urlscan.io logo urlscan.io
SecurityTrails logo

galasoft.ch Open in urlscan Pro
52.174.235.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.galasoft.ch/
Effective URL: https://galasoft.ch/
Submission: On February 09 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 52.174.235.29, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is galasoft.ch.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 5th 2022. Valid for: a year.
This is the only time galasoft.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    52.174.235.29 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.galasoft.ch
galasoft.ch
7    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
imgur.com
3    76.74.234.208 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
cdn1.developermedia.com
apps.developermedia.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 galasoft.ch
www.galasoft.ch
galasoft.ch
132 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
76 KB
8 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5080
imgur.com — Cisco Umbrella Rank: 3740
321 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
141 KB
3 developermedia.com
cdn1.developermedia.com — Cisco Umbrella Rank: 100485
apps.developermedia.com — Cisco Umbrella Rank: 99450
10 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
65 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
64 KB
1 google.nl
adservice.google.nl — Cisco Umbrella Rank: 13560
792 B
53 9
Domain Requested by
18 galasoft.ch galasoft.ch
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 i.imgur.com galasoft.ch
5 tpc.googlesyndication.com galasoft.ch
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 apps.developermedia.com cdn1.developermedia.com
2 www.googletagservices.com cdn1.developermedia.com
securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 s0.2mdn.net securepubads.g.doubleclick.net
1 googleads4.g.doubleclick.net galasoft.ch
1 a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 cdn1.developermedia.com galasoft.ch
1 imgur.com 1 redirects
1 www.galasoft.ch 1 redirects
53 16
Subject Issuer Validity Valid
galasoft.ch
Go Daddy Secure Certificate Authority - G2		 2022-01-05 -
2023-02-06		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.developermedia.com
Starfield Secure Certificate Authority - G2		 2020-07-13 -
2022-07-14		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://galasoft.ch/
Frame ID: D566805C61CADD88A30EE8AD834FBDD2
Requests: 37 HTTP requests in this frame

Frame: https://a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 067B9E4CE4AFB8E01A96517B8FA3E591
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudCSZu_TT9wGVoUlX2fPmCT8ocZrfvkNYfYFl6AcV90-aP7mjD1fkO3lPFZ2d_xCtiqpuf1BTUWlOR_RAukudQn6JBESuJMAR9p6F9EZoIj2GcfjCchrTF6sUY0Ajv5A7AMbysv36VZn7WgLFvwNm59m8SKKyI3nxqQhulSH5hmeCIuxINa5Iie2kNcN0RAHMCqaBmrnihykGyvybWHcLZGWHb_qEqNY5C63Di84mYRsBLqVlS9u-eJ1m6vJp57YZ9huEtH4fK8LjtGRJgeo7U7BFeE8mgWvwbni9QBV-5SaglPxeNAFgEuyz6A-sqPE4ahG0Q0WtQpU8c4QnN2H4WgOOQkg9nV9ulwWBvioNfN9r4dZl2luaq9UlN&sai=AMfl-YR-iJaIGodxi-tjhcSDl_b4pjzjLgyYqyZ6JpS8Wa4THdE-Yhj8m2HCxHbhJfYtHbIIYKON6IBq15X58J-ZJJjpXwgv6lMLehmDCOWip1dJC6E4KTdYgI3jshvsagc&sig=Cg0ArKJSzC4ucLtHt9bJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 07E322C29E13DEB1C580456F1B62D66A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 84BE877F84899C6DF34F3A8EBBDF09CF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D85F0872F7BFDFD2BA6E62D18DE319DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 401CBD3C31BAFAD58A2FA8246C5852D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GalaSoft Laurent Bugnion - On Azure

Page URL History Show full URLs

  1. http://www.galasoft.ch/ HTTP 302
    https://galasoft.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <(?:script|link)[^>]*sh(?:Core|Brush|ThemeDefault)

Page Statistics

53
Requests

98 %
HTTPS

57 %
IPv6

9
Domains

16
Subdomains

14
IPs

4
Countries

811 kB
Transfer

1350 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.galasoft.ch/ HTTP 302
    https://galasoft.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://imgur.com/DvsPpbC.png HTTP 301
  • https://i.imgur.com/DvsPpbC.png

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galasoft.ch/
Redirect Chain
  • http://www.galasoft.ch/
  • https://galasoft.ch/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a69f639a23ced1fea55a1babd58dcbc90e786aaa6a81a84a32d6a9c28cbe3e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

Cache-Control
private
Content-Length
3860
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNetWebPages-Version
3.0
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:4fc25b32-81fc-4c22-8a28-3676224b05ef
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Wed, 09 Feb 2022 17:59:01 GMT

Redirect headers

Content-Length
137
Content-Type
text/html; charset=utf-8
Location
https://galasoft.ch/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Date
Wed, 09 Feb 2022 17:59:01 GMT
gslb.web.css
galasoft.ch/_old/layout/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/_old/layout/gslb.web.css
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7bfa30c03f54b37ef65cc4bffc9e7132a0b8e1fb7372cb1a37c4cb1750304bd7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"01f97842eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2563
shCore.css
galasoft.ch/layout/code/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/layout/code/shCore.css
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b58d4522947809ad4536ce04640877ee2d5c999f49a3c77d9549ea6a380cbbd0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:00 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1587
shThemeVS2012Light.css
galasoft.ch/layout/code/ 		2 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/layout/code/shThemeVS2012Light.css
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d49f5c26d28783d1b672d1c61fa620723444e47de82ada528a172bc2b0a1691

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:00 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
639
shCore.js
galasoft.ch/script/code/ 		16 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shCore.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6dbf4654879f75b7ad27e267f7d2eded08373ad9399fda728d068d791d543adc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
10552
shBrushCSharp.js
galasoft.ch/script/code/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushCSharp.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bfa4f9c5c33be03258c362ccd5ba0982135bf37f62046d0a5e65b0e8eb54241

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1370
shBrushCss.js
galasoft.ch/script/code/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushCss.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e681d66f2bb8fc8b501b3b02f52744271f8e4936c4ebe1b81fac9cddafcc2485

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2810
shBrushJScript.js
galasoft.ch/script/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushJScript.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d65918c3c3adb72d7c72492ed9f91ed704612f46282de25da12816fe069bb59b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:00 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
928
shBrushPlain.js
galasoft.ch/script/code/ 		783 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushPlain.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a078836bb41c26ffa505627c4ee1859c39778e3cdd5ed5d7d81ad047922c6b1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
524
shBrushXml.js
galasoft.ch/script/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushXml.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
93cc64a5d9d9d177b8f0a20709dde88c1834837f4874479f4c1c57fa2da025da

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1115
shBrushPowerShell.js
galasoft.ch/script/code/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushPowerShell.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82d27ea5d429114f5f3cc9a37e41b32cd1a50573fb547f1c5f93267d6d394c78

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1978
HeaderHead.png
galasoft.ch/_old/layout/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/layout/HeaderHead.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f89807343cf609f6240174c531bb4c35fb4fc45cc9b1cf630b3935ac4f1faa48

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4703
HeaderLogo.png
galasoft.ch/_old/layout/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/layout/HeaderLogo.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff3617a12d1691296933ec180d886baeb9d7a073a1e3782c9456d23428bfec45

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4845
profile.jpg
galasoft.ch/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/images/profile.jpg
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f8bcdccb04fe84f378924da66af8589ac8bf685fa4fc7fefecebe35ad19f951a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:00 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"04cc8852eb4d61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
17053
logo_120x30.png
galasoft.ch/_old/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/logo_120x30.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
929c903174e996005b91087025e8ed45e776f017742a10f873ab36035fc1b1d1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:00 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3086
RQnXDKV.png
i.imgur.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/RQnXDKV.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8c9a3f6cb23db666a4dd6a50378bd86ef07d055caeb0d1068c761869675dc0ca
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
1326110
x-cache
HIT, HIT
content-length
23962
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra19179-FRA
last-modified
Fri, 03 Dec 2021 08:37:24 GMT
server
cat factory 1.0
x-timer
S1644429542.594031,VS0,VE1
etag
"d9f2bc0f2d5368d66e29ce68e71a3a4e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
DMJvFuO.png
i.imgur.com/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DMJvFuO.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5ea63677c0a6fb2416c7491ca64d7e92ffd741de9e4056a5b00fe8e53e7cb926
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
1002561
x-cache
HIT, HIT
content-length
22878
x-served-by
cache-iad-kcgs7200061-IAD, cache-fra19179-FRA
last-modified
Fri, 03 Dec 2021 08:36:02 GMT
server
cat factory 1.0
x-timer
S1644429542.594044,VS0,VE2
etag
"66e17efa18c10ab632751ad7a60e0ad6"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
5XOVHoY.png
i.imgur.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/5XOVHoY.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8e3f2accb9d3fae77940287661f833aa76ed87f61e285d40bb9cd515f1b35783
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
1649130
x-cache
HIT, HIT
content-length
23450
x-served-by
cache-iad-kiad7000029-IAD, cache-fra19179-FRA
last-modified
Sat, 20 Nov 2021 15:23:44 GMT
server
cat factory 1.0
x-timer
S1644429542.594130,VS0,VE2
etag
"2a69ae54aada08e2ddb5161a41e6fc5d"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
DvsPpbC.png
i.imgur.com/
Redirect Chain
  • https://imgur.com/DvsPpbC.png
  • https://i.imgur.com/DvsPpbC.png
80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DvsPpbC.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ad3b8ad629dfa55519a87d83749ab11a88334ed85fc117474c51070e625004c9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
2962253
x-cache
HIT, HIT
content-length
81463
x-served-by
cache-iad-kiad7000154-IAD, cache-fra19179-FRA
last-modified
Mon, 04 Oct 2021 10:07:15 GMT
server
cat factory 1.0
x-timer
S1644429542.596485,VS0,VE2
etag
"9ca556025a35574eff77764a370cc0cf"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

date
Wed, 09 Feb 2022 17:59:01 GMT
server
cat factory 1.0
x-timer
S1644429542.577162,VS0,VE0
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/DvsPpbC.png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
x-cache-hits
0
strict-transport-security
max-age=300
accept-ranges
bytes
access-control-allow-origin
https://imgur.com
content-length
0
retry-after
0
x-served-by
cache-ams21061-AMS
iXcJPNX.png
i.imgur.com/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/iXcJPNX.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
dac40bfa1b053b284d8fe9c1b5e89aa7eff2510c755c15a0fad7ac9ce18747df
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
4132303
x-cache
HIT, HIT
content-length
85323
x-served-by
cache-iad-kjyo7100093-IAD, cache-fra19179-FRA
last-modified
Mon, 04 Oct 2021 10:07:15 GMT
server
cat factory 1.0
x-timer
S1644429542.594068,VS0,VE2
etag
"8158c9d7deef6215c4963f98d54491f4"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
KaE7doy.png
i.imgur.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/KaE7doy.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
49d2fcc3b11e4b0b87d9d3e79c1fd78cf920f35fe29657daa97eddce3afec1da
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
1320793
x-cache
HIT, HIT
content-length
25709
x-served-by
cache-iad-kjyo7100173-IAD, cache-fra19179-FRA
last-modified
Thu, 16 Sep 2021 12:31:39 GMT
server
cat factory 1.0
x-timer
S1644429542.594209,VS0,VE2
etag
"dca518cd238159bd3f98366186d108d9"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
HV8ue4v.png
i.imgur.com/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HV8ue4v.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
27d91bf12ed58f45909e9377f210972f0178aa9bad74e084fe3416608eba00b9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-content-type-options
nosniff
age
6765743
x-cache
HIT, HIT, HIT
content-length
64548
x-served-by
cache-bwi5171-BWI, cache-iad-kcgs7200166-IAD, cache-fra19179-FRA
last-modified
Mon, 22 Mar 2021 08:20:17 GMT
server
cat factory 1.0
x-timer
S1644429542.593805,VS0,VE2
etag
"9970f64638f635c4bdc815397f51632a"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1, 1
MVVM_BlackText_190x147.png
galasoft.ch/_old/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/MVVM_BlackText_190x147.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3614d348d7184c23b569bfa7faca484b9da3e6f7f55b39ed9e46745b23598c16

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
27361
paypal.png
galasoft.ch/_old/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/paypal.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f0ed7fc3db22bb5c5da56afdb99fa34ce4b9ad255fabbccab5dd155b3a85fcbc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1921
XamarinCertifiedBadge.png
galasoft.ch/_old/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/XamarinCertifiedBadge.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb8efda14783f4d733266bd5e188e6664127aba26bcf892ff79a59040df79ca7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:59:01 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
42657
a.min.js
cdn1.developermedia.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.developermedia.com/a.min.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
23cc012647ba52fcd608113fccf328e42061421ae723cfa607e0b89a96ff3c5f

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
content-encoding
gzip
etag
"0bbb5a5c645d61:0"
last-modified
Thu, 18 Jun 2020 23:17:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
9352
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn1.developermedia.com
URL: https://cdn1.developermedia.com/a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ecac26bbc61e581a066cd417c06231334e34822d49e58918ddc5689eaefd872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27282
x-xss-protection
0
server
sffe
etag
"1126 / 217 of 1000 / last-modified: 1644427664"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Feb 2022 17:59:02 GMT
pubads_impl_2022020701.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122460
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Feb 2023 14:55:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		46 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=galasoft.ch
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2c0bbebd8b530fc02a6482279e2190e080d2306ece2ab3bd2b9b783682e5363b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58
x-xss-protection
0
expires
Wed, 09 Feb 2022 17:59:02 GMT
GetTerms
apps.developermedia.com/Ads/PageTerms/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apps.developermedia.com/Ads/PageTerms/GetTerms
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://galasoft.ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Content-Type, Accept
access-control-max-age
1728000
x-powered-by
ASP.NET
date
Wed, 09 Feb 2022 17:59:01 GMT
content-length
0
GetTerms
apps.developermedia.com/Ads/PageTerms/ 		159 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps.developermedia.com/Ads/PageTerms/GetTerms
Requested by
Host: cdn1.developermedia.com
URL: https://cdn1.developermedia.com/a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52a9e56d507364e8e25d3d4d393d272a8744ba6ff80173625de9079687f42e66

Request headers

Referer
https://galasoft.ch/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Feb 2022 17:59:01 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
159
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=galasoft.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=galasoft.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		434 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3137034970148064&correlator=908395910661381&output=ldjh&eid=31064672%2C31064765%2C31062931%2C44755509&output=ldjh&gdfp_req=1&vrg=2022020701&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220209&iu_parts=6839%2Clqm.galasoftlaurent.site%2Cron&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60&prev_scp=kw%3D%252C%252C&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644429542752&lmt=1644429542&dlt=1644429541356&idt=935&frm=20&biw=1600&bih=1200&oid=2&adxs=601&adys=901&adks=1512318294&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgalasoft.ch%2F&vis=1&scr_x=0&scr_y=0&psz=620x60&msz=468x-1&ga_vid=236200766.1644429543&ga_sid=1644429543&ga_hid=466396382&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
18adaf21e3800c82172abf70217c9269e6d2f90d58b2336321c825da13060fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://galasoft.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3137034970148064&correlator=908395910661381&output=ldjh&eid=31064672%2C31064765%2C31062931%2C44755509&output=ldjh&gdfp_req=1&vrg=2022020701&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220209&iu_parts=6839%2Clqm.galasoftlaurent.site%2Cron&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=kw%3D%252C%252C&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644429542756&lmt=1644429542&dlt=1644429541356&idt=935&frm=20&biw=1600&bih=1200&oid=2&adxs=395&adys=204&adks=3180670870&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgalasoft.ch%2F&vis=1&scr_x=0&scr_y=0&psz=175x600&msz=160x-1&ga_vid=236200766.1644429543&ga_sid=1644429543&ga_hid=466396382&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a82afcb3c8fc1e267a246fcba2c238c8c4c8ba2b7924e44487a74cbcba531935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19853
x-xss-protection
0
google-lineitem-id
5834119844
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377678135
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://galasoft.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50cec404ca35f1397287f40f02ef63a401bb5b128cd706f2279fb5daf6ccb9c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9910
x-xss-protection
0
container.html
a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 067B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 09 Feb 2022 17:59:02 GMT
expires
Thu, 09 Feb 2023 17:59:02 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 07E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudCSZu_TT9wGVoUlX2fPmCT8ocZrfvkNYfYFl6AcV90-aP7mjD1fkO3lPFZ2d_xCtiqpuf1BTUWlOR_RAukudQn6JBESuJMAR9p6F9EZoIj2GcfjCchrTF6sUY0Ajv5A7AMbysv36VZn7WgLFvwNm59m8SKKyI3nxqQhulSH5hmeCIuxINa5Iie2kNcN0RAHMCqaBmrnihykGyvybWHcLZGWHb_qEqNY5C63Di84mYRsBLqVlS9u-eJ1m6vJp57YZ9huEtH4fK8LjtGRJgeo7U7BFeE8mgWvwbni9QBV-5SaglPxeNAFgEuyz6A-sqPE4ahG0Q0WtQpU8c4QnN2H4WgOOQkg9nV9ulwWBvioNfN9r4dZl2luaq9UlN&sai=AMfl-YR-iJaIGodxi-tjhcSDl_b4pjzjLgyYqyZ6JpS8Wa4THdE-Yhj8m2HCxHbhJfYtHbIIYKON6IBq15X58J-ZJJjpXwgv6lMLehmDCOWip1dJC6E4KTdYgI3jshvsagc&sig=Cg0ArKJSzC4ucLtHt9bJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:59:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 09 Feb 2022 17:59:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 07E3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 15:11:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07E3 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644237382599929"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 17:59:03 GMT
12533974922501701526
s0.2mdn.net/simgad/ Frame 07E3 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12533974922501701526
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14aa4d42029cef3544856b9779a1436f3ef1c9b3b40db8c7bf809e8b161a0f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 07:03:48 GMT
x-content-type-options
nosniff
age
212114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65306
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 19:17:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 07:03:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 17:59:02 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 84BE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 15:11:50 GMT
expires
Thu, 09 Feb 2023 15:11:50 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
10033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D85F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 17:55:14 GMT
expires
Thu, 09 Feb 2023 17:55:14 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
229
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 401C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8a8412f1d29f1a5e66830525b89abc119f005cadeed3c8702cc406ad3c180165
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OHA7wbMB0HYc+CBPAZxvuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 09 Feb 2022 17:59:03 GMT
date
Wed, 09 Feb 2022 17:59:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-OHA7wbMB0HYc+CBPAZxvuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
pagead2.googlesyndication.com/bg/ Frame 84BE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
36345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13808
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 07:53:18 GMT
OJsPeSlINeJyzOQXpTvtD9cMgHq4K4YXI50fjA0xvQc.js
pagead2.googlesyndication.com/bg/ Frame D85F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OJsPeSlINeJyzOQXpTvtD9cMgHq4K4YXI50fjA0xvQc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
389b0f79294835e272cce417a53bed0fd70c807ab82b8617239d1f8c0d31bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13596
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 15:59:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 401C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020701&jk=3137034970148064&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 07E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0yUdsSr4BNmyBvzxdokvgd1pKWSjK10bRsqj-606PK0tId_M-2WDC9LwrIAZmeuHWWWgfzZKJeU7djFku0xDn-NSjqjyIgmyuTcplSszUUA_UGk8ogyKz15PtaGdyS18nVuP4cziQ4Wv837mRXnFPJOGR8wusJTmwQtWMyQnoWZ3icL7S5A-F8NwEGLGtARrztFYCa45OrrAoEA_tqE3mbmt4dhZOOHme-ddBBZ-8HzAp-awV94ZcOzkmZxXmjjnPtfMp2Pr92WQgWBLk5wqo_yQKI1jBceo7YWfebn2MomTI6WAgcqs-j9cVkbeKcQSrWGp6xg&sai=AMfl-YSXsB4V6MvCd5E9fYy5m2rYAOQ1BKI_qY-xZ50M649FbuzQ7FkYdCLu2hnQgin-_z5_Dfp4SW7nD1QU7gty0k2pe5MC7lGOzdWbX6cUbtO3rTy1F5e3e6z11qfnc0o&sig=Cg0ArKJSzCxCZ2tlThrOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:59:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 09 Feb 2022 17:59:03 GMT
truncated
/ Frame 07E3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
910475e3067ce3f16f6648b92a9ceafad3d76262b0076d368afe0d3c2c41d641

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame D85F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DchNCw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:59:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84BE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5t7Y5gAEYqnwL_eGjuwP5qmzoA0AAAAAOAHgBAI&bg=!2dql2p7NAAa4sGsQuLA7ACkAdvg8WjrESnB62z8xzImdpVwblna1XV30EKAH2_M_6LJP9vPjwojpbwIAAAB4UgAAAANoAQcKAJ8ENw8WkA_0xMs8VlWKn96SIb3VbQkDAF20ix4p4BgI8LcRMBnqcXLuWwwD5imADhmTSd-eavNr_cL5LnVNP7a32Dyq2AsKHnfyOds72hIZFRyqW0FykvyGiku-xl7kveeebTBk4qpFf8aFgsECb1o1cfex5kHTnL4-jcXv8ruWTTvLpQmBabrDlKQnR2mi54z933yEN39RxSQnNhc81AaZApROVRMhorF4P46kFTYkfWIxiVm8o7rbuNiXP87WhBkONYnJJxgLU91tZtXNh--6xcosPHRRd82s-Lt2GtqEBpiVFVBKCPMXohmcB4DVHuHSvbnF5tdjsOLTL0WVkSu47QGfSSsi1X_i3h66FpbYhRcw_ZgplOyLWB8gNWaTCDXSxFMGeRO0tbf8aMjS9sr6mHxK2mg-PO45tdh0HLJM0oxr9ONz1u9Q9JeXxdYcU7OKqVZDPXbcIZ6n2dOGVyHF_AQdG1LBQEmRkaQK98Id7BHT2S1Rzb5PvHjkNUoucQKRVaPH5NeYWB8R86zdgjJoiw4Gdjdr112HhkSt2g7Rh30EWQV0uff-PvZkJR34cdRcn_oXm9Ds3uAqjJRmduLpPPYsXaSCHlp5bkRcFSitbllCTchmSRwo2Z0a3NccEvFQki3Of-zSi7QeVOt4mk-KiFWfTlTBAFakDLNbOL9f-zXzE-L9gEc40h5cvi6v7AbqjyQcgp_LSbNbYirgQScwKqMXbi3AU7DpodoX-jPYlofrZvIfHvz0W10mrpO4i47kSVu2_vQTwga1RqMHP5zcC_1ExeL7L1P8vfzbr9-ZgbtOBcBdx6H8vRtasXl27mbMT9advEXqUvt4rdePOTy1AS3a-qPI9GdOuxNgyZaJEgJLuu2JtNdj0-mKXCm1XKEqDla3--0bF3BwhRypbNhfRLUiD12-FiuUYmf94qOOB54VWrNP-8Yo2vObmpwxSI0eNJ7vOGYaFKILNDhLe0wLNQsk7X8bseZ02DGeZ79W9prwWuk9kFHNhe7iFyooP972IXVPwJTlxFkaYFgi8DVYK2zy-SZFCIK5jk6wTPrrLD5CVPnk-8lDKyREXBdOSY6iWnWCx_U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 17:59:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020701&jk=3137034970148064&bg=!d3SldDDNAAa4sGsQuLA7ACkAdvg8Wn5IfJz2j08Z47yXI0HqbxhYDhXm6GqaeVSyCSlJUCJX1Zy5uQIAAAB0UgAAAAloAQcKAJNlVO-YkEPN4HCET02yJksoCnB-gjrrsavhF2QmYUvMRQ8MJwFe3M_W5xuektczP9SziJj9Dx6Eig1JsjAM62Ito70-LiJPW82u5mra6kw_y_7ntwpbPR6wb6mVKn8855kx0t8HQxYJnmNck1EfutVy2vm5axM23L0Lk1UYKRLZx8G5Hsj0iCxjdHkQIJGsUHvJZ5OZAnxvNJ9zkyb8ShWj_BUX6NhYOnEHH6vl3lYVdrc_2ugqD_oZeZOx0hX0JH9zOoXXqD6Cr0_m7Xxl-XlmTlarluwL76z_kYn3o_KfY5SUuYwnLc7IZYOAngP0YigHD2pJma6nOKEo9l9cvh-DkHvvfXGhL99BoRf1704XtfYyqhZD-PaqCYsPQspUEtNOfr0wngxT9xluGiyce-9hmP04allHEVNhzHAQ5e61TH4y0F3MfiGYrqj9RrthvdxNfaG0Ufu_xi-Pr8NuI6mqhRXR9WPrzBKWhaMbUSPHuK1yyPO_dXZMF0LWRXfmh5mQH_YLk7xnJD7nDBU3GNICFiIw_QptSplx5qI_sSwux9wQhf4hn01C4K_hXelZjztF1gKtzFuP4aL0s0BjdSgLn7iEyNODtXuXkNkbqmll_LAKgiAer8Xd824iKfDGW-uqRLMbl6_JYz_xEk4tngCDw_ZEdh1uFW8hdXhYAPzTxIXeUIX3o_nw9V5PXoPJEbkJNKnw9lLTvxaKTGlfzcZvqGsD3ToidfEBTHLKtCqTOZ9nPKvhf67R47pChcOTbGITL-pwkLQZM4O5HCrmS3g6kB-3dsLkfsGWEyNIxTYRN9LeG3ALBGsyxG1EhaIjcMOc7s_dJVsYPLvPSEaEDXUboloX_D6eVn3C6m8r43DhXroRq4EEeY2DwkACxNLX-gI51Wsk7MhSTS0KGH8NfzehE_3ssstbvVIdG-uNFmYrogDS68BHDEX4a37br_afhKoyew25SK0bEkPii7GFl0RMr16pmL9DCakcx8ehg5853hfNAoU1Q35GklCgpkMzGREA7tCy6vci6gdhA6zq5UtOZjY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 17:59:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 07E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXvkG7U3HpXUbqxZmjpkNzjMl718GEX0tKAohd5rW0D5utayaqlKXsrll7wUyXO9funyAOPeb_-VDbq45W65M1eUU6cYAMHDK9ZtdN4IiGjPq_th8bPsSeKx8c2IqL3MwgZpDfI79yL0TGJf_lYJtxtkplfZjQmuHe2Ow3Fo3C&sig=Cg0ArKJSzAWlBi67zcv2EAE&id=lidar2&mcvt=1000&p=204,395,804,555&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3180670870&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644429542859&rpt=284&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 17:59:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone function| XRegExp object| SyntaxHighlighter function| _dmBootstrap function| _dmFollowup object| googletag boolean| SendDmAdUid boolean| SendSearchTermsToServer string| CodeProjectPublisherId boolean| EnableMutableAds boolean| EnableViewOnScroll string| adServer string| SearchTermUrl string| AdClickUrl string| DownvoteUrl string| UndoDownvoteUrl string| ReportAdUrl string| GlobalIdUrl string| CloseAdImageUrl string| UndoCloseAdImageUrl string| DmLogoImageUrl object| PIIViolatingUrls object| DMAdXHelper object| DMUserIdentityHelper object| DMAds object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.www.galasoft.ch/ Name: ARRAffinity
Value: 794d2e29b216a38426e6c6e3e51535ed1e4150c79377b11d366a1dca183f4849
.galasoft.ch/ Name: ARRAffinity
Value: 794d2e29b216a38426e6c6e3e51535ed1e4150c79377b11d366a1dca183f4849
.galasoft.ch/ Name: ARRAffinitySameSite
Value: 794d2e29b216a38426e6c6e3e51535ed1e4150c79377b11d366a1dca183f4849
.galasoft.ch/ Name: __gads
Value: ID=5d4aeb2926883cf8-2272e56b3acd0043:T=1644429542:S=ALNI_MZH_gKNxfpgl4Qd8QS7RnOlC8Uv1Q
.doubleclick.net/ Name: IDE
Value: AHWqTUn2MG6jVaNYcExoWDzDRA-FHbxJcVxP15xW32LW-uNutigonY5LsNhAcdWGxgM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19525a91edd1abda41fa01856342927.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
apps.developermedia.com
cdn1.developermedia.com
galasoft.ch
googleads4.g.doubleclick.net
i.imgur.com
imgur.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.galasoft.ch
www.google.com
www.googletagservices.com
142.250.185.98
142.250.186.98
151.101.12.193
199.232.192.193
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
52.174.235.29
76.74.234.208
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14aa4d42029cef3544856b9779a1436f3ef1c9b3b40db8c7bf809e8b161a0f28
18adaf21e3800c82172abf70217c9269e6d2f90d58b2336321c825da13060fff
1bfa4f9c5c33be03258c362ccd5ba0982135bf37f62046d0a5e65b0e8eb54241
23cc012647ba52fcd608113fccf328e42061421ae723cfa607e0b89a96ff3c5f
27d91bf12ed58f45909e9377f210972f0178aa9bad74e084fe3416608eba00b9
2c0bbebd8b530fc02a6482279e2190e080d2306ece2ab3bd2b9b783682e5363b
3614d348d7184c23b569bfa7faca484b9da3e6f7f55b39ed9e46745b23598c16
389b0f79294835e272cce417a53bed0fd70c807ab82b8617239d1f8c0d31bd07
3d49f5c26d28783d1b672d1c61fa620723444e47de82ada528a172bc2b0a1691
49d2fcc3b11e4b0b87d9d3e79c1fd78cf920f35fe29657daa97eddce3afec1da
4a69f639a23ced1fea55a1babd58dcbc90e786aaa6a81a84a32d6a9c28cbe3e2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50cec404ca35f1397287f40f02ef63a401bb5b128cd706f2279fb5daf6ccb9c9
52a9e56d507364e8e25d3d4d393d272a8744ba6ff80173625de9079687f42e66
5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a078836bb41c26ffa505627c4ee1859c39778e3cdd5ed5d7d81ad047922c6b1
5ea63677c0a6fb2416c7491ca64d7e92ffd741de9e4056a5b00fe8e53e7cb926
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6dbf4654879f75b7ad27e267f7d2eded08373ad9399fda728d068d791d543adc
7bfa30c03f54b37ef65cc4bffc9e7132a0b8e1fb7372cb1a37c4cb1750304bd7
82d27ea5d429114f5f3cc9a37e41b32cd1a50573fb547f1c5f93267d6d394c78
8a8412f1d29f1a5e66830525b89abc119f005cadeed3c8702cc406ad3c180165
8c9a3f6cb23db666a4dd6a50378bd86ef07d055caeb0d1068c761869675dc0ca
8e3f2accb9d3fae77940287661f833aa76ed87f61e285d40bb9cd515f1b35783
8ecac26bbc61e581a066cd417c06231334e34822d49e58918ddc5689eaefd872
910475e3067ce3f16f6648b92a9ceafad3d76262b0076d368afe0d3c2c41d641
929c903174e996005b91087025e8ed45e776f017742a10f873ab36035fc1b1d1
93cc64a5d9d9d177b8f0a20709dde88c1834837f4874479f4c1c57fa2da025da
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
a82afcb3c8fc1e267a246fcba2c238c8c4c8ba2b7924e44487a74cbcba531935
ad3b8ad629dfa55519a87d83749ab11a88334ed85fc117474c51070e625004c9
b58d4522947809ad4536ce04640877ee2d5c999f49a3c77d9549ea6a380cbbd0
cb8efda14783f4d733266bd5e188e6664127aba26bcf892ff79a59040df79ca7
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
d65918c3c3adb72d7c72492ed9f91ed704612f46282de25da12816fe069bb59b
dac40bfa1b053b284d8fe9c1b5e89aa7eff2510c755c15a0fad7ac9ce18747df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e681d66f2bb8fc8b501b3b02f52744271f8e4936c4ebe1b81fac9cddafcc2485
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ed7fc3db22bb5c5da56afdb99fa34ce4b9ad255fabbccab5dd155b3a85fcbc
f89807343cf609f6240174c531bb4c35fb4fc45cc9b1cf630b3935ac4f1faa48
f8bcdccb04fe84f378924da66af8589ac8bf685fa4fc7fefecebe35ad19f951a
ff3617a12d1691296933ec180d886baeb9d7a073a1e3782c9456d23428bfec45