%2Bg5X7iwvJnCdhJasJD107EeJ5qOuD2vjMf%2BY1Uu7%2F49HmsrimJxgfNekVunAlPNK9otOMigvOYxAB1qnJzR%2BVTEY0ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd40e39-AMS

GET
H3 200 what-is-python-exe-min.jpg
pic.nex-software.com/img/process-information/278/ 36 KB
37 KB 99ms
96ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/278/what-is-python-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e14078fb35576323cf2eab009dfd6d7b5eacf4392c45a45114e54a7364e964

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37282
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:10:30 GMT
server: cloudflare
etag: "91a2-59e2be4070180"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxTcyRxLYUGT7wnJdFqaf8lzlfiZVfvPtGWPIVzTCBViikP8RjTwZ0h4LhVoEg1ZyYgz3gaKtqtgDf0D53nP6GAuxzbKHcAQWJw98pdB3VOPSWW%2FtTE%2BQDm8M8eIGhveVeTvT7QKR49tkGyj8WKtV3mBKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd50e39-AMS

GET
H3 200 what-is-super-charger-min.jpg
pic.nex-software.com/img/process-information/100/ 35 KB
35 KB 84ms
82ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/100/what-is-super-charger-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b6042b285d82a7b8f8d1b9e0476de055b93af4efa389396a0e36d24676279f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35454
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:09:46 GMT
server: cloudflare
etag: "8a7e-59e2be1679e80"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggo3liRN9L60CVPlZ5yX2YtuD6uXUUrn%2BzpIkTvu3qeqXy%2BJGdRB19sQnBl%2FJXn8evUFoxobRoJnRBdIKHNNvY8M6Rcs%2BSmzhY7MHFo2DTv2ueD8rCU1tL5RNg595l0q1i04i9I1tqcULwZ%2FSJgJxgxkiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd60e39-AMS

GET
H3 200 what-is-smss-exe-min.jpg
pic.nex-software.com/img/file-info/666/ 536 KB
537 KB 181ms
178ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/666/what-is-smss-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

debbf51c72faa0958d65709999fa2796996952b690aa53ed85f12d4f3b85eba4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 549198
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Jul 2019 08:06:20 GMT
server: cloudflare
etag: "8614e-58d9f9e609700"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7LPDMS6ou3cPzdflZizj509CctATn0LDU1vM9tl6i4aYi3h2x0WvmnYOlvPhbKJWnupTD5HkH4pZae9CvXH2FRUYsW53MeUu9tmgk1YhOwQcr307t5qFpsg7HpQV5AN0JGOjEEYk33n3smrYBg5cm4tnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd80e39-AMS

GET
H3 200 what-is-bomgar-scc-exe-min.jpg
pic.nex-software.com/img/process-information/1171/ 317 KB
318 KB 297ms
294ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1171/what-is-bomgar-scc-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84a1b2c0f1c133dddfc937787d311e484852a2c8481d869da851845bda9188bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324774
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:13:22 GMT
server: cloudflare
etag: "4f4a6-59e2bee478480"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocTgaGaLvIAGBYlUJjJL2gGYY8CddvPpPWWHTURcr7Y0E04D%2FB47sQpqtY96oNWLdIyUPJZmYjR8zabj8zwx%2FYmeU2p8MiBtSDH5y%2F%2FBzufimI%2BjkXiKW%2FCsDAnjhegIY107%2FZ%2BT9EaWUOc2aFh9cR6gOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dd90e39-AMS

GET
H3 200 what-is-xwidget-exe-min.jpg
pic.nex-software.com/img/process-information/3234/ 213 KB
214 KB 126ms
124ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3234/what-is-xwidget-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d747e8d0a5f850188f45ee245773a6bf7803b4709ca16648dd30eb99bb20fc0c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 218067
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:08:46 GMT
server: cloudflare
etag: "353d3-59e2bddd41780"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BjmVPSzYBrAqJvRSfbfTm6jWqFk6pYqOg6%2F%2BreKlQqdTqbrbBW2QZXUVnUOEpypUKrRoStCQyPQuVXnJt6p6Qgphl3cDVqUzOes9J2bTeoRoSqzNjfYE%2Fph3EMyHbKPeBD6kXPNq7y0jFTvdB0fre3SLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168dda0e39-AMS

GET
H3 200 what-is-dism-exe-min.jpg
pic.nex-software.com/img/process-information/15/ 59 KB
60 KB 147ms
144ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/15/what-is-dism-exe-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77225ce75f9eed6990863b379741e24ffe1245dd20d4993c99447d20ecc53a8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60774
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:12:48 GMT
server: cloudflare
etag: "ed66-59e2bec40b800"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3pri0vLlGlv97xKfQiMaWTctOyc0fdDTbrttuZ10YDx%2BBTxnRLxDwoCxK3shWI%2FBkpYvjbH%2Bh0P6R9kGztPLm7YEHcQYrvb3FokwXUX%2FRblfFWYj6QsVOSWvs3bC3NeInb1TEcRO7L5Er639A9ERn0S6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168ddb0e39-AMS

GET
H3 200 what-is-null-min.jpg
pic.nex-software.com/img/process-information/2164/ 60 KB
61 KB 156ms
154ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2164/what-is-null-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26aa21260bfee2da9bb498545f5f5ff73cd74904fc181e5e6e534496e8fe785

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61797
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:10:56 GMT
server: cloudflare
etag: "f165-59e2be593bc00"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVZ2MbVMzrY92fwntC1FTDD7gsF444%2F5KshrBA3y1hcOseAw%2BpdvEjO1vqwArPKCUKONx%2BEA7rc5WnBR8CqfJzb%2FjfgeLpcwRzWBpL6E6nanyICbghU4XJkqiBZii7V3ZJfyGLXTQ4bFNhSBMeqz4WjwtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168ddc0e39-AMS

GET
H3 200 what-is-clbcatq-dll-min.jpg
pic.nex-software.com/img/process-information/3032/ 82 KB
83 KB 159ms
156ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3032/what-is-clbcatq-dll-min.jpg

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57422afdb59ff409bda7a3af9b620afcb0e94adcfbcff87202a562f777d6641c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84082
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Feb 2020 22:13:10 GMT
server: cloudflare
etag: "14872-59e2bed906980"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkPcxoyadShWhczFrXZUfmucIc61bYW7t%2F%2Bt9LX8IXUcoSqAD335O1y5pezrqRL7C6T%2Fx30apgdTFu%2BzNfJNtcYLnf2MhJpIpQeC%2FHWh%2BkaHX1eES7Jswpe9khuPkXdpBLczcOZ15neaHmRa0f4cehhbIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea168ddd0e39-AMS

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 201 KB
45 KB 91ms
26ms Script
text/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-34.fra60.r.cloudfront.net

Software

Resource Hash

47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:40:15 GMT
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 51
etag: W/"32234-AoJ3k+MJOOKcahR2z6uk+gkFH+s"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: _pPzjEt5KigceNQH9udbF8olJT6d3eKiDfKuwBTpN3uQDrM3KA4APg==

GET
H2 200 jquery-3.1.1.min.js Show response
nex-software.com/template/js/ 85 KB
31 KB 28ms
24ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery-3.1.1.min.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7040
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"152b5-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UYohzo3Xx2vb5m9sd0dZTf90EdGw5f12lhgjQ%2Fs16KczNmNlc5lrA4PbQW7WNSe67nG7KNEMR37r%2FhELWd%2BacuqnBOR6WmiQv1IVf1kgDho3JLMYGiO3gYvBVNLXnYbDyPrSkEMLSdO%2FK4OfzxB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea15fdf706c2-AMS

GET
H2 200 jquery.slicknav.min.js Show response
nex-software.com/template/js/ 8 KB
3 KB 20ms
19ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.slicknav.min.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7040
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"20df-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYaUEH4EJP95M1WJ5whnh1vOSXG0qmV%2BejINHkJN3aDcRhHzfTs5S4jPcoahZ7JSxssEqbf1G19Ma83nLdb8BpERvfqu9xmGcm1vBHsMOMiVQ5v3lVQzMBqcFD7rAU4LJ7PvSVBJasItxgiaDdpI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea162e3106c2-AMS

GET
H2 200 jquery.bxslider.min.js Show response
nex-software.com/template/js/ 23 KB
6 KB 22ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.bxslider.min.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7040
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"5bf7-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9mYSTXSM%2FIHa8MK9kaDO2%2Bdnjt3UCvxMykFUiV5NP2Kz6mJVldPRS9PzenPnEakPXyZ83Lebax9dWT%2FLfq2oFYDxckDNfYXXRXz7ET8rcwDF6QwxD5cvQRPlWdncswd4WjjcCBKHv4wCyqfAUZv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea162e3406c2-AMS

GET
H2 200 script.js Show response
nex-software.com/template/js/ 2 KB
861 B 21ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/script.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7040
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: W/"63c-581b2cc948300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSAPS%2Bnu944SYZFePIa81hDmWUtkgl19kO8fmXgVxwMcqaDY%2FX3fyHIWSSvt4wD2faAB2jm8w4%2BS4SgQD1zLHZIOe5kFk5jZ9k111g5f9%2B%2B%2BYW%2FXVAl47%2BtfW%2BBjkVGj2wa%2BTOtahIxADiSm3k1%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7beaea162e3306c2-AMS

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
5 KB 175ms
126ms Script
application/javascript 2a00:1450:4001:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.46724882631039844
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtkkW6hERx6mva3UX_DY1jKj2zX-ozt86jxEI-p6OjDOGpabOJcNoebw7uXJpgaKiRnxRby_A52Xah2RYJ4m2KgAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Fri, 26 Apr 2024 23:41:07 GMT

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 55ms
54ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js?0.6203099053889054

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bd10fa4ee1cd3b8fc26d592224ca0d6f2f955eb84e935431983de2592e4f2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 27 Apr 2023 23:41:06 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19711
x-served-by: cache-ams21043-AMS
last-modified: Thu, 20 Apr 2023 06:58:14 GMT
x-timer: S1682638867.934969,VS0,VE40
etag: "9f87dc41b33ca8bb6de402d70f1dcc52209d835dea394be1972b00009ae4a10f-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
236 B 41ms
40ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.4005311686491222

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 27 Apr 2023 23:41:06 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 107
x-served-by: cache-ams21043-AMS
last-modified: Thu, 20 Apr 2023 06:58:14 GMT
x-timer: S1682638867.934832,VS0,VE27
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 154 KB
56 KB 61ms
25ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7fadd541e6e2d8aa79f2bba09acfedd9acbb5348693e26f2de6f6fb41149431a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 27 Apr 2023 23:46:07 GMT
date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 11:00:25 GMT
server: nginx/1.18.0
etag: W/"644a55c9-268ee"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 checkabuse Show response
cdn.zx-adnet.com/ 74 B
495 B 154ms
154ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Ffr.nex-software.com%2F

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.4005311686491222

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Thu, 27 Apr 2023 23:41:07 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85
x-served-by: cache-ams21083-AMS
server: Google Frontend
x-timer: S1682638867.976340,VS0,VE141
etag: W/"4a-U3myf635cTml8/jliRIqPS6GEqY"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 39d67449f9a9d9e4fa3c348c4c488199
cache-control: max-age=3600,public
function-execution-id: gpqgov23pnmb
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//fr.nex-software.com/;0.28931671175052776
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//fr.nex-software.com/;0.28931671175052776

43 B
528 B

55ms
55ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//fr.nex-software.com/;0.28931671175052776

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 23:41:07 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 27 Apr 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 23:41:07 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//fr.nex-software.com/;0.28931671175052776
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 27 Apr 2022 21:00:00 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
nex-software.com/template/css/ 19 KB
19 KB 462ms
428ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nex-software.com/template/css/css.css
Origin: https://fr.nex-software.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18956
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4a0c-581b2cc948300"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uilwe9Tf1wAuJNwqXQaCsgH0XIsPHHYpvRiykInUEVPBylLRnMOkOKS7YdOesC2rYt71eUK%2Br89RdYYwOG0F9ceib1euJYUWHh%2Ft7bIwUrMcSN5KGh%2BMXXBk3h%2FpRL6vpQTyz0wtIku0eIX58l%2FA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea170b2c0b8e-AMS

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
nex-software.com/template/css/ 18 KB
19 KB 834ms
800ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nex-software.com/template/css/css.css
Origin: https://fr.nex-software.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18684
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "48fc-581b2cc948300"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QcJjaPsfBELISIEq8hO9FJyWe4yjJx%2BsGlb5fJshpz6XHz8%2B0Yzpg%2FXNbW3ZjxsNjVCMMp9EvaIftmG8Z47OFvBh%2FRksZVjgUYR87kNJJL35qLjK6IlnkAhtsEYdbSCZZceaShkmsIOjqHjR7KN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea170b2e0b8e-AMS

GET
H3 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
nex-software.com/template/css/ 18 KB
19 KB 234ms
201ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nex-software.com/template/css/css.css
Origin: https://fr.nex-software.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18728
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4928-581b2cc948300"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h17S1b3tCPD6gtpsHRnXJ%2BfFY2%2F%2FOd%2FPGcgIqJFVSzrfPAnEIYOkqD3qXdGg5Zmgn6oG2RWBoqBWZ6NZ880rtMM2TTwc%2B0I57kylMfXnHhiEqLo9A8u1KC7K6FmtB8c3leZgmG3FNnWC4BacR5eW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7beaea170b2d0b8e-AMS

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
851 B 87ms
23ms Script
text/javascript 2600:9000:206f:7800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3
etag: "8f8c95d8315dedb8a7c82f24235b706f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 434
x-amz-cf-id: DppvR7EbhTOk50MFrfJvtGfEGh_-FTO9NaoiNBsQACXksIa-5aqmKA==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 99ms
20ms XHR
text/plain 52.29.163.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=fr.nex-software.com&location=%2F&product=unknown&url=https%3A%2F%2Ffr.nex-software.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Toutes%20Les%20Informations%20Sur%20Les%20Fichiers%20Les%20Plus%20Populaires&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.163.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-163-83.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 27 Apr 2023 23:41:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://fr.nex-software.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 1350 Show response
na.nawpush.com/tags/ 1 KB
1 KB 55ms
13ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1350?version_name=a
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 106b181c63cba80e5895959c8197fc5911f728eded36ff6d16af800d9483b0af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Apr 2023 23:41:07 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-length: 1102
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpshsdk.com/npc/sdk/ 0
238 B 51ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 27 Apr 2023 23:46:07 GMT
date: Thu, 27 Apr 2023 23:41:07 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 gw_251221.js Show response
site2text-2021.web.app/ 0
416 B 242ms
188ms Script
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://site2text-2021.web.app/gw_251221.js?0.09733446515356592

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.46724882631039844

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 27 Apr 2023 23:41:07 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-ams21031-AMS
server: Google Frontend
x-timer: S1682638867.177668,VS0,VE173
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: 9e77dfe1c7a5802860e9b83192d7cd5d
cache-control: private
function-execution-id: 87j9mwb9nra8
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 102ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c08e6effd96a3cb2e0dde46367db2d3380191573a043d36b00b51e8fdfae77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24746
x-xss-protection: 0
server: cafe
etag: 528 / 19474 / 31074188 / config-hash: 5094016244282686769
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 23:41:07 GMT

GET
H2 200 prebid7.17.0.js Show response
get.optad360.io/sf/ 492 KB
155 KB 25ms
25ms Script
application/javascript 2600:9000:2093:2200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.17.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:2200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:47:25 GMT
content-encoding: gzip
via: 1.1 6c314f9bc806736c483494e492792b32.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 1968823
etag: W/"840fa482840c0b1f014b3c14f6e0ab2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: nyjIvGCETXEAGM-_0kus8KWgVXBy-iQAUIgSMroYQx5c9mmaeNV-RQ==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 85ms
24ms Image
image/svg+xml 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: fr.nex-software.com
URL: https://fr.nex-software.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 04:31:55 GMT
content-encoding: gzip
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 68953
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: k6jWXRBTN3OtxatI_xYBQQDJxXCl030oZqD7IHo6Am_dDN8T2-uwSQ==

GET
H2 200 tags Show response
notification.tubecup.net/ 1 KB
1 KB 215ms
139ms XHR
application/json 78.47.199.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=1350&timezone_olson=Etc/Unknown&version_name=a
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.199.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.199.47.78.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 77fc4892ecfa42b997382e14860d7056e08521f3c4fab526f7214f230d7d172d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 1092

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 83ms
26ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230427

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66942b2dcc41fb0d80feea6e421a4edc17de0d2f91b64b0204522b772ecbad15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.nex-software.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27616
x-jsd-version: 1.0.1686
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7021-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-Q/Xo+acTDoNrUGqmAPu10is7+hM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGGhWPPfP3j5W1ilE6MCpfu%2FQ3tnt14piTXarv0LDfxftf%2FiJh4PjdKtNmygSXT0UB3IR4rL9V7t4vdVBHyIIIVqNqNlRhVJCEIdSZc0ZLqRPwjuPjDPYuGUjPMPu7AmoJ%2FzGJrPIQB1BwtTo0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7beaea18f868b758-AMS

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 398 KB
123 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 18:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126109
x-xss-protection: 0
server: cafe
etag: 6695821980177688499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Apr 2024 18:07:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
444 B 82ms
33ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fr.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a8b0c2f7170ff1888565cf01f70500686eca9fe6dea259ce1998e5ee8af0ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419
x-xss-protection: 0
expires: Thu, 27 Apr 2023 23:41:07 GMT

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 100ms
29ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=1350
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fr.nex-software.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://fr.nex-software.com
Connection: keep-alive
Date: Thu, 27 Apr 2023 23:41:07 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 27 B
407 B 161ms
103ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=1350
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0b7a4ca1a9b3e33d3ca6e9fbe81af6547e478baa148790c6d6982684b335f63b

Request headers

Referer: https://fr.nex-software.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 27 Apr 2023 23:41:07 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://fr.nex-software.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 27

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 92ms
34ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=fr.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 114ms
35ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fr.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
7 KB 275ms
274ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4374851164335987&correlator=2293685393661839&eid=31074188%2C44789127&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cnex-software.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&adks=2175618848&didk=3266102684&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682638867468&lmt=1682638867&dlt=1682638866818&idt=619&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.nex-software.com%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=1664&ohw=0&ga_vid=906293000.1682638867&ga_sid=1682638867&ga_hid=1740874472&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de855de70ba571c33a5058d0b86427385a024fb4486cf5a2e3bc37eff7ed16ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7279
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B8B 6 KB
3 KB 104ms
33ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 23:41:07 GMT
expires: Fri, 26 Apr 2024 23:41:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track Show response
3be4572f0f.535a855e66.com/in/ 0
207 B 107ms
49ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://3be4572f0f.535a855e66.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4ODM3NDQ5NTM0NzIxMzE5MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDcuMCIsInRhZ19pZCI6MTM1MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjozLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiVG91dGVzJTJDTGVzJTJDSW5mb3JtYXRpb25zJTJDU3VyJTJDTGVzJTJDRmljaGllcnMlMkNMZXMlMkNQbHVzJTJDUG9wdWxhaXJlcyUyQ0F2cmlsJTJDMjAyMyJ9
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 cookies Show response
ntvpwpush.com/dl/ Frame 3865 620 B
654 B 116ms
32ms Document
text/html 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpwpush.com/dl/cookies
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Thu, 27 Apr 2023 23:41:07 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 52 KB
18 KB 63ms
18ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 77d724db34ccdba6962546c3375cf2156e615fa34dcbfd98c00947bdac61b7c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 27 Apr 2023 23:46:07 GMT
date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 07:04:13 GMT
server: nginx/1.18.0
etag: W/"63d3776d-d174"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 148ms
22ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 09:33:50 GMT
content-encoding: gzip
age: 655637
x-guploader-uploadid: ADPycdulo62n1Oz3OsP18omM7Whzc8GGJLsUOW8hRKueo04UFAsHphh0sQrfyUH2LYgBzdVpvOez23Ksj_TnHOEACBWSrQ7WPdtv
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 19 Apr 2024 09:33:50 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 74ms
36ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 23:41:07 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 90ms
26ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:30:12 GMT
content-encoding: gzip
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 83456
etag: W/"37e703da55f96b973658b8e7aeed0e93"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Hk7yR8fzUJSDiUhUhPg7qPeF5y-psj2jZsJ8YENUZ30MbrtrKaD10w==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 109ms
25ms Script
text/javascript 2600:9000:2250:6e00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 27 Apr 2023 02:50:38 GMT
Via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 75030
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: KjnrUDo776rFVHcTfEKRuyuSBEH1pfQYIhVXf1qBB6bJwH-8CXpesw==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 51ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35943
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=490DlPapP8A4LDaDDH5HED23N%2B5MXimdTUxzdkGOIAK9ZiMX26q3qi44%2Ba3H7ByAgq%2F70EhDigtGr4DhqfcngHEhW6QOAkriIIKJbtXGJIk2scpjqEqogPdjVf%2FfUWKIAjW4ChTmmzjJ%2BZnz%2Bas%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7beaea1bdf8cb972-AMS

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 68ms
28ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: 88M83THS7457PZRP
age: 3465
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7beaea1bfb4eb8af-AMS
x-amz-id-2: FXyEY0sLmDASLU0U8C6U3fnYmyxWhO3HEuFt3JM6bATKAYjBtz3y4G/vcYrZGe7xu66Uk5TfM1FKQ3Va2Ku/eg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 76ms
18ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 22:50:25 GMT
via: 1.1 google
age: 3042
x-guploader-uploadid: ADPycdshYGjbOvfm_d9v3Wy8LICwcuFvL-AMWGnEUY3Jyuy_rPCaqknvmMzqyCnbZKaCHHxh-GeOdOQGwD0Q98FY7j2jzQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Thu, 27 Apr 2023 23:50:25 GMT

GET
H2 200 container.html Show response
7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2351 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 23:41:07 GMT
expires: Fri, 26 Apr 2024 23:41:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BBD0 624 B
826 B 96ms
37ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYodSH4QEwAQ&v=APEucNVXUav7vgi6NPSNyeNXpYyEls2lPP4sB4_Xkv0tTEFnQGhlPdMJ3qFuocXAgcDlMsPI2XPxF4B20ywS_xqKJBBAnHshiaQkJdGnk_fsagA4CJIcZLipRnzfZfhbyVuO8v7pIhEE9PZnSqiwBUZW7dwMFSOx-Fk05lTudfaLQXchJ5s0U0ecjoj7i142OGl-M20vmUiifAUqvYojmgWhuDyxB0q1og

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 23:41:07 GMT
expires: Thu, 27 Apr 2023 23:41:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2351 78 KB
28 KB 109ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 23:41:07 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2351 42 B
173 B 133ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9JywSKuFUPwgBYyHVDQYTCBfdEi197of7_IFSeZmqFUeov7ip7Ty-mFhXOAfpPwj5hBsK2Jj9rtmvFurLp7Q7KkO3M-7x2LLzWXzJBHE9QFyczoY

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2351 0
58 B 133ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1648540223727933926&x=1&ct=76

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2351 3 KB
2 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2351 19 KB
8 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2351 158 KB
49 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 23:41:07 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 88ms
28ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fr.nex-software.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fr.nex-software.com
date: Thu, 27 Apr 2023 23:41:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E686 15 KB
6 KB 94ms
29ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=fr.nex-software.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 23:41:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 436340
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
314 B 32ms
31ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 7b43909f7104e1f81cc9b072e4c94b19fccbe56bbf2351738f49ce86def64ac4

Request headers

Referer: https://fr.nex-software.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Apr 2023 23:41:07 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 21a3a92a51305ff19b10731090455602
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 100ms
31ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fr.nex-software.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://fr.nex-software.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 27 Apr 2023 23:41:07 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 35eb8041a81f7a8120ac615a9de4160e

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 114ms
35ms XHR
application/json 34.249.220.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.220.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-220-178.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d1fd87febf4335823fe28cbe5a24c85f3d0aed2c630cb17c20a6188b924b6802

Request headers

Referer: https://fr.nex-software.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://fr.nex-software.com
cache-control: no-cache
x-server: 10.45.14.220
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BBD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&C=1

43 B
632 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYodSH4QEwAQ&v=APEucNVXUav7vgi6NPSNyeNXpYyEls2lPP4sB4_Xkv0tTEFnQGhlPdMJ3qFuocXAgcDlMsPI2XPxF4B20ywS_xqKJBBAnHshiaQkJdGnk_fsagA4CJIcZLipRnzfZfhbyVuO8v7pIhEE9PZnSqiwBUZW7dwMFSOx-Fk05lTudfaLQXchJ5s0U0ecjoj7i142OGl-M20vmUiifAUqvYojmgWhuDyxB0q1og
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 23:41:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 23:41:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BBD0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEsIFKqse-.UnTMIyQS6iwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&google_hm=2

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYodSH4QEwAQ&v=APEucNVXUav7vgi6NPSNyeNXpYyEls2lPP4sB4_Xkv0tTEFnQGhlPdMJ3qFuocXAgcDlMsPI2XPxF4B20ywS_xqKJBBAnHshiaQkJdGnk_fsagA4CJIcZLipRnzfZfhbyVuO8v7pIhEE9PZnSqiwBUZW7dwMFSOx-Fk05lTudfaLQXchJ5s0U0ecjoj7i142OGl-M20vmUiifAUqvYojmgWhuDyxB0q1og
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 23:41:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHhfLZe0wixn4mjUHD7WZSk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BBD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG-Dat633-1dHwQ74h6-f1A&google_cver=1

43 B
1 KB

25ms
25ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG-Dat633-1dHwQ74h6-f1A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYodSH4QEwAQ&v=APEucNVXUav7vgi6NPSNyeNXpYyEls2lPP4sB4_Xkv0tTEFnQGhlPdMJ3qFuocXAgcDlMsPI2XPxF4B20ywS_xqKJBBAnHshiaQkJdGnk_fsagA4CJIcZLipRnzfZfhbyVuO8v7pIhEE9PZnSqiwBUZW7dwMFSOx-Fk05lTudfaLQXchJ5s0U0ecjoj7i142OGl-M20vmUiifAUqvYojmgWhuDyxB0q1og

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 23:41:08 GMT
AN-X-Request-Uuid: ff306024-e0e9-4c4c-a238-53e8d11c5c9a
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.95.246; 95.211.95.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG-Dat633-1dHwQ74h6-f1A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BBD0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE0NDU5OTU2NTE3NTE1MjIwNw%3D%3D

170 B
243 B

35ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE0NDU5OTU2NTE3NTE1MjIwNw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Apr 2023 23:41:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 95.211.95.246; 95.211.95.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: eb103174-13a8-4d91-af80-3058d64bd718
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE0NDU5OTU2NTE3NTE1MjIwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ffr.nex-software.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ffr.nex-software.com%2F&rid=esp&cc=1

85 B
202 B

115ms
114ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffr.nex-software.com%2F&rid=esp&cc=1
Requested by: Host: fr.nex-software.com
URL: https://fr.nex-software.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e068e841de62ad2f3f0f02a4471a127a8ad7ebe42a2f60089ec3fd6a885201ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-83fYeUq3+o7q1o/shCIX5yd87n8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fr.nex-software.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 27 Apr 2023 23:41:08 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://fr.nex-software.com
location: /esp?url=https%3A%2F%2Ffr.nex-software.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2351 0
56 B 59ms
58ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6153660338701&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2351 0
56 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6153660338701&version=m202301230201&ct=76&x=1&cor=1648540223727934000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2351 84 KB
36 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6AXkTD5ZgMVa5ziACV4b0e_KNug5DUMIG50lEDM3_jytQ-SZpZdxIpD911IE07DVyQdIo57GYk7OYDhxOcpyGE3AZow&cry=1&dbm_d=AKAmf-BxyH5PVc21zLgBKzHkPgfo4wGfcgdx9sFtutoMTy6U-eVV0ftOqA--BGSBHSMTLcAm8oG2d82uq7yXXhvkofpbd0m6MtScUvqJwntAyszvJwyun1Tgit0AAVrc1a_1ETEZDXdLmdiifHKYIwuDaw2_RNka5YrQX4TixFSdKo0MEWhAUXnNzpbyrXjy3H2Bsw5IzLtzm8u9vPCu8kUDtY6-a6m5aWgMzZFUBlEaVAgA6pjUBIrFc4j6yLGbIcTznXxBVc5nKxfWoWEiDkHrCGFyWd-TyRElszszLBqH7uhU2aJPCWT1BGMb7tgxr5jqlx_aHns5WCqzC6Zn_1nb1kTFh6s9i0m33lssOioKTq9xIOj0oF-IJi-LhhczTyONtar2CxikUC7yvwWlChzVcs-ZNVR6rht8I2IL29Yr1hH2GnCoszR0Wg4yXPgyVZZPOAX1Q7TvGfMbKQIYP_QOFSaLc-JMprE7Rax05-lhDyiil8abqAcxZ1lUUgF4sseCUSrDGcaTzuu51iMXhN7SOqlnDtvgl8Ff3DKNOfJUgtufMz1iFZ8VeiHWcEscn8hLwreWGFXPR_NL-knHAN6UtIo4ekACWyK6RLMRDh0AY2OVvHJk_VkDwOA-kSI4r7s1ValJz5z6oFgEtWsPZznh5EzbEeFyuR1nS_1gYMlxhqiFj4j9uI6Ki7_CWGUYsCxJ0xUcKqGI_DxpFjsXK1rbvFS7E2mOdF2mLU-Pjo9tEWk87p3iCNydsJrttCwQEmBktXzLJQKNZ3ZKyPGNdqf8l1vXiDTnO8BTVFxQyEws8-G0YxQwQ4PTpNBXUDhiVfWGAXU5xvAcK7z1CNMagYOduTH_mMcAmdXHjpe6lJZdyve71uDbecaUGNy7Jiov9D0GKk-0RmuW_cT3aB-rebRiu0U5m8aK8tqcZPxIDIH0vcK10HJuIGMFfU1R2UGWVi9KlKyFeuJe9BTpwtqEARiol0zdZBAlHm8HS7HJ-lKR1FMtQPtDWI156Cb3zLl6Sz87zef_O15KQEGfSenG20UP0AHVZAfUrRQVBiSGbp_q3QRcNwDyiZi0hT77GpqVw4PCdgCg3nUYMyMia9NZA801ZDxm8baj08LFTEkh_jg-AzrtuubXnGOW1wjZnNGBFg9dv8RbDBrlk1EWF0xeMTl7kMKoo25KeqJz5r1xTNMjxbLYsXI48Z0WnYKUvAtxR4CMwFASBb8nSQstG04Wa4Dj0Lk8KY6aOdxplJn1x5E8jDrEw2WrsWeHz1d5LgP2ih7L_R_7m44hYfZk8ctg0BLbmWZH1BpPH4afUDEMZZph3ii4qj5m_wXFMEHqfZA64NsPMsk37DDO49DRMUBGs7WjnZ4YKhhyBfgV-NwJn6YNsLswtmI4Td8TVSTktzD8dkSEO8o3CJP13dsNLz14adVLfrRtuQQn3LWyt1vA_hQoy_TDb_qI2wPubl_cKrMWyQ7KE2FE025jTNie6h2x5DB9uWr9YdGEbnTmiDaSUyD6N9TLBiW04B4T-Ilyl-KsXI-FsvUpFzefXvLS2_ijKFie7BI3Mfs68Zy1joQPYYx9zjiyb2oaQ0QZ55zhwAkJUYCgIEWn53QJG4Uzb1v2nLSszIOMeq2VC7gHWAh1MOkuFCBD3ZoWWo7srsus-bc2mVTqTUANmg-V5mGo52ItHPAg8Ned2qf2582vWdQQOmLAOsvLCDMnu_BnlQzlt6UP7z3URPA8VWosKJbjVVKaJYpaNPIiuFUzNHxCVhA53OkpT9ru6ZHoq8HwmeRrmuQo3yJh8b8GWntEZn_yqq3tlODmcTWmlqoa5S9dmM-EXeWxzjkxG62Yeoq_AvU5x7dPlFBpiVUtEYHj8wiCslHIFBVOThYTrw0BN4aUJeYgEYAF0HIO8Dg4OdZnW0BIFZZm75Zh4PqfCjJolZdDpbzYyK-9OWU18RrGJCnkjXDFil34JxyDblUhmTm7hY9HpWm1j5mp2i4HNPj3EHfVfNu2ylnJUAyW_SiLki1uscAaNWSugbIueartGmDOE4u1noUaCj4nQFeNwXclXXDBIrKtULck1RSDp52Mcq7yLAK6_LW9l6t69lINCZqd3Y9kCy2UKlMYydtO5ctKD5jeWwGpIkLyjVKpfguTPWdfTA_92GcpyqB8quk5OayPhqlfMbnNwpC40gDgPtpnOz5-uDFSgbCq66J6l2muA9ZwJ1ln__GAULJPj-8rA1yQilJHMjcrOY1zM0x9v_joB2bLHq283wnvZvg7c3cwAVW6cC06vGzS9oC1eCxbjNs0w9Xwf_fhIiCHN2ixvID87pgV8hM-kSNzMa43x3NvGqqpJmX38MQmOU3g4f-ax9ooo_hdoPOXx9agI9Xcq9tOJBi-fGppANO8qPilH8sqtU0hBkXvsV2J6NLe-KAP0iu4yitiDTvuoHyvJbvwvkmzn45jCZsZAnRBzXYi_KdI2T-Y9wKJ9SSmu-sxTRhQ4Jagl-umcSKOF2_MGoYxT7BS31b11PpnCLvxVp4hG_kOV0-l7mHUeLXmYNyCKMgXZ8kKGP2pgfed_rmMFDrlcfRxH6tgj3bVrtiRjCACeaMdFm-wKqUdMxd8CY1rzbrZ06c8Ubci-8BFyh9KsOFbHq6V3Z1VwfoPZ4-A9GcVoPUT1DQpKj2pPTErKT_jXf2x1INAvJCHPZ1bjlezDS06zNsAKlLIgW4JWNa6Zo4ZMgmP9WeS5JXX2d6zPsFiRrIvLWd4hssNNKfwb8TP7dwxeDGBCRSxa524a_spzy4sR8pUXvc_0oheSkOhtQvfzdMcC2eXWUn71lJYVh_jczzXjxvJFLYnt-E7MxnAeKM4IpllsTekG8BI4H904zG9pdovPd4lZTc25gacPRko52RhPXfWmZ1S0AAnhLDQCEcG82hfFbRh1EAGphlRVmegPO15ZIWzT8-WlFw6HmIq2Sk64sAjknHnIVzYnZcbz1cFIQYHq42cyY5iMSINHBjSBk_MQ-XzCS2Ojz3CpsFPcOeOPFEi9Vpqo29XUKW31Fn5pya5cHKBmKHq7J8hNsoJhHfydOXd34RPXJnOAvJ9D3GZp_yiAcSQbqDeHnDNPafR8BsxGiegzuVFS4tMxNIpViDjArt0eyYGsFQ0Lmn-Tcf9wnGzBLqnxHYSoM2KrF_hfLFHsmyXWGDu2EjVHDUvQQngyEXdDgYcQNi7SAzOH7gtQhGcHv54O14uuBa2AT7OxfFhKFg0CzKAohuVEtTSpt5T613TzpqKV-SUBqJ0obQiQ42JgESH0Jb64bIAzIw0tY4VsAPAuZblYrWuG9lDNAGtwonSkdzyS-2XEYLe4MzzBD4dAkOdN6anKn6c6054mdT2ORp_tDk1Ya3Ti45ZRj_XDsT1DiSYZPjaB4QZSxaHhhOBTLD1w3uzp-I2BGT5AF322P9Z03NjNStta0fSPQjIqEUgL9RHGlmqXbjPygSt5MZsUaPWp-WWzSdHbFgXTzkypEd6qBjt69ws5En_muVUm2ZmjKk0Wf292zijqnxDYR5u38519LRCXSsf4veVstqyGEkY3Lpfq5X8j23TptqxRgsvm1mjRSvijlFxh8D-qsC2t4weZxFx946B2QXGCUqb0S7hxFICPOl2U9Deu45-ih9nU2_j5qWvVcoX_sPXfwj1lvhx-E1UEFA6R8O0g6xcvxNWHeQkupD1HOQjLqB1DKzKpgmEM0qp8PRSn7tj2mCej9fSWK9etaZPa1yEdxc1kg&cid=CAQSSwBygQiD2PcAFbtjIeCny2kjTkDLsODoay1dX5v0vrTmnuD1nChIseMomJf7Ze5_-oIAwCao0FIoZHaMlFuum0YEQPtP9jKzf6xVTxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffr.nex-software.com%2F&ds=l&xdt=1&iif=1&cor=1648540223727934000&adk=2923430907&idt=134&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

601fbf8dcfe63b52e9e93b95fae8fe091bc458f470f7f378565b9629b9745a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E686
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=nex-software.com&sn=ChromeSyncframe&so=0&topUrl=fr.nex-software.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=QY1MOXxEU0NsNmdZNGlOQzZvNi84K3FGa3VrZXZtRDBrODdVVWVVZUwzK2hPbFh2Z000ZzNZYkFVbi9HQWkwVkRUSFlaaFFIVFZNNW4xc3ZtOGNOeTRWcSt2NndTQnF6bkNrd0NFZ3BweTFyYUF3WnR3V3FLekE0NXlTWk...

447 B
672 B

228ms
15ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QY1MOXxEU0NsNmdZNGlOQzZvNi84K3FGa3VrZXZtRDBrODdVVWVVZUwzK2hPbFh2Z000ZzNZYkFVbi9HQWkwVkRUSFlaaFFIVFZNNW4xc3ZtOGNOeTRWcSt2NndTQnF6bkNrd0NFZ3BweTFyYUF3WnR3V3FLekE0NXlTWkNXMFp5SGtqeDJXejFwTFFTUXJxdG5wRUVxUGhKL1hMa1BnUUZLMEx6Y3BCVUJhanZPbG53MVY2R3hqT2wwbEt5MlpZeDlaaHV1ZU5xMEZ5eUxOdGF6bGJwK2tZdm9PeUYzdmNqL1NjZ1JsYU02VWpuV2xRaW1xTXFZNWh6cnpiS2FJdmNQckdVMW5xNmVQWUFTd3dUemZJQTk2cW83WkUzMTkyKzVDZG82WHp5b2pHMXlGST18&cppv=2

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e083e1a22a8ee24f3b39bf120c1c9af9684293840c29191d87c78f67feccefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1374004
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=QY1MOXxEU0NsNmdZNGlOQzZvNi84K3FGa3VrZXZtRDBrODdVVWVVZUwzK2hPbFh2Z000ZzNZYkFVbi9HQWkwVkRUSFlaaFFIVFZNNW4xc3ZtOGNOeTRWcSt2NndTQnF6bkNrd0NFZ3BweTFyYUF3WnR3V3FLekE0NXlTWkNXMFp5SGtqeDJXejFwTFFTUXJxdG5wRUVxUGhKL1hMa1BnUUZLMEx6Y3BCVUJhanZPbG53MVY2R3hqT2wwbEt5MlpZeDlaaHV1ZU5xMEZ5eUxOdGF6bGJwK2tZdm9PeUYzdmNqL1NjZ1JsYU02VWpuV2xRaW1xTXFZNWh6cnpiS2FJdmNQckdVMW5xNmVQWUFTd3dUemZJQTk2cW83WkUzMTkyKzVDZG82WHp5b2pHMXlGST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 348040
content-length: 0
expires: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2351 106 KB
37 KB 75ms
20ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
Origin: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 13:53:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/ Frame 2351 11 KB
4 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6AXkTD5ZgMVa5ziACV4b0e_KNug5DUMIG50lEDM3_jytQ-SZpZdxIpD911IE07DVyQdIo57GYk7OYDhxOcpyGE3AZow&cry=1&dbm_d=AKAmf-BxyH5PVc21zLgBKzHkPgfo4wGfcgdx9sFtutoMTy6U-eVV0ftOqA--BGSBHSMTLcAm8oG2d82uq7yXXhvkofpbd0m6MtScUvqJwntAyszvJwyun1Tgit0AAVrc1a_1ETEZDXdLmdiifHKYIwuDaw2_RNka5YrQX4TixFSdKo0MEWhAUXnNzpbyrXjy3H2Bsw5IzLtzm8u9vPCu8kUDtY6-a6m5aWgMzZFUBlEaVAgA6pjUBIrFc4j6yLGbIcTznXxBVc5nKxfWoWEiDkHrCGFyWd-TyRElszszLBqH7uhU2aJPCWT1BGMb7tgxr5jqlx_aHns5WCqzC6Zn_1nb1kTFh6s9i0m33lssOioKTq9xIOj0oF-IJi-LhhczTyONtar2CxikUC7yvwWlChzVcs-ZNVR6rht8I2IL29Yr1hH2GnCoszR0Wg4yXPgyVZZPOAX1Q7TvGfMbKQIYP_QOFSaLc-JMprE7Rax05-lhDyiil8abqAcxZ1lUUgF4sseCUSrDGcaTzuu51iMXhN7SOqlnDtvgl8Ff3DKNOfJUgtufMz1iFZ8VeiHWcEscn8hLwreWGFXPR_NL-knHAN6UtIo4ekACWyK6RLMRDh0AY2OVvHJk_VkDwOA-kSI4r7s1ValJz5z6oFgEtWsPZznh5EzbEeFyuR1nS_1gYMlxhqiFj4j9uI6Ki7_CWGUYsCxJ0xUcKqGI_DxpFjsXK1rbvFS7E2mOdF2mLU-Pjo9tEWk87p3iCNydsJrttCwQEmBktXzLJQKNZ3ZKyPGNdqf8l1vXiDTnO8BTVFxQyEws8-G0YxQwQ4PTpNBXUDhiVfWGAXU5xvAcK7z1CNMagYOduTH_mMcAmdXHjpe6lJZdyve71uDbecaUGNy7Jiov9D0GKk-0RmuW_cT3aB-rebRiu0U5m8aK8tqcZPxIDIH0vcK10HJuIGMFfU1R2UGWVi9KlKyFeuJe9BTpwtqEARiol0zdZBAlHm8HS7HJ-lKR1FMtQPtDWI156Cb3zLl6Sz87zef_O15KQEGfSenG20UP0AHVZAfUrRQVBiSGbp_q3QRcNwDyiZi0hT77GpqVw4PCdgCg3nUYMyMia9NZA801ZDxm8baj08LFTEkh_jg-AzrtuubXnGOW1wjZnNGBFg9dv8RbDBrlk1EWF0xeMTl7kMKoo25KeqJz5r1xTNMjxbLYsXI48Z0WnYKUvAtxR4CMwFASBb8nSQstG04Wa4Dj0Lk8KY6aOdxplJn1x5E8jDrEw2WrsWeHz1d5LgP2ih7L_R_7m44hYfZk8ctg0BLbmWZH1BpPH4afUDEMZZph3ii4qj5m_wXFMEHqfZA64NsPMsk37DDO49DRMUBGs7WjnZ4YKhhyBfgV-NwJn6YNsLswtmI4Td8TVSTktzD8dkSEO8o3CJP13dsNLz14adVLfrRtuQQn3LWyt1vA_hQoy_TDb_qI2wPubl_cKrMWyQ7KE2FE025jTNie6h2x5DB9uWr9YdGEbnTmiDaSUyD6N9TLBiW04B4T-Ilyl-KsXI-FsvUpFzefXvLS2_ijKFie7BI3Mfs68Zy1joQPYYx9zjiyb2oaQ0QZ55zhwAkJUYCgIEWn53QJG4Uzb1v2nLSszIOMeq2VC7gHWAh1MOkuFCBD3ZoWWo7srsus-bc2mVTqTUANmg-V5mGo52ItHPAg8Ned2qf2582vWdQQOmLAOsvLCDMnu_BnlQzlt6UP7z3URPA8VWosKJbjVVKaJYpaNPIiuFUzNHxCVhA53OkpT9ru6ZHoq8HwmeRrmuQo3yJh8b8GWntEZn_yqq3tlODmcTWmlqoa5S9dmM-EXeWxzjkxG62Yeoq_AvU5x7dPlFBpiVUtEYHj8wiCslHIFBVOThYTrw0BN4aUJeYgEYAF0HIO8Dg4OdZnW0BIFZZm75Zh4PqfCjJolZdDpbzYyK-9OWU18RrGJCnkjXDFil34JxyDblUhmTm7hY9HpWm1j5mp2i4HNPj3EHfVfNu2ylnJUAyW_SiLki1uscAaNWSugbIueartGmDOE4u1noUaCj4nQFeNwXclXXDBIrKtULck1RSDp52Mcq7yLAK6_LW9l6t69lINCZqd3Y9kCy2UKlMYydtO5ctKD5jeWwGpIkLyjVKpfguTPWdfTA_92GcpyqB8quk5OayPhqlfMbnNwpC40gDgPtpnOz5-uDFSgbCq66J6l2muA9ZwJ1ln__GAULJPj-8rA1yQilJHMjcrOY1zM0x9v_joB2bLHq283wnvZvg7c3cwAVW6cC06vGzS9oC1eCxbjNs0w9Xwf_fhIiCHN2ixvID87pgV8hM-kSNzMa43x3NvGqqpJmX38MQmOU3g4f-ax9ooo_hdoPOXx9agI9Xcq9tOJBi-fGppANO8qPilH8sqtU0hBkXvsV2J6NLe-KAP0iu4yitiDTvuoHyvJbvwvkmzn45jCZsZAnRBzXYi_KdI2T-Y9wKJ9SSmu-sxTRhQ4Jagl-umcSKOF2_MGoYxT7BS31b11PpnCLvxVp4hG_kOV0-l7mHUeLXmYNyCKMgXZ8kKGP2pgfed_rmMFDrlcfRxH6tgj3bVrtiRjCACeaMdFm-wKqUdMxd8CY1rzbrZ06c8Ubci-8BFyh9KsOFbHq6V3Z1VwfoPZ4-A9GcVoPUT1DQpKj2pPTErKT_jXf2x1INAvJCHPZ1bjlezDS06zNsAKlLIgW4JWNa6Zo4ZMgmP9WeS5JXX2d6zPsFiRrIvLWd4hssNNKfwb8TP7dwxeDGBCRSxa524a_spzy4sR8pUXvc_0oheSkOhtQvfzdMcC2eXWUn71lJYVh_jczzXjxvJFLYnt-E7MxnAeKM4IpllsTekG8BI4H904zG9pdovPd4lZTc25gacPRko52RhPXfWmZ1S0AAnhLDQCEcG82hfFbRh1EAGphlRVmegPO15ZIWzT8-WlFw6HmIq2Sk64sAjknHnIVzYnZcbz1cFIQYHq42cyY5iMSINHBjSBk_MQ-XzCS2Ojz3CpsFPcOeOPFEi9Vpqo29XUKW31Fn5pya5cHKBmKHq7J8hNsoJhHfydOXd34RPXJnOAvJ9D3GZp_yiAcSQbqDeHnDNPafR8BsxGiegzuVFS4tMxNIpViDjArt0eyYGsFQ0Lmn-Tcf9wnGzBLqnxHYSoM2KrF_hfLFHsmyXWGDu2EjVHDUvQQngyEXdDgYcQNi7SAzOH7gtQhGcHv54O14uuBa2AT7OxfFhKFg0CzKAohuVEtTSpt5T613TzpqKV-SUBqJ0obQiQ42JgESH0Jb64bIAzIw0tY4VsAPAuZblYrWuG9lDNAGtwonSkdzyS-2XEYLe4MzzBD4dAkOdN6anKn6c6054mdT2ORp_tDk1Ya3Ti45ZRj_XDsT1DiSYZPjaB4QZSxaHhhOBTLD1w3uzp-I2BGT5AF322P9Z03NjNStta0fSPQjIqEUgL9RHGlmqXbjPygSt5MZsUaPWp-WWzSdHbFgXTzkypEd6qBjt69ws5En_muVUm2ZmjKk0Wf292zijqnxDYR5u38519LRCXSsf4veVstqyGEkY3Lpfq5X8j23TptqxRgsvm1mjRSvijlFxh8D-qsC2t4weZxFx946B2QXGCUqb0S7hxFICPOl2U9Deu45-ih9nU2_j5qWvVcoX_sPXfwj1lvhx-E1UEFA6R8O0g6xcvxNWHeQkupD1HOQjLqB1DKzKpgmEM0qp8PRSn7tj2mCej9fSWK9etaZPa1yEdxc1kg&cid=CAQSSwBygQiD2PcAFbtjIeCny2kjTkDLsODoay1dX5v0vrTmnuD1nChIseMomJf7Ze5_-oIAwCao0FIoZHaMlFuum0YEQPtP9jKzf6xVTxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffr.nex-software.com%2F&ds=l&xdt=1&iif=1&cor=1648540223727934000&adk=2923430907&idt=134&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 01:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 01:12:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 2351 28 KB
11 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b830a741e3a702c5f232ef38e0f2d4ab8dda52004178cfdb9cc088f73546523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 01:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10905
x-xss-protection: 0
server: cafe
etag: 17251650664335745901
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 01:05:31 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2351 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 19:45:22 GMT

GET
DATA 200
OK truncated
/ Frame 2351 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f02ac80104d923abd3d1169990c0fde016f78998473355870d54839e63f747d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7C1F 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 458182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 16:24:46 GMT
expires: Sun, 21 Apr 2024 16:24:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 16 KB
6 KB 85ms
21ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70cbe97ecb356ef429c80ea7e1253d9730396fbddc6469dcb6e57b02bf80b0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 447538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6155
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 19:22:10 GMT
expires: Sun, 21 Apr 2024 19:22:10 GMT
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2351 0
0 127ms
65ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4VHAnL1bupImlBSMRzlKOPSPguH8snV4y7N4nEsxglOBX-rBsgRhOJeywe5953rBJzQgkxlbRgkfHOMyR91W3YG9Ssy6dgHx4TNWyTRgnu9GctWMY3KL1qUH9wUuKk00MDMwDft837dPV_Gv1gBY5tolVbwmK0Ng2o3OSSqGl0Xfq5JdDxJt2qX1oL2QoGztwhY79MiuJ6yqbgbQS5-PSWL28JlHzMl8kbQmb5LCLH5ekuAYUCqarlkmZZ8R2F776JoItvC2WBRq-CmbHfThZmY561u-s5qqJiTP5pPGIPBezHf7aorY9_8xVsdttoETjd_HZrV0rz7pV7ewJcl_-KRAovRKoiJ6Fl6WjXCkApGkbLY84xy4ayt2EeSMH8V0aMc33tXHeJchfR-nUmOv50BUiM6svcvOvS2fO28pofr47eTLIByPfAVw0R6Jfwy30YIFScMd06XMDzXrchw1NrjmF0hhoRCGSMmcMct99LsrIOObPOzx4qphD3UBgduIJo7b9is99IoQg6MAKl0itUPFwS9LS1FvfoIh6oRDcXuxh5Yfc3FNj31ZvTtRZ0FTlFmXbznz8r2ARJSNv3bqXuAtFi5ACy8AHY0eNtjEBZ8hD6miswfMfVn7bn8ioq8vh2SN3zlDvWmXPeRg_LKAcnM8tLoZ_3VM8ksAvMKUPnZsLPZuWe8P0rX9fMyBZQgxUV_ossqYYrOb1x3hLHdWN9ZE_c4YPkRlSBW4JMGiDYD0lG1CKiP1koRen3j3lBU32QCzr-RnvHqr6oGb18yLMZLurAMoQJnpc5czHbRlSsu18cs9yx6nGaxHF03YePe6jL2O6KhAsTRzsItQj5knmP2MTq6OsEYRMb2jRuPt-MrIK6eByC9gZMR63Jez6ngdqr1xHtfR4ajIKruvt8WTlqa9ucD_q5lBCZ7XtMUXKZh90Qk5cFUuYThrvjF3NA3DAGRGe_IzzxB2l1WnFbIeMjsY-qGdb40u3xZ_QsMEu_Mbv-Lw_0S68QVXVBG3cmVhquEK9L1ihwuPkUHZTqtJ4f7z2-Hy30Jh2Z7mjlqTdovYQvocnT5S81XI_2oGc_uVgfsPExRK7Z7CDLTRoIC8sFMfbkcINN9XPeBQ80qrtQNFWFay0HwQUvQEaaGELjhAHqHDdpPtxfiDrcW0xOlNwPZYcJC7XUO6uCYSKo-PyAJHA-iFYrZK5RxYRZVwwYdOlr_7m-gugv_hYNGbbZ8lIS2N0FKn43QcPcsR83sPiCZrgRvugfRColXuMFbenshP1z7JF54U8h7cI9SEZ-ehCYN3clNARbpSAoZwp_DoYYjt45FEjSmfP_64IHCeTLcsK1PHZLIJ2Yqgf8XKuwcrqAXWBe0pVngICSNYH92gNX5S1RWxH3LNDK0-NfQ&sai=AMfl-YRU9j6UQkEbxv2-v9qejPg4uKLU0mW8PLw-TYKnxlJ_m2KOp2ZKMX9G9JiW5DUSFDZ6Q3jCbjcIgVsjcv2GOfBIucmqvJ1h1H4PbmaxorlySW-PzLysId2hIll2HBdyY8GIt84mipOHpzEuRf-gFV4Xy1n9ENZ-DX4jxtYjLw7DvV0_khBUeEdQMHqyY74fXldqscpTEF_E8hwucLJvqFH6YUCQnN-shOV9pNhnV4Og-xNDnVYmfP6UZS7KoJSEmX24JZHOhbqxktOc7ajBIXiUcEyeOKgU&sig=Cg0ArKJSzLg-A6MFLIu2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=105&cisv=r20230424.69843&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Apr 2023 23:41:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 27 Apr 2023 23:41:08 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C1F 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 19:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 19:28:27 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame AD8E 0
176 B 61ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 27 Apr 2023 23:41:08 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 adltl.js Show response
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 30 KB
11 KB 99ms
98ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/adltl.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11961a36e2d6b42254abd7d1486669ee9272eecdbf729e8991cbc869dc66f977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10853
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Apr 2024 23:41:08 GMT

GET
H3 200 adl.css
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 3 KB
985 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/adl.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 956
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 19:22:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C1F 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIpNYEwhLZKD8PNGl9u8Pg7SJiAMAAAAAOAHgBAI&bg=!FBelF0PNAAYfNdXmPzU7ADkAdvg8WlKMV1zIZkEZeTiwTEULBCbtDYrTLRwKHJi65A2NsZrj_3Ydktws2Ts2mR0ZZBVnVaYlkUUCAAAATVIAAAAEaAEHmQMqtEwcwWdZvrsQ5YFDGHCemJQd_l8eQYgk48naBx0jDUi2_CTphUlz_MqwmbHEc3CHn5FiM8dZ65fqVOd1au9LNIhM7Uhy5sXjKDoULuNAdPG0ahuI6LtvC74r4M8a4WMP8aWl6dJ68iuiZHxGrFWTPP-PKnebWkdemSW5ZDa1dp2GLzaYr9EjwpM6zfMOLTpflCzH4xYtwpT2mq7zzXy8sbxLlUSqSinxKkUz5Oi4RNIVxjCPtBy6z0bOZvGKesV64Noxj89KO65l5xPztz4YvunssmXm7HumxMJ3zuG54aRWqHKY-0Z_yOs0OUwREkLTguioEZSnGTUeHdJuB0KXeLZyYSWm7b1COLZHtnYo13FCufGGmh4xnywfTlKcRcC1XMI4CDdh4gTMhs2rd33i5s9r1YLxYaRDqjyGqHWIhLsMdoTLeuxIKD-orz59egZI7Zlq0Y5AWwH_6UkDYBouYIQRlOJo5EvtikxgNPTsZrR4paDxLzMTosF4dnAXVaxeKBhOesu6zFkTytO2uqrwwrBCPkDkT_e36OEXzZ2DoPCG_-AJKiBYa1YaHg8JK57iqzJCSeBa-IArpEhiQRvvuPli8q363fZ34xyobgXuCyL-c75hSKQpCw3Y-sXyGKyDWQiaKi9bsOroYdZYZ-_45L8dgiJ0p0d8M-1wdS7W5s9MqdpsOpd4NvskZc5Bed40CFeDGYBwgWKVb7GlM9QekdVwO6HZONumg6hEIpBkB4uxIuZrwauEmIe05IpallHOlr2tiben3TTPVpgI5Lm5_anHkRF4pgsje12ubhpTQSI0EoZqpQUnThn3yZBvBE0nj6LZdHofd8alzmpnpASrFjB5qsRJIMz4G07XrajXttwG_KlWKhO32yZjpW-1fnoupm5Y2QpeFIgpkUpnmHN7JYaZMh1PA-IzatMH6L72YHm4yyv1unFDmv46HaZWqcQVJZsqWEPxaosGqN5wVSgkWHwsi1iNbMlzcxVZ5lySU6jNkbZJqdcSD15Dnrz0sPWFp-B4d0tke8ab2MXZR4P_CwspKe_eiTHOJE5WJPQmAD-DKlogqVjjETnC

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1125_167628174673.woff
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 5 KB
5 KB 70ms
70ms Font
font/woff 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/1125_167628174673.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9af76dfc4b874739f6206fe7a0b30cb6031f010ba84f46098aedf5f3d18450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4896
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Apr 2024 23:41:08 GMT

GET
H3 200 1624967331.2899.png
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 229 B
255 B 42ms
41ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/1624967331.2899.png

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c72284b6c8eac32df87566950180e1725f16c3b4941a606c64d7a8068b8073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Apr 2024 23:41:08 GMT

GET
H3 200 1622636136.4958.svg
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 417 B
338 B 25ms
22ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/1622636136.4958.svg

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ba8700fdd425748533bf1ee4ccd89d4012dfebcd7b61d54f87d0d0e952b8b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 09:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 09:05:23 GMT

GET
H3 200 1622636136.5185.svg
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 420 B
338 B 26ms
23ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/1622636136.5185.svg

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef04ebd34f9d837413d0e44f7d8d778bf95a76119dfa0cd85d646306c531d430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Apr 2024 06:19:30 GMT

GET
H3 200 1622636136.4741.svg
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 483 B
382 B 41ms
39ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/1622636136.4741.svg

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9650564960002c3a6b463e0c895f6faa3c65690a9870ea8cfa8c3811a6b2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Apr 2024 23:41:08 GMT

GET
H3 200 1622636275.7439.svg
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 486 B
385 B 26ms
23ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/1622636275.7439.svg

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dcc07d397d0bf3aa1a918b78217d7ec794a40d776abd2286a77864d23c8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 21:37:31 GMT

GET
H3 200 423_00c4412f95867473a3b68b2dd0f75ca1c4d6e25a_s2d8-5a_1671204610.248.jpg
s0.2mdn.net/sadbundle/2589442124388269737/ Frame 59AF 29 KB
29 KB 26ms
24ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2589442124388269737/423_00c4412f95867473a3b68b2dd0f75ca1c4d6e25a_s2d8-5a_1671204610.248.jpg

Requested by

Host: 7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
URL: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b0afc1649ec9d060c3731740cbeb6ff037c7df86629acc8eb1b10af7a99afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2589442124388269737/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:37:31 GMT
x-content-type-options: nosniff
age: 439417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30066
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 21:37:31 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2351 0
0 61ms
58ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4VHAnL1bupImlBSMRzlKOPSPguH8snV4y7N4nEsxglOBX-rBsgRhOJeywe5953rBJzQgkxlbRgkfHOMyR91W3YG9Ssy6dgHx4TNWyTRgnu9GctWMY3KL1qUH9wUuKk00MDMwDft837dPV_Gv1gBY5tolVbwmK0Ng2o3OSSqGl0Xfq5JdDxJt2qX1oL2QoGztwhY79MiuJ6yqbgbQS5-PSWL28JlHzMl8kbQmb5LCLH5ekuAYUCqarlkmZZ8R2F776JoItvC2WBRq-CmbHfThZmY561u-s5qqJiTP5pPGIPBezHf7aorY9_8xVsdttoETjd_HZrV0rz7pV7ewJcl_-KRAovRKoiJ6Fl6WjXCkApGkbLY84xy4ayt2EeSMH8V0aMc33tXHeJchfR-nUmOv50BUiM6svcvOvS2fO28pofr47eTLIByPfAVw0R6Jfwy30YIFScMd06XMDzXrchw1NrjmF0hhoRCGSMmcMct99LsrIOObPOzx4qphD3UBgduIJo7b9is99IoQg6MAKl0itUPFwS9LS1FvfoIh6oRDcXuxh5Yfc3FNj31ZvTtRZ0FTlFmXbznz8r2ARJSNv3bqXuAtFi5ACy8AHY0eNtjEBZ8hD6miswfMfVn7bn8ioq8vh2SN3zlDvWmXPeRg_LKAcnM8tLoZ_3VM8ksAvMKUPnZsLPZuWe8P0rX9fMyBZQgxUV_ossqYYrOb1x3hLHdWN9ZE_c4YPkRlSBW4JMGiDYD0lG1CKiP1koRen3j3lBU32QCzr-RnvHqr6oGb18yLMZLurAMoQJnpc5czHbRlSsu18cs9yx6nGaxHF03YePe6jL2O6KhAsTRzsItQj5knmP2MTq6OsEYRMb2jRuPt-MrIK6eByC9gZMR63Jez6ngdqr1xHtfR4ajIKruvt8WTlqa9ucD_q5lBCZ7XtMUXKZh90Qk5cFUuYThrvjF3NA3DAGRGe_IzzxB2l1WnFbIeMjsY-qGdb40u3xZ_QsMEu_Mbv-Lw_0S68QVXVBG3cmVhquEK9L1ihwuPkUHZTqtJ4f7z2-Hy30Jh2Z7mjlqTdovYQvocnT5S81XI_2oGc_uVgfsPExRK7Z7CDLTRoIC8sFMfbkcINN9XPeBQ80qrtQNFWFay0HwQUvQEaaGELjhAHqHDdpPtxfiDrcW0xOlNwPZYcJC7XUO6uCYSKo-PyAJHA-iFYrZK5RxYRZVwwYdOlr_7m-gugv_hYNGbbZ8lIS2N0FKn43QcPcsR83sPiCZrgRvugfRColXuMFbenshP1z7JF54U8h7cI9SEZ-ehCYN3clNARbpSAoZwp_DoYYjt45FEjSmfP_64IHCeTLcsK1PHZLIJ2Yqgf8XKuwcrqAXWBe0pVngICSNYH92gNX5S1RWxH3LNDK0-NfQ&sai=AMfl-YRU9j6UQkEbxv2-v9qejPg4uKLU0mW8PLw-TYKnxlJ_m2KOp2ZKMX9G9JiW5DUSFDZ6Q3jCbjcIgVsjcv2GOfBIucmqvJ1h1H4PbmaxorlySW-PzLysId2hIll2HBdyY8GIt84mipOHpzEuRf-gFV4Xy1n9ENZ-DX4jxtYjLw7DvV0_khBUeEdQMHqyY74fXldqscpTEF_E8hwucLJvqFH6YUCQnN-shOV9pNhnV4Og-xNDnVYmfP6UZS7KoJSEmX24JZHOhbqxktOc7ajBIXiUcEyeOKgU&sig=Cg0ArKJSzLg-A6MFLIu2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=411&vt=11&dtpt=303&dett=3&cstd=105&cisv=r20230424.69843&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: fr.nex-software.com
URL: https://fr.nex-software.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Apr 2023 23:41:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 79ms
36ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6477c2579e5a667d14e1c4b1213f169209f4e1b6f443ddb4ec7041bcd80f86d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11390
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 23:41:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D40 13 KB
5 KB 35ms
32ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 29322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 15:32:26 GMT
expires: Fri, 26 Apr 2024 15:32:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D34 783 B
1 KB 87ms
30ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a117bf019eb195d1b01698a89b735587861306c5929cf67759d7aff3b06abc84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G9Dauxzz6ElcWKMKmdnQdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-G9Dauxzz6ElcWKMKmdnQdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 23:41:08 GMT
expires: Thu, 27 Apr 2023 23:41:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D40 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 19:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 19:28:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D34 0
0 54ms
53ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=4374851164335987&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0D40 0
10 B 31ms
30ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o5rRYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 23:41:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2351 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmETsktl6Z5aFDKebjLmHmAGhCmsscG5KHio8yqCIJhu0sbCWlNEd_LhodcftNN0mFMDMOUEvjwxAjKgu4xj14q7yz9AhPg5U4VlD8RO-VxiLJ4LdQ0fAnPShPI37XjYb0q_LXzw&sai=AMfl-YTTD9iw69b34b5FusfF9pmMQDG1jCkAQnS5mYOQxJnIVxe7a8UOMQkMKXDHUBIir-qzqOpqm0No-4EbY0s_LMuRCCILNuRbIHCeLLDubYtmGUWHQbvUBU0cEOE_T55jl4y70prer_5zkeV2&sig=Cg0ArKJSzNi7jQDvbVhPEAE&cid=CAQSSwBygQiD2PcAFbtjIeCny2kjTkDLsODoay1dX5v0vrTmnuD1nChIseMomJf7Ze5_-oIAwCao0FIoZHaMlFuum0YEQPtP9jKzf6xVTxgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2175618848&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682638867788&rpt=338&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=4374851164335987&bg=!m5ilmMzNAAYfNdXmPzU7ADkAdvg8WvskqWSkJRFdRRMDVoIhFhk_mWEtOo4JzBqwSJEKEHPgenZzzeTzuXLgmEYw2zajriXg3ZkCAAAARlIAAAACaAEHmQLc5bpFC6laoOMDZGZBVkngjLDQZh8-pJxVlaL9vfNrATgY_2UD8D2tqXFcFJZAAa-8HMexqEFZ7f7_S8JZxyjPmKj8XYkVhdq2lcowUaj53MCFaIP6QIv9ksuQyTeuKbi_d7BtTxfScNAITt-yzp6kyC8wBgv7UFtQ8JkUpqwpXj3IV6hM1-8jtCkQMQenfW6BTHukdRtyOXY1B2UxUn7Y53lyB4X7HAIXHQxjeX0cqR-U1vgNw76z1SK2XZjRsOG9Aj5g-tk8gyZUUWJkj8-jKS9l6sCiYclexXdNytMOGlUGPlB6fiGILf39vt2hH7lPqu-XD4OZGKpID2Ndm_rzc8RFGV3fPK6lhmPrTNiS4752aNWontquV2ysQz2-GVsSN_qePROhU5JpknoE-MqokH-QStXFvhP60YgBJCTBPNVsewqcpPKM2ZYnuYnqqd4l258mo69HE8riz_DfQDlks8CJwSGpaOBdYbikf7DiECU-KyO47AP-qCpyKJIJE5Z4cRewvvkzou5__F0BDywVsVzVpok8NECLWiOeCs0SXf-Bn1385Ca4WAf-OUSq9NvQOB6GX57bQPIC-RkKwzdmY4n-rTqUqhbBu31ABF1VywCU9gXJVrEB59kha3wNec_wDmR5gMjPqDtRq52qLz0qiJppIGteVOF_BJg2pK6Kcl10QKdkZn3uzkEo_jVxAGPf2WjWOYAjdAXo08KOQD83EIGsz84I6MTrTOyq-_Si8Vx646dZBkZIIGePr0IfvQC8xdkWDJoeKlyf3yLStOEPa-qaodKEi8qJlq-yBU2H7oycnoreI1OBEC4PayG-9NRL98tG_bTbKZZA2KykZ77d_K4ZsI4RJjX7wOzB9tj1TS01O02jbNMbTpODK1AKjTNfRy_SvTyRLeLI5gNHWwQpZ1w7I3FWcQjWx9YMnvgtLLubG7mwEg7e7vn1vujziTRXF3VXbUcUxE8TlVAJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2351 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6153660338701&version=m202301230201&ct=76&x=1&cor=1648540223727934000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
3fcf8b39a0.41f6f373a2.com/health/ 0
201 B 111ms
25ms Script
text/plain 2a01:4f8:c0:2f03::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://3fcf8b39a0.41f6f373a2.com/health/
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2f03::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fr.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 23:41:10 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET /
3fcf8b39a0.41f6f373a2.com/get/ Frame B518 0
0

GET
H2

200

1x1.png Show response
cdn.1vag.com/ Frame 8EA5
Redirect Chain

https://3fcf8b39a0.41f6f373a2.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIs...
https://rtbrennab.com/banner/in/show/?mid=8057911507031853168&pid=0&site=10277&sc=NL&usage_type=DCH&subid=266288781&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=...
https://btds.zog.link/in/912/?sid=10277&source=266288781&idzone=0&w=1&h=1&mo=&ve=&site_id=10277&utm1=&utm2=&utm3=&utm4=&ad_tags=Toutes%2CLes%2CInformations%2CSur%2CLes%2CFichiers%2CLes%2CPlus%2CPop...
https://cdn.1vag.com/1x1.png

68 B
335 B

70ms
14ms

Document
image/png

45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.1vag.com/1x1.png
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://fr.nex-software.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 68
content-type: image/png
date: Thu, 27 Apr 2023 23:41:11 GMT
etag: "5e970c67-44"
expires: Fri, 28 Apr 2023 00:41:11 GMT
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
server: nginx/1.20.1
x-proxy-cache: HIT
x-request-id: 374473e895c3a556ef8ee0547b8f7bf9

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 23:41:11 GMT
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
server: nginx/1.20.1
vary: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 3fcf8b39a0.41f6f373a2.com
URL: https://3fcf8b39a0.41f6f373a2.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlRvdXRlcyUyQ0xlcyUyQ0luZm9ybWF0aW9ucyUyQ1N1ciUyQ0xlcyUyQ0ZpY2hpZXJzJTJDTGVzJTJDUGx1cyUyQ1BvcHVsYWlyZXMlMkNBdnJpbCUyQzIwMjMsIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMjY2Mjg4NzgxIiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTAyNzcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1hIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MCwidjIiOjEsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDI3NyIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9mci5uZXgtc29mdHdhcmUuY29tLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyZWVkMTdlZWM0NDMzZjQ5YzFjM2RiYmY4NWJiOWFlYSIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjgyNjM4ODcwNzE4fX0=

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.load5.biz/	1970-01-20 12:07:10	Name: uuid Value: 58be113a-b4c4-4077-a6d4-588273e4dde5
fr.nex-software.com/	1970-01-20 12:53:15	Name: cookie_consent_level Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
.yadro.ru/	1970-01-20 20:09:25	Name: FTID Value: 1aImWJ0_NvuY1aImWJ0012qx
fr.nex-software.com/	1970-01-20 12:07:10	Name: _pbjs_userid_consent_data Value: 6683316680106290
.nex-software.com/	1970-01-20 20:09:34	Name: _sharedID Value: 1e80e8e4-84c0-408f-9c81-b30fd3807d22
.yadro.ru/	1970-01-20 20:09:25	Name: VID Value: 2a8b1P2kUAeY1aImWJ001SSt
fp.metricswpsh.com/	1970-01-20 20:09:34	Name: id Value: 10711375032044264328
ntvpwpush.com/	1970-01-20 12:07:10	Name: fp Value: null
ntvpwpush.com/	1970-01-20 12:07:10	Name: refdomain Value:
ntvpwpush.com/	1970-01-20 12:07:10	Name: mm Value: false
ntvpwpush.com/	1970-01-20 12:07:10	Name: gyr Value: 0
ntvpwpush.com/	1970-01-20 12:07:10	Name: ad_tags Value: Toutes%2CLes%2CInformations%2CSur%2CLes%2CFichiers%2CLes%2CPlus%2CPopulaires%2CAvril%2C2023
ntvpwpush.com/	1970-01-20 12:07:10	Name: tag_ab Value: a
ntvpwpush.com/	1970-01-20 12:07:10	Name: timezone Value: 0
ntvpwpush.com/	1970-01-20 12:07:10	Name: utm1 Value:
ntvpwpush.com/	1970-01-20 12:07:10	Name: utm2 Value:
ntvpwpush.com/	1970-01-20 12:07:10	Name: utm4 Value:
ntvpwpush.com/	1970-01-20 12:07:10	Name: accel Value: 0
ntvpwpush.com/	1970-01-20 12:07:10	Name: screen_resolution Value: 1600x1200
.nex-software.com/	1970-01-20 20:45:34	Name: __gads Value: ID=6385ce1fa6c30ea1:T=1682638867:S=ALNI_MYLm28KPzh-fXGm5jwDTo9pwKJzZw
.nex-software.com/	1970-01-20 20:45:34	Name: __gpi Value: UID=00000bf1938c07dc:T=1682638867:RT=1682638867:S=ALNI_MZilx-KMEnulkBO4QIXNm6M1_wt5w
.nex-software.com/	1970-01-20 11:23:58	Name: lotame_domain_check Value: nex-software.com
.doubleclick.net/	1970-01-20 20:45:34	Name: IDE Value: AHWqTUnY_VLES168cjH9m8ncIhrGPVr-EgrLtUOAelgm-OztgNmnUkFqUfQMcn8X
.criteo.com/	1970-01-20 20:45:34	Name: uid Value: ff5d8579-6542-4486-8993-f694d195d8e9
.adnxs.com/	1970-01-20 13:33:34	Name: uuid2 Value: 3144599565175152207
.adnxs.com/	1970-01-20 13:33:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTtd5X`'!]tbPl1M>e)ZlrFUfJ+tGXxpS^#R8aVFf%#DB`V$X]i]OV?WMjYZR-$GHS3L3If)y3KL9D3I?*dF/#gW
.casalemedia.com/	1970-01-20 13:33:34	Name: CMPS Value: 2121
.casalemedia.com/	1970-01-20 13:33:34	Name: CMPRO Value: 2121
.openx.net/	1970-01-20 20:09:34	Name: i Value: a9c78037-5e6f-473d-9db3-3979fac7d4ca\|1682638868
.casalemedia.com/	1970-01-20 20:09:34	Name: CMID Value: ZEsIFKqse-.UnTMIyQS6iwAA
.nex-software.com/	1970-01-20 20:45:34	Name: cto_bundle Value: nLnUhF80dG12VXdYc1hKZUZvVHhPRVg0bDBqWTIydTlLZjAzUVQ3UXlIbFF2UEFDZ2xjN3haZW5UVVRnRXFjRGJWMDVwMU9wSlZLbmdmcVJNcmtralVtaEFaZWIlMkJDZ1NFdjBkaSUyRlV4VExIRCUyRmc2UFVXamtQJTJGeUNKdjR1MENvd09qek8zV1J3NXVQZVRCTkZmczdnUkRvWmlZaWMyMnpBUEtBQnp5bkg0c1F3cEhiSSUzRA
btds.zog.link/	1970-01-20 11:25:25	Name: 912.0 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pic.nex-software.com/img/file-info/263/what-is-phobos-exe-min.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3be4572f0f.535a855e66.com
3fcf8b39a0.41f6f373a2.com
7c3ab99f44b15302ad2c6dfb9ab38469.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
bcp.crwdcntrl.net
btds.zog.link
buttons-config.sharethis.com
cdn.1vag.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.zx-adnet.com
cm.g.doubleclick.net
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
dsum-sec.casalemedia.com
esp.rtbhouse.com
fp.metricswpsh.com
fr.nex-software.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
js.cabnnr.com
js.wpadmngr.com
js.wpshsdk.com
l.sharethis.com
load5.biz
mug.criteo.com
na.nawpush.com
nex-software.com
notification.tubecup.net
ntvpwpush.com
oa.openxcdn.net
oajs.openx.net
optad360.mgr.consensu.org
pagead2.googlesyndication.com
pic.nex-software.com
platform-api.sharethis.com
rtbrennab.com
s0.2mdn.net
securepubads.g.doubleclick.net
site2text-2021.web.app
static.criteo.net
storage.googleapis.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.cookieconsent.com
www.google.com
www.googletagservices.com
www.termsfeed.com
3fcf8b39a0.41f6f373a2.com
13.32.99.34
142.250.186.66
151.101.65.195
157.90.84.242
162.19.138.120
172.217.16.194
178.250.1.11
185.80.39.216
188.166.100.156
2600:9000:206f:7800:c:abe:f440:93a1
2600:9000:2093:2200:11:a4de:2580:93a1
2600:9000:2250:6e00:a:e047:752:b361
2606:4700:10::6816:3456
2606:4700:20::681a:6a0
2606:4700:3037::ac43:9e7d
2606:4700::6810:5814
2620:0:890::100
2a00:1450:4001:801::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2010
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a01:4f8:c0:2343::2
2a01:4f8:c0:2f03::2
2a02:128:7:4910::2
2a02:2638:3::3
2a02:2638:d::d
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.120.135.53
34.249.220.178
34.96.70.87
34.98.64.218
35.190.39.111
37.252.172.123
45.133.44.24
45.133.44.25
45.133.44.52
45.133.44.53
52.29.163.83
65.9.66.97
78.47.199.206
88.212.201.198
99.86.4.86
03e14078fb35576323cf2eab009dfd6d7b5eacf4392c45a45114e54a7364e964
0b283eb4e8e9e4490a7c4b8c98a98ce42b91f54362fec67cbec90cefaeeda408
0b7a4ca1a9b3e33d3ca6e9fbe81af6547e478baa148790c6d6982684b335f63b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fc1289eed4c57aaba8ca2129a9ae0efc22de7a2bd2e4cbf14a15a7508ae998e
106b181c63cba80e5895959c8197fc5911f728eded36ff6d16af800d9483b0af
11961a36e2d6b42254abd7d1486669ee9272eecdbf729e8991cbc869dc66f977
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
18c144f5b64f4af2a4c78c01ee6609eef9d32aaca339b705d87550cf60021e58
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9a99fb226988ef3e2c29830058a81dac3efe0b35930e8a466336a59aec2939
2f1e084697cfe407f1b6ed9aa2a8d312cf3c116555d93dc3282a419156942834
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33ba8700fdd425748533bf1ee4ccd89d4012dfebcd7b61d54f87d0d0e952b8b6
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3f02ac80104d923abd3d1169990c0fde016f78998473355870d54839e63f747d
43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15
4a9650564960002c3a6b463e0c895f6faa3c65690a9870ea8cfa8c3811a6b2ee
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd10fa4ee1cd3b8fc26d592224ca0d6f2f955eb84e935431983de2592e4f2a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b0afc1649ec9d060c3731740cbeb6ff037c7df86629acc8eb1b10af7a99afe
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d83dba90b9c09397b1d1d3aff209919e4e02aab97471725ad0ab6d57e5cdd0
56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f
57422afdb59ff409bda7a3af9b620afcb0e94adcfbcff87202a562f777d6641c
5e083e1a22a8ee24f3b39bf120c1c9af9684293840c29191d87c78f67feccefd
601fbf8dcfe63b52e9e93b95fae8fe091bc458f470f7f378565b9629b9745a5d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6477c2579e5a667d14e1c4b1213f169209f4e1b6f443ddb4ec7041bcd80f86d2
65566c7e793bddd2cde8c71b73e99fc1ac2fe087f6f2f5ca746b73bcd5d1c88b
66942b2dcc41fb0d80feea6e421a4edc17de0d2f91b64b0204522b772ecbad15
6b6042b285d82a7b8f8d1b9e0476de055b93af4efa389396a0e36d24676279f9
6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a
70cbe97ecb356ef429c80ea7e1253d9730396fbddc6469dcb6e57b02bf80b0a2
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
77225ce75f9eed6990863b379741e24ffe1245dd20d4993c99447d20ecc53a8e
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
77d724db34ccdba6962546c3375cf2156e615fa34dcbfd98c00947bdac61b7c8
77fc4892ecfa42b997382e14860d7056e08521f3c4fab526f7214f230d7d172d
7b43909f7104e1f81cc9b072e4c94b19fccbe56bbf2351738f49ce86def64ac4
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7fadd541e6e2d8aa79f2bba09acfedd9acbb5348693e26f2de6f6fb41149431a
84a1b2c0f1c133dddfc937787d311e484852a2c8481d869da851845bda9188bf
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8fcf7c5b0cbbd224688cc80e4399d1a6931ecff516b778d32fb2219e6ded4527
900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10
902269f1228994ac73ce1a3ed21d948beb250b5c3d945b459ac6a48a097968fe
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9a8b0c2f7170ff1888565cf01f70500686eca9fe6dea259ce1998e5ee8af0ce0
9b830a741e3a702c5f232ef38e0f2d4ab8dda52004178cfdb9cc088f73546523
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a117bf019eb195d1b01698a89b735587861306c5929cf67759d7aff3b06abc84
a1e06c38df2007a8bac9725f6b08eaf56e33f121d85661fa3bb419de259bd9a6
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5c08e6effd96a3cb2e0dde46367db2d3380191573a043d36b00b51e8fdfae77
a688e7ca97b6ceb293188b433130dfae854e0a34dfc0d7369d3152543926169e
a7dcc07d397d0bf3aa1a918b78217d7ec794a40d776abd2286a77864d23c8f41
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58f173fa4389ef70d5ee3f0d1cf3bedca9d17ad4087781a0d26fa03400aee05
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c3c72284b6c8eac32df87566950180e1725f16c3b4941a606c64d7a8068b8073
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cdc72305605737b5e6642b9ad1fa9689c68c18de3c8ea8a4716536f9568581d6
cf9af76dfc4b874739f6206fe7a0b30cb6031f010ba84f46098aedf5f3d18450
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d1fd87febf4335823fe28cbe5a24c85f3d0aed2c630cb17c20a6188b924b6802
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d2fffea22d60657172fc83dab02f71f36f7023542cf60ca681604d73d53e25fd
d747e8d0a5f850188f45ee245773a6bf7803b4709ca16648dd30eb99bb20fc0c
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da29fee5e1029fbe8c55baf492094205039cd7b36debc52027985fe84404356d
de855de70ba571c33a5058d0b86427385a024fb4486cf5a2e3bc37eff7ed16ae
debbf51c72faa0958d65709999fa2796996952b690aa53ed85f12d4f3b85eba4
e068e841de62ad2f3f0f02a4471a127a8ad7ebe42a2f60089ec3fd6a885201ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273
ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed
ef04ebd34f9d837413d0e44f7d8d778bf95a76119dfa0cd85d646306c531d430
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26aa21260bfee2da9bb498545f5f5ff73cd74904fc181e5e6e534496e8fe785
f746a923d80a543b847fa37688a18edf8ec81088685e12e137b72d14e9da92a4
ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

fr.nex-software.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

92 %HTTPS

50 %IPv6

43 Domains

57 Subdomains

49 IPs

8 Countries

3388 kBTransfer

5804 kBSize

32 Cookies

3 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fr.nex-software.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

92 %
HTTPS

50 %
IPv6

43
Domains

57
Subdomains

49
IPs

8
Countries

3388 kB
Transfer

5804 kB
Size

32
Cookies

128 HTTP transactions
1 data transactions