www.exedb.com Open in urlscan Pro
78.46.72.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Submission: On September 19 via manual (September 19th 2023, 9:32:51 pm UTC) from AU — Scanned from AU

Summary HTTP 41 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 78.46.72.84, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.exedb.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2023. Valid for: a year.

This is the only time www.exedb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	78.46.72.84 78.46.72.84	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.204.8 142.250.204.8	15169 (GOOGLE) (GOOGLE)
8	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
1	142.250.66.206 142.250.66.206	15169 (GOOGLE) (GOOGLE)
4	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
2	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
6	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
3	142.250.66.225 142.250.66.225	15169 (GOOGLE) (GOOGLE)
2	142.250.204.1 142.250.204.1	15169 (GOOGLE) (GOOGLE)
41	9

14 78.46.72.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.84.72.46.78.clients.your-server.de

www.exedb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.206 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.204.4 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.66.225 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	exedb.com www.exedb.com	186 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	218 KB
6	google.com www.google.com — Cisco Umbrella Rank: 11	111 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	12 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 9302	1 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	908 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	88 KB
41	8

	Domain	Requested by
14	www.exedb.com	www.exedb.com
8	pagead2.googlesyndication.com	www.exedb.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.google.com	pagead2.googlesyndication.com www.google.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	afs.googleusercontent.com	www.google.com
2	partner.googleadservices.com	pagead2.googlesyndication.com www.google.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.exedb.com
41	9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.linkedin.com
exedb.com

Subject Issuer	Validity	Valid
www.exedb.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-21` - `2024-01-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Frame ID: 2059FFDB86AE6D43D3D4773CDF8FB519
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: C3CFDE0210B9B8ACD504CCDF723466DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1695130367&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159166515&bpp=15&bdt=595&idt=584&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1303977205431&frm=20&pv=2&ga_vid=287078906.1695159166&ga_sid=1695159167&ga_hid=1476259614&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44795921%2C44798321%2C31077706&oid=2&pvsid=3973069307899781&tmod=199491703&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=613
Frame ID: DB800953390EDFBC7BCECB9CF6C4104E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1695130367&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159166530&bpp=1&bdt=610&idt=603&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1303977205431&frm=20&pv=1&ga_vid=287078906.1695159166&ga_sid=1695159167&ga_hid=1476259614&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44795921%2C44798321%2C31077706&oid=2&pvsid=3973069307899781&tmod=199491703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cGxmz10o2d&p=https%3A//www.exedb.com&dtd=605
Frame ID: FC61C1BE6A177A4FC26DEFE344EFC164
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2468599764~rp.1&w=1016&fwrn=4&fwrnh=100&lmt=1695130367&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159167905&bpp=3&bdt=1985&idt=3&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44ec3e6c8fdc4a35%3AT%3D1695159167%3ART%3D1695159167%3AS%3DALNI_MbUL2maoXBxnO_YbDa5rZZcNuXX6g&gpic=UID%3D00000c4bc84896bc%3AT%3D1695159167%3ART%3D1695159167%3AS%3DALNI_MbMm101pGNb6e65ZVDe2V-7cw-FPA&prev_fmts=0x0%2C952x280&nras=3&correlator=1303977205431&frm=20&pv=1&ga_vid=287078906.1695159166&ga_sid=1695159167&ga_hid=1476259614&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44795921%2C44798321%2C31077706&oid=2&pvsid=3973069307899781&tmod=199491703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N0CjnuezZM&p=https%3A//www.exedb.com&dtd=12
Frame ID: DEE94DCC81C6D5310D453DAAA7C744EF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=44800179%2C21404%2C17300003%2C17301293%2C17301321%2C17301323&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=8681695159168185&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=0&u_his=2&u_tz=480&dt=1695159168187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=564420743&uio=-&cont=autors-container-0&jsid=csa&jsv=564420743&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942
Frame ID: 3BE23C227B9CB39A2CC61EB7530686E3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4447713F018084C5B3AA6EA21D36EAF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E40767CBA246CAB3D9957397A727D315
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

pospaymentsworker.exe: What is it and How to Remove it (Solved)FacebookTwitterLinkedIn

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

617 kB
Transfer

1410 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/share?url=https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&source=LinkedIn&url=https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://exedb.com/md/pospaymentsworker---77d96999819206e9208df12819e5dba7.shtml
Title: 77d96999819206e9208df12819e5dba7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Show response
www.exedb.com/en/ 67 KB
67 KB 1002ms
280ms Document
text/html 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 3cf077f34543c052f2c27a23272005d840eb3ec50200f8f4d0bb7e3cc638c2ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,public
content-encoding: gzip
content-length: 68404
content-type: text/html; Charset=utf-8
date: Tue, 19 Sep 2023 21:32:45 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 219ms
114ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4f02063bbec29f62049f46089c664f83125a21136f1814b424ad62084a77f55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Sep 2023 21:32:46 GMT

GET
H2 200 global2.css
www.exedb.com/css/ 14 KB
3 KB 520ms
518ms Stylesheet
text/css 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/css/global2.css
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: eb4f9b2a53c842f6a29518f592d548944c1f4764d8a37bf880c00d7c035ac957

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:45 GMT
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 14:27:11 GMT
server: Microsoft-IIS/10.0
etag: "8049d1b6e0e7d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 3068

GET
H2 200 index-n.css
www.exedb.com/ 4 KB
4 KB 520ms
519ms Stylesheet
text/css 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/index-n.css
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 051b0c9b6f7695773c661a88e4c3b78c7d0ae0a1deaea1c3e970c5cfab90191f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:45 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 06:20:23 GMT
server: Microsoft-IIS/10.0
etag: "bd2a1b1b52b5d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 3845

GET
H2 200 header.js Show response
www.exedb.com/javascripts/ 1 KB
1 KB 267ms
266ms Script
application/javascript 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/javascripts/header.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 17:45:20 GMT
server: Microsoft-IIS/10.0
etag: "0b8ce1362d3d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 1147

GET
H2 200 index.js Show response
www.exedb.com/ 4 KB
4 KB 268ms
267ms Script
application/javascript 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/index.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4d4fb455e5fc986feaa722bd7c87b7747a31df86431a71e9abedc4bd3a002822

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 06:43:08 GMT
server: Microsoft-IIS/10.0
etag: "43d096444e5d91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 3909

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 240ms
132ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c9ae8632e35b804ac1dd75ab61900a5434900f8d9a8b4bb16de92a365de35f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Origin: https://www.exedb.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51144
x-xss-protection: 0
server: cafe
etag: 13558213566287238005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:32:46 GMT

GET
H2 200 exeIcon.svg
www.exedb.com/images/ 895 B
1009 B 268ms
267ms Image
image/svg+xml 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/images/exeIcon.svg
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
last-modified: Wed, 28 Sep 2022 16:37:46 GMT
server: Microsoft-IIS/10.0
etag: "0696fa358d3d81:0"
content-type: image/svg+xml
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 895

GET
H2 200 exedb.png
www.exedb.com/img/ 5 KB
5 KB 269ms
268ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/img/exedb.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 0d45af8e11203f2d5e29340d98635c70020f35a3575de96952cf1187380cacb8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
last-modified: Fri, 30 Sep 2022 06:54:14 GMT
server: Microsoft-IIS/10.0
etag: "c14ccb7399d4d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 4632

GET
H2 200 seen.png
www.exedb.com/ 469 B
548 B 270ms
269ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/seen.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 84fd1028d3aff54df0967a2f0bad4ca7442560afb22471394f397fc79ea1a68b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
last-modified: Sat, 11 Mar 2023 15:17:44 GMT
server: Microsoft-IIS/10.0
etag: "384536a12c54d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 469

GET
H2 200 vote-safe-32.png
www.exedb.com/ 592 B
671 B 268ms
267ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/vote-safe-32.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6594d88954238143ec387448c00efd7c166b4193bc755328092d6285a6916b29

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
last-modified: Tue, 21 Jun 2022 06:54:42 GMT
server: Microsoft-IIS/10.0
etag: "edf59cc83b85d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 592

GET
H2 200 vote-danger-file.png
www.exedb.com/ 586 B
665 B 268ms
267ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/vote-danger-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e913a4f0f31847bffaa1019f3cdcb59d563b1df51a53b2ef5fa1ff144bd93f2a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
last-modified: Tue, 21 Jun 2022 06:55:22 GMT
server: Microsoft-IIS/10.0
etag: "bcc1ace03b85d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 586

GET
H2 200 tip.png
www.exedb.com/ 1 KB
1 KB 268ms
268ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/tip.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4ede7df353bf407622be01c9476c5b4cc1b77ecfde557a4ee81978a288b0a78b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
last-modified: Sun, 12 Mar 2023 05:52:25 GMT
server: Microsoft-IIS/10.0
etag: "8b1433d2a654d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1067

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 198ms
98ms Ping
text/plain 142.250.66.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RMPSQLW73D&gtm=45je39i0&_p=1476259614&cid=287078906.1695159166&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695159166&sct=1&seg=0&dl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&dt=pospaymentsworker.exe%3A%20What%20is%20it%20and%20How%20to%20Remove%20it%20(Solved)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s23-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:32:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
www.exedb.com/javascripts/ 87 KB
88 KB 268ms
268ms Script
application/javascript 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/javascripts/jquery.min.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 05:40:40 GMT
server: Microsoft-IIS/10.0
etag: "71226f2c6d3d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 89529

GET
H2 200 lazysizes.min.js Show response
www.exedb.com/ 8 KB
8 KB 270ms
270ms Script
application/javascript 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/lazysizes.min.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e76fb8d9f216898822b92b5be7fc0b3085b9a3685b14089d64a10935e83a08c5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 08:08:06 GMT
server: Microsoft-IIS/10.0
etag: "cd5e3e9848ddd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 7914

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 230ms
132ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

33c01bba4375332668461280852255688a7abf1e82068dbc1884dd91d5af02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131532
x-xss-protection: 0
server: cafe
etag: 2511917215832488845
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:32:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame C3CF 10 KB
5 KB 102ms
2ms Document
text/html 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 30112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 13:10:54 GMT
etag: 8554266389219770021
expires: Tue, 03 Oct 2023 13:10:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 exedb-ads2.asp Show response
www.exedb.com/ 3 KB
3 KB 296ms
296ms XHR
text/html 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/exedb-ads2.asp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/javascripts/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 468caf4794ac9d82abeb0882f96d3acc2a768d186c3205a8d4758ce0e1925f53

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:46 GMT
cache-control: private,public
content-encoding: gzip
server: Microsoft-IIS/10.0
content-length: 3195
vary: Accept-Encoding
content-type: text/html; Charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 640ms
96ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&callback=_gfp_s_&client=ca-pub-3100504127201331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

776720d6f4c53d3591ea61d02bb1b5dd9b89abe3508fdabc9abada5ae8312be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB80 27 KB
6 KB 683ms
683ms Document
text/html 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1695130367&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159166515&bpp=15&bdt=595&idt=584&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1303977205431&frm=20&pv=2&ga_vid=287078906.1695159166&ga_sid=1695159167&ga_hid=1476259614&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44795921%2C44798321%2C31077706&oid=2&pvsid=3973069307899781&tmod=199491703&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=613

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

0a38c7c8e36f0efcc8e87d65dce66aea2e2331283aab33a7f9c139770a5a6c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:32:47 GMT
expires: Tue, 19 Sep 2023 21:32:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 97ms
97ms Image
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=bg-primary-300&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC61 714 B
577 B 526ms
525ms Document
text/html 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1695130367&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159166530&bpp=1&bdt=610&idt=603&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1303977205431&frm=20&pv=1&ga_vid=287078906.1695159166&ga_sid=1695159167&ga_hid=1476259614&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44795921%2C44798321%2C31077706&oid=2&pvsid=3973069307899781&tmod=199491703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cGxmz10o2d&p=https%3A//www.exedb.com&dtd=605

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

8dd02c5652b57f053638e5ac5a35a59baf325d5ffddd4813d02fb78b37000921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:32:47 GMT
expires: Tue, 19 Sep 2023 21:32:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 129ms
129ms XHR
application/json 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c40862f3ab33a5657dd7bedd9ed4844ab0392e2a98d62df69c9a741d90dc3853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12049
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEE9 436 B
532 B 527ms
527ms Document
text/html 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2468599764~rp.1&w=1016&fwrn=4&fwrnh=100&lmt=1695130367&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159167905&bpp=3&bdt=1985&idt=3&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44ec3e6c8fdc4a35%3AT%3D1695159167%3ART%3D1695159167%3AS%3DALNI_MbUL2maoXBxnO_YbDa5rZZcNuXX6g&gpic=UID%3D00000c4bc84896bc%3AT%3D1695159167%3ART%3D1695159167%3AS%3DALNI_MbMm101pGNb6e65ZVDe2V-7cw-FPA&prev_fmts=0x0%2C952x280&nras=3&correlator=1303977205431&frm=20&pv=1&ga_vid=287078906.1695159166&ga_sid=1695159167&ga_hid=1476259614&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44795921%2C44798321%2C31077706&oid=2&pvsid=3973069307899781&tmod=199491703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=N0CjnuezZM&p=https%3A//www.exedb.com&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

391971db9bfd91d45150bad5669ac3499df651e1a15c01e2b982e76ab08ae133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:32:48 GMT
expires: Tue, 19 Sep 2023 21:32:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 144 KB
53 KB 206ms
100ms Script
text/javascript 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

sffe /

Resource Hash

dda21fb625d78cf97e2008bda44d5163967d34c2ffe2532bb9aef44def9b8c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "17229463916029519913"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://afs.googlesyndication.com>; rel="preconnect"
expires: Tue, 19 Sep 2023 21:32:48 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 96ms
96ms Image
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44800179&hl=en&pvc=3973069307899781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 554ms
144ms Script
text/javascript 142.250.66.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:32:48 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 372 B
308 B 97ms
96ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&client=partner-pub-3100504127201331&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

a8f68dc005441915f7d3838f4b8c82f26b94989757bd70730737bdacfa21ce91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0

GET
H2 200 ads Show response
www.google.com/afs/ Frame 3BE2 19 KB
4 KB 182ms
181ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=44800179%2C21404%2C17300003%2C17301293%2C17301321%2C17301323&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=8681695159168185&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=0&u_his=2&u_tz=480&dt=1695159168187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=564420743&uio=-&cont=autors-container-0&jsid=csa&jsv=564420743&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

gws /

Resource Hash

80bd8c8af92696de9d1749d076e6d871546c0b8247d9d48fce442e82a83bfb56

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-zD2IqWljaQkeycH6397fIQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 3157
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zD2IqWljaQkeycH6397fIQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 19 Sep 2023 21:32:48 GMT
expires: Tue, 19 Sep 2023 21:32:48 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 3BE2 391 B
799 B 417ms
3ms Image
image/svg+xml 142.250.204.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=44800179%2C21404%2C17300003%2C17301293%2C17301321%2C17301323&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=8681695159168185&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=0&u_his=2&u_tz=480&dt=1695159168187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=564420743&uio=-&cont=autors-container-0&jsid=csa&jsv=564420743&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f1.1e100.net

Software

sffe /

Resource Hash

ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 07:24:41 GMT
age: 50887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Wed, 20 Sep 2023 06:24:41 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 3BE2 200 B
289 B 418ms
5ms Image
image/svg+xml 142.250.204.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%239aa0a6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f1.1e100.net

Software

sffe /

Resource Hash

5b4cc8b4df06881ba671ef97dfbac6804e5c6ad9db05254103495b3a00e9e250

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 10:38:54 GMT
age: 39234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:38:54 GMT

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ Frame 3BE2 144 KB
52 KB 104ms
103ms Script
text/javascript 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js?pac=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

sffe /

Resource Hash

ba2bf0826dd5d754f6e3fd4d5070448c6ba0e895ae0e62cf72e284180c8a945d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "10003237993102955141"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://afs.googlesyndication.com>; rel="preconnect"
expires: Tue, 19 Sep 2023 21:32:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D444 13 KB
5 KB 3ms
2ms Document
text/html 142.250.66.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 411013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 03:22:35 GMT
expires: Sat, 14 Sep 2024 03:22:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E407 829 B
944 B 101ms
101ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

GSE /

Resource Hash

51d2036fffb4087e9f8040fa8e70734fc49eadf265fb9f03fa4ae3d9b68f1565

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qTCWjQwidEITlcfzT4GAVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-qTCWjQwidEITlcfzT4GAVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:32:48 GMT
expires: Tue, 19 Sep 2023 21:32:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame D444 37 KB
15 KB 2ms
2ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 02:25:15 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame D444 0
40 B 2ms
2ms Image
text/plain 142.250.66.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SDb01A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.225 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:32:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E407 0
0 96ms
95ms Image
text/html 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=3973069307899781&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
101ms Image
text/html 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=3973069307899781&bg=!9vWl9brNAAbP3fMH7907ADQBe5WfOJ_wo7Q_8dsq4NiYEn0v-mjRQoK20dFWv_V9iyhvX3g6-jk2NRbecWkFCAoXRbNTAgAAAEBSAAAAB2gBB5kCuUu0Amkw4AEW4OzDvaUaHUSkHUAfMZm6xzzT-bpDhTFsLHqeyTvueZuVyK7t7hFb-hAtIIihk--Ao0kmYa7jVLvs8Kcn_QZ_k5xsNX1bmR0-Hma8E8gy0OsgJG_sNIvMDZ66IBm5s_mPzWklj8UPFiA7JAncakNeJzO_fV5cuXxbG2Vm6X4fZduFsY-qgsMTejFCQKxlrcPuDC7Yb-KQ35mc41uY9NA4C5kunKmSDP7kCzCpMbQg8zRz6hgNRf26P6hXSOMdvJyL28kMxAbC09aFBOEV5t-U6nL3YcT-E62oIvRK5wG9XVhM-TTbkT94r4Z5bPcg-4We-Ve54-_nsruEW-PcYhPZ8YjdLlDbls9brqAiA3GJ1i_E9Ydis50drKXlFmNrltk2xRwNiN9hC_V0QrFevmTpSrdmS08YMCx8eZRwYRd5lqpCnzeBGUyx0FaPYgDr_VwzfP2XQGvMMAQXhw1AWda_VoEzeQhrZncnDjg2VNNERTWSK8EVaT6x3kLTP31SL71iQT6OzIZJggD8XJfIwPcR4JKWWP2Xc97_r-ZgKrgkAv2e57xcFlSFiSK0bEBwdJOuZSQct8reOqNbm7ZWYYlQyR2NnIovcb1MSASG0otqkIRcXNRVpPxMjGl6u-q5zC5fZJgfiFYoOyYs7suXVkfq9E99HZisHPIHytaf9agVePA7l9WXR6y4LlaIaAaVRtqElxAK9q7UkA05f84DPmVoSOcN4mXbYI6LfLDsUagB34_dkXFELe7v4iIVtrHy-n0rO4bfJU6oQE7k4WVDQbG0prlgxIQmIhZp_Szk0Ap2d7hpy520JiAeIxzj4OktSerNSS0DHFOPnU3o58W8GZQ6MTAQSger4vNvDph01PoFb7n1FDSpcgOyf36ORJ1tiugjgo5kdGbGLkrv8YDCpJVYDho
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 204 gen_204
www.google.com/afs/ 0
657 B 113ms
113ms Image
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=pub-3100504127201331&output=uds_ads_only&zx=ung2m91kzrhw&aqid=gBMKZcmcEr_CjMwPw7G3kAo&psid=5134551505&pbt=bs&adbx=329&adby=1148.65625&adbh=348&adbw=942&adbah=58%2C58%2C58%2C58%2C58&adbn=master-1&eawp=partner-pub-3100504127201331&errv=564420743&csala=256%7C22%7C219%7C129%7C301&lle=0&ifv=1&usr=0&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-vbkbpjSSv3POAHIrQ7qnfA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vbkbpjSSv3POAHIrQ7qnfA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 19 Sep 2023 21:32:50 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
www.google.com/afs/ 0
214 B 125ms
125ms Image
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=pub-3100504127201331&output=uds_ads_only&zx=1nuzjx57wq9h&aqid=gBMKZcmcEr_CjMwPw7G3kAo&psid=5134551505&pbt=bv&adbx=329&adby=1148.65625&adbh=348&adbw=942&adbah=58%2C58%2C58%2C58%2C58&adbn=master-1&eawp=partner-pub-3100504127201331&errv=564420743&csala=256%7C22%7C219%7C129%7C301&lle=0&ifv=1&usr=0&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-mvdmmTcHkHA9xYf_LqQqxA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-mvdmmTcHkHA9xYf_LqQqxA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 19 Sep 2023 21:32:50 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.exedb.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQUBCBSQT Value: MIECOEOAANKOPKJMPJCEJAIA
.exedb.com/	1970-01-21 00:28:39	Name: _ga_RMPSQLW73D Value: GS1.1.1695159166.1.0.1695159166.0.0.0
.exedb.com/	1970-01-21 00:28:39	Name: _ga Value: GA1.1.287078906.1695159166
.exedb.com/	1970-01-21 00:14:15	Name: __gads Value: ID=44ec3e6c8fdc4a35:T=1695159167:RT=1695159167:S=ALNI_MbUL2maoXBxnO_YbDa5rZZcNuXX6g
.exedb.com/	1970-01-21 00:14:15	Name: __gpi Value: UID=00000c4bc84896bc:T=1695159167:RT=1695159167:S=ALNI_MbMm101pGNb6e65ZVDe2V-7cw-FPA
.exedb.com/	1970-01-21 00:14:15	Name: __gsas Value: ID=2a5c9cb7fa823c75:T=1695159168:RT=1695159168:S=ALNI_MYgz-O8-lFxN65J0KSjX4HLXmB9tg
.google.com/	1970-01-20 19:16:10	Name: NID Value: 511=FXp4TL0dOFVbuBTLTegKvStudbuhdbEq4LXa21gYDqGeR7Tmd7IK8EeJ-xYPixbOVcX7nx4CPl7KHjfzJkCwCwX99pu_g2yhirrUvYsdGKh9jiBjfU3IHa1k3YDgAHSxHYDIlTHba3K4I_VxpKNt_tgDgQVqiatlW8KWFTZccqI
.doubleclick.net/	1970-01-21 00:28:39	Name: IDE Value: AHWqTUlMmzow3CgHjPL0fV4vTal-QFWiaMMKEVFqF7xy_Z2akhwYo2v-gca89u0P7h0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 217) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.exedb.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
142.250.204.1
142.250.204.4
142.250.204.8
142.250.66.206
142.250.66.225
172.217.167.66
172.217.167.98
172.217.24.34
78.46.72.84
051b0c9b6f7695773c661a88e4c3b78c7d0ae0a1deaea1c3e970c5cfab90191f
0a38c7c8e36f0efcc8e87d65dce66aea2e2331283aab33a7f9c139770a5a6c81
0d45af8e11203f2d5e29340d98635c70020f35a3575de96952cf1187380cacb8
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7
33c01bba4375332668461280852255688a7abf1e82068dbc1884dd91d5af02d2
3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466
391971db9bfd91d45150bad5669ac3499df651e1a15c01e2b982e76ab08ae133
3cf077f34543c052f2c27a23272005d840eb3ec50200f8f4d0bb7e3cc638c2ce
468caf4794ac9d82abeb0882f96d3acc2a768d186c3205a8d4758ce0e1925f53
4d4fb455e5fc986feaa722bd7c87b7747a31df86431a71e9abedc4bd3a002822
4ede7df353bf407622be01c9476c5b4cc1b77ecfde557a4ee81978a288b0a78b
4f02063bbec29f62049f46089c664f83125a21136f1814b424ad62084a77f55e
51d2036fffb4087e9f8040fa8e70734fc49eadf265fb9f03fa4ae3d9b68f1565
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b4cc8b4df06881ba671ef97dfbac6804e5c6ad9db05254103495b3a00e9e250
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6594d88954238143ec387448c00efd7c166b4193bc755328092d6285a6916b29
776720d6f4c53d3591ea61d02bb1b5dd9b89abe3508fdabc9abada5ae8312be7
80bd8c8af92696de9d1749d076e6d871546c0b8247d9d48fce442e82a83bfb56
84fd1028d3aff54df0967a2f0bad4ca7442560afb22471394f397fc79ea1a68b
8dd02c5652b57f053638e5ac5a35a59baf325d5ffddd4813d02fb78b37000921
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a8f68dc005441915f7d3838f4b8c82f26b94989757bd70730737bdacfa21ce91
ba2bf0826dd5d754f6e3fd4d5070448c6ba0e895ae0e62cf72e284180c8a945d
c40862f3ab33a5657dd7bedd9ed4844ab0392e2a98d62df69c9a741d90dc3853
c9ae8632e35b804ac1dd75ab61900a5434900f8d9a8b4bb16de92a365de35f43
dda21fb625d78cf97e2008bda44d5163967d34c2ffe2532bb9aef44def9b8c5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76fb8d9f216898822b92b5be7fc0b3085b9a3685b14089d64a10935e83a08c5
e913a4f0f31847bffaa1019f3cdcb59d563b1df51a53b2ef5fa1ff144bd93f2a
eb4f9b2a53c842f6a29518f592d548944c1f4764d8a37bf880c00d7c035ac957
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1

www.exedb.com Open in urlscan Pro 78.46.72.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

617 kBTransfer

1410 kBSize

8 Cookies

4 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.exedb.com Open in urlscan Pro
78.46.72.84 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

617 kB
Transfer

1410 kB
Size

8
Cookies

41 HTTP transactions
0 data transactions