tr.vessoft.com Open in urlscan Pro
2a01:4f8:202:3036::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dl3.vessoft.com/files3/i/itools_windows/4.4.3.9/aa7990c82611a1555254dad76e9f5349a739d3e9/itoolssetup_4439.exe?st...
Effective URL:
https://tr.vessoft.com/software/windows/download/itools
Submission Tags: falconsandbox
Submission: On April 21 via api (April 21st 2021, 5:49:10 am UTC) from US

Summary HTTP 118 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 118 HTTP transactions. The main IP is 2a01:4f8:202:3036::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is tr.vessoft.com.
TLS certificate: Issued by R3 on April 6th 2021. Valid for: 3 months.

This is the only time tr.vessoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	84.16.241.70 84.16.241.70	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
9	2a01:4f8:202:... 2a01:4f8:202:3036::2	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
6	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f113:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2 3	13.224.102.86 13.224.102.86	16509 (AMAZON-02) (AMAZON-02)
4 7	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	52.215.145.5 52.215.145.5	16509 (AMAZON-02) (AMAZON-02)
3 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
118	27

1 84.16.241.70 (Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)

dl3.vessoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:4f8:202:3036::2 (Germany)

ASN24940 (HETZNER-AS, DE)

tr.vessoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vessoftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

vessoft.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.102.86 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-86.zrh50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.145.5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-145-5.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	194 KB
17	disquscdn.com c.disquscdn.com a.disquscdn.com	541 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	221 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	55 KB
12	disqus.com vessoft.disqus.com disqus.com referrer.disqus.com glitter.services.disqus.com links.services.disqus.com	58 KB
8	vessoftstatic.com vessoftstatic.com	22 KB
7	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
7	google.com 2 redirects adservice.google.com apis.google.com www.google.com accounts.google.com	40 KB
4	facebook.net connect.facebook.net	132 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	rezync.com 2 redirects live.rezync.com	3 KB
3	facebook.com www.facebook.com	15 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagservices.com www.googletagservices.com	100 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	criteo.com 2 redirects gum.criteo.com	743 B
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	fbcdn.net static.xx.fbcdn.net	126 KB
2	narrative.io 1 redirects io.narrative.io	775 B
2	viglink.com cdn.viglink.com	699 B
2	googletagmanager.com www.googletagmanager.com	64 KB
2	vessoft.com 1 redirects dl3.vessoft.com tr.vessoft.com	19 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	258 B
118	24

	Domain	Requested by
15	c.disquscdn.com	vessoft.disqus.com tr.vessoft.com disqus.com c.disquscdn.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	tr.vessoft.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
8	vessoftstatic.com	tr.vessoft.com
5	idsync.rlcdn.com	2 redirects c.disquscdn.com live.rezync.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	disqus.com	vessoft.disqus.com c.disquscdn.com
4	connect.facebook.net	tr.vessoft.com connect.facebook.net c.disquscdn.com
3	ib.adnxs.com	3 redirects
3	live.rezync.com	2 redirects c.disquscdn.com
3	links.services.disqus.com	c.disquscdn.com
3	www.facebook.com	c.disquscdn.com connect.facebook.net
3	referrer.disqus.com	tr.vessoft.com c.disquscdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com tr.vessoft.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	tr.vessoft.com googleads.g.doubleclick.net
2	gum.criteo.com	2 redirects
2	p.rfihub.com	2 redirects
2	static.xx.fbcdn.net	www.facebook.com
2	io.narrative.io	1 redirects
2	ejp.rlcdn.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	www.google.com	2 redirects
2	cdn.viglink.com	tr.vessoft.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	a.disquscdn.com	tr.vessoft.com c.disquscdn.com
2	www.googletagmanager.com	tr.vessoft.com
1	cm.g.doubleclick.net	1 redirects
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vessoft.disqus.com	tr.vessoft.com
1	tr.vessoft.com
1	dl3.vessoft.com	1 redirects
118	39

This site contains links to these domains. Also see Links.

Domain
www.thinkskysoft.com
dl3.vessoft.com
en.vessoft.com
az.vessoft.com
tk.vessoft.com
uz.vessoft.com
uk.vessoft.com
fr.vessoft.com
am.vessoft.com
ar.vessoft.com
be.vessoft.com
bg.vessoft.com
bn.vessoft.com
ca.vessoft.com
cs.vessoft.com
da.vessoft.com
de.vessoft.com
el.vessoft.com
es.vessoft.com
et.vessoft.com
fa.vessoft.com
fi.vessoft.com
gu.vessoft.com
he.vessoft.com
hi.vessoft.com
hr.vessoft.com
hu.vessoft.com
hy.vessoft.com
id.vessoft.com
is.vessoft.com
it.vessoft.com
ja.vessoft.com
ka.vessoft.com
kk.vessoft.com
km.vessoft.com
ko.vessoft.com
ky.vessoft.com
lt.vessoft.com
lv.vessoft.com
lzh.vessoft.com
mn.vessoft.com
mr.vessoft.com
ms.vessoft.com
nl.vessoft.com
no.vessoft.com
pl.vessoft.com
pt.vessoft.com
ro.vessoft.com
ru.vessoft.com
si.vessoft.com
sk.vessoft.com
sl.vessoft.com
sq.vessoft.com
sr.vessoft.com
sv.vessoft.com
th.vessoft.com
tl.vessoft.com
tt.vessoft.com
ur.vessoft.com
vi.vessoft.com
zh.vessoft.com

Subject Issuer	Validity	Valid
second.vessoft.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
first.vessoft.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-04-06` - `2021-10-13`	6 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2021-03-31` - `2021-12-27`	9 months	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://tr.vessoft.com/software/windows/download/itools
Frame ID: 73BDD58372A53BDB47403CBD7D90E28A
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html
Frame ID: 19F59CC0965B42AF99A7F1A8E8C19123
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89
Frame ID: 37F5E12EB147B9AA8C52D496DFAB58E1
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82
Frame ID: 682FDD021A599EF510C31CC55C664288
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&adk=1812271804&adf=3025194257&lmt=1618984133&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133256&bpp=1&bdt=140&idt=75&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90%2C580x400&nras=1&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=81
Frame ID: 49FF2AAF3E176DD31C985D1705A33E4B
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
Frame ID: 2480198A5167BEC3C2706B8EB10CDA0C
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7025C19F964FB1CFE5DE8DAF7FC74B7C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 889E6E5D0382B10CC3F9CCD799A39A19
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: D63ABAC7B96C1FCB9292112D1D04FBC4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5F5502BB4EDCD72F0B9B3E52003367B6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16972819e95038%26domain%3Dtr.vessoft.com%26origin%3Dhttps%253A%252F%252Ftr.vessoft.com%252Ff3a1548f69eda88%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false&size=large
Frame ID: CC1DE03B491F0780E25A56DBCD7F4CC0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 074A4720D20DCEFE1295829133027A42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FF4DF82FA88F3C09FCB1875CB5ED265D
Requests: 2 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8aa59ft2c3ou2g&pctry=CH&referrer=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
Frame ID: 06ABE49CDFB3BBDC2B6D5B26D25DA2B4
Requests: 3 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESENc7CiG0f2_k28pnfbJ8eF0&google_cver=1
Frame ID: 86EBA02AD3BD7694B340F26BB4169007
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dl3.vessoft.com/files3/i/itools_windows/4.4.3.9/aa7990c82611a1555254dad76e9f5349a739d3e9/ito... HTTP 301
https://tr.vessoft.com/software/windows/download/itools Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

118
Requests

100 %
HTTPS

64 %
IPv6

24
Domains

39
Subdomains

27
IPs

5
Countries

1612 kB
Transfer

3865 kB
Size

12
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thinkskysoft.com/itools/
Title: iTools

Search URL Search Domain Scan URL

URL: https://dl3.vessoft.com/files3/i/itools_windows/4.4.5.6/6b768f3da268dd9264daed7407b58d901c59e84d/itoolssetup_4456.exe?st=oKcvSKobn-jBVz2QrAY8NA&e=1618998533&f=https://tr.vessoft.com/software/windows/download/itools
Title: İndir iTools

Search URL Search Domain Scan URL

URL: https://en.vessoft.com/software/windows/download/itools
Title: English

Search URL Search Domain Scan URL

URL: https://az.vessoft.com/software/windows/download/itools
Title: Azərbaycanca

Search URL Search Domain Scan URL

URL: https://tk.vessoft.com/software/windows/download/itools
Title: Türkmen

Search URL Search Domain Scan URL

URL: https://uz.vessoft.com/software/windows/download/itools
Title: Oʻzbekcha

Search URL Search Domain Scan URL

URL: https://uk.vessoft.com/software/windows/download/itools
Title: Українська

Search URL Search Domain Scan URL

URL: https://fr.vessoft.com/software/windows/download/itools
Title: Français

Search URL Search Domain Scan URL

URL: https://am.vessoft.com/software/windows/download/itools
Title: አማርኛ

Search URL Search Domain Scan URL

URL: https://ar.vessoft.com/software/windows/download/itools
Title: العربية

Search URL Search Domain Scan URL

URL: https://be.vessoft.com/software/windows/download/itools
Title: Беларуская

Search URL Search Domain Scan URL

URL: https://bg.vessoft.com/software/windows/download/itools
Title: Български

Search URL Search Domain Scan URL

URL: https://bn.vessoft.com/software/windows/download/itools
Title: বাংলা

Search URL Search Domain Scan URL

URL: https://ca.vessoft.com/software/windows/download/itools
Title: Català

Search URL Search Domain Scan URL

URL: https://cs.vessoft.com/software/windows/download/itools
Title: Čeština

Search URL Search Domain Scan URL

URL: https://da.vessoft.com/software/windows/download/itools
Title: Dansk

Search URL Search Domain Scan URL

URL: https://de.vessoft.com/software/windows/download/itools
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://el.vessoft.com/software/windows/download/itools
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://es.vessoft.com/software/windows/download/itools
Title: Español

Search URL Search Domain Scan URL

URL: https://et.vessoft.com/software/windows/download/itools
Title: Eesti

Search URL Search Domain Scan URL

URL: https://fa.vessoft.com/software/windows/download/itools
Title: فارسی

Search URL Search Domain Scan URL

URL: https://fi.vessoft.com/software/windows/download/itools
Title: Suomi

Search URL Search Domain Scan URL

URL: https://gu.vessoft.com/software/windows/download/itools
Title: ગુજરાતી

Search URL Search Domain Scan URL

URL: https://he.vessoft.com/software/windows/download/itools
Title: עברית

Search URL Search Domain Scan URL

URL: https://hi.vessoft.com/software/windows/download/itools
Title: हिन्दी

Search URL Search Domain Scan URL

URL: https://hr.vessoft.com/software/windows/download/itools
Title: Hrvatski

Search URL Search Domain Scan URL

URL: https://hu.vessoft.com/software/windows/download/itools
Title: Magyar

Search URL Search Domain Scan URL

URL: https://hy.vessoft.com/software/windows/download/itools
Title: Հայերեն

Search URL Search Domain Scan URL

URL: https://id.vessoft.com/software/windows/download/itools
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://is.vessoft.com/software/windows/download/itools
Title: Íslenska

Search URL Search Domain Scan URL

URL: https://it.vessoft.com/software/windows/download/itools
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ja.vessoft.com/software/windows/download/itools
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ka.vessoft.com/software/windows/download/itools
Title: ქართული

Search URL Search Domain Scan URL

URL: https://kk.vessoft.com/software/windows/download/itools
Title: Қазақша

Search URL Search Domain Scan URL

URL: https://km.vessoft.com/software/windows/download/itools
Title: ខ្មែរ

Search URL Search Domain Scan URL

URL: https://ko.vessoft.com/software/windows/download/itools
Title: 한국어

Search URL Search Domain Scan URL

URL: https://ky.vessoft.com/software/windows/download/itools
Title: Кыргызча

Search URL Search Domain Scan URL

URL: https://lt.vessoft.com/software/windows/download/itools
Title: Lietuvių

Search URL Search Domain Scan URL

URL: https://lv.vessoft.com/software/windows/download/itools
Title: Latviešu

Search URL Search Domain Scan URL

URL: https://lzh.vessoft.com/software/windows/download/itools
Title: 文言

Search URL Search Domain Scan URL

URL: https://mn.vessoft.com/software/windows/download/itools
Title: Монгол

Search URL Search Domain Scan URL

URL: https://mr.vessoft.com/software/windows/download/itools
Title: मराठी

Search URL Search Domain Scan URL

URL: https://ms.vessoft.com/software/windows/download/itools
Title: Bahasa Melayu

Search URL Search Domain Scan URL

URL: https://nl.vessoft.com/software/windows/download/itools
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://no.vessoft.com/software/windows/download/itools
Title: Norsk

Search URL Search Domain Scan URL

URL: https://pl.vessoft.com/software/windows/download/itools
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.vessoft.com/software/windows/download/itools
Title: Português

Search URL Search Domain Scan URL

URL: https://ro.vessoft.com/software/windows/download/itools
Title: Română

Search URL Search Domain Scan URL

URL: https://ru.vessoft.com/software/windows/download/itools
Title: Русский

Search URL Search Domain Scan URL

URL: https://si.vessoft.com/software/windows/download/itools
Title: සිංහල

Search URL Search Domain Scan URL

URL: https://sk.vessoft.com/software/windows/download/itools
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://sl.vessoft.com/software/windows/download/itools
Title: Slovenščina

Search URL Search Domain Scan URL

URL: https://sq.vessoft.com/software/windows/download/itools
Title: Shqip

Search URL Search Domain Scan URL

URL: https://sr.vessoft.com/software/windows/download/itools
Title: Српски

Search URL Search Domain Scan URL

URL: https://sv.vessoft.com/software/windows/download/itools
Title: Svenska

Search URL Search Domain Scan URL

URL: https://th.vessoft.com/software/windows/download/itools
Title: ไทย

Search URL Search Domain Scan URL

URL: https://tl.vessoft.com/software/windows/download/itools
Title: Tagalog

Search URL Search Domain Scan URL

URL: https://tt.vessoft.com/software/windows/download/itools
Title: Татарча

Search URL Search Domain Scan URL

URL: https://ur.vessoft.com/software/windows/download/itools
Title: اردو

Search URL Search Domain Scan URL

URL: https://vi.vessoft.com/software/windows/download/itools
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://zh.vessoft.com/software/windows/download/itools
Title: 中文

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dl3.vessoft.com/files3/i/itools_windows/4.4.3.9/aa7990c82611a1555254dad76e9f5349a739d3e9/itoolssetup_4439.exe?st=NxcjxsWxm2kUoDcjuODUGQ&e=1571141239&f=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools HTTP 301
https://tr.vessoft.com/software/windows/download/itools Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 117

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCMb5_oMGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENc7CiG0f2_k28pnfbJ8eF0&google_cver=1

Request Chain 118

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac8aa59ft2c3ou2g&ret=img&ref=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=41fa6e60-a265-11eb-906c-06452aced0fe&companyId=19&id=disqus_id%3Ac8aa59ft2c3ou2g&ret=img&ref=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools

Request Chain 125

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3046754569432961095 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=cf51209e-8dfa-4414-9ae5-15a5395f5249%3A1618984134.71&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc8aa59ft2c3ou2g HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c8aa59ft2c3ou2g HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3046754569432961095

Request Chain 126

https://p.rfihub.com/cm?pub=39342&in=1&userid=cf51209e-8dfa-4414-9ae5-15a5395f5249%3A1618984134.71&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316019380098446 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c8aa59ft2c3ou2g HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=ROJ97twzDcJncR3cJW7M91KCElZNtHHR

118 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request itools Show response
tr.vessoft.com/software/windows/download/
Redirect Chain

http://dl3.vessoft.com/files3/i/itools_windows/4.4.3.9/aa7990c82611a1555254dad76e9f5349a739d3e9/itoolssetup_4439.exe?st=NxcjxsWxm2kUoDcjuODUGQ&e=1571141239&f=https%3A%2F%2Ftr.vessoft.com%2Fsoftware...
https://tr.vessoft.com/software/windows/download/itools

76 KB
18 KB

48ms
19ms

Document
text/html

2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

/ Express

Resource Hash

f650c5c81a766ec723aef80c022fcc13041fcd4f314679f193cddd5e7052fe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: tr.vessoft.com
:scheme: https
:path: /software/windows/download/itools
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
set-cookie: s=qtzCw0KK; Max-Age=100000000; Path=/; Expires=Fri, 21 Jun 2024 15:35:33 GMT
etag: W/"12f34-J+QRxSZucWJ/orvQMfHus/3gl00"
strict-transport-security: max-age=15768000
alt-svc: h3-29=":443"; ma=86400
content-encoding: br

Redirect headers

Date: Wed, 21 Apr 2021 05:48:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Location: https://tr.vessoft.com/software/windows/download/itools
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"

GET
H2 200 css
fonts.googleapis.com/ 6 KB
764 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 05:10:59 GMT
server: ESF
date: Wed, 21 Apr 2021 05:48:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7e1c0ca7f4b5de4bf685edab1b4db31bff56e83fa2745700947fea85ff3095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48177
x-xss-protection: 0
server: cafe
etag: 991419791532950054
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ca2d60350fa898883e8afc83054c90db14a1da49d52c690136ab4522771623

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 640 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c6a01dbad524bcc3f3fd995f7e1fab1ca526bb3b593e52537b5845ab5ede401

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.vessoft.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 117213
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:20 GMT

GET
DATA 200
OK truncated
/ 879 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec978ae4a0e243a279bb1cdce5f9f2c70171fb8685a0bd963f2c15ca777c841

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK embed.js Show response
vessoft.disqus.com/ 73 KB
24 KB 72ms
20ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vessoft.disqus.com/embed.js

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

983b2c7848dc10fbafb0bb8ac802ae0c9f68bed5a78eb8a414004aa17bb5aa97

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:53 GMT
Content-Encoding: gzip
Server: openresty
Age: 33
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24256

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ 3 KB
2 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c75a63cda7dfe34d58dd4b827115d192490cf109ac5995e486fb41f59b28570e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: phrDLoIMf1ivKnFG39Pt4w==
cross-origin-resource-policy: cross-origin
expires: Wed, 21 Apr 2021 05:50:33 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: OigXZePH6fB/Uq9H2fYNMzx7uYCQUiMjOksPeWqeH2L+zMm7Mx0lqDxkuCLyTfnMU/+KB+GRkWrSkp3FU9ZKnw==
x-fb-trip-id: 1679558926
x-fb-content-md5: 9281df11f2ddb88dc1164c48cf8d38ef
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 21 Apr 2021 05:48:53 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e261f34ec92c0eaccdb6dac6f385f5cd"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372df7b4bbbdf6369a96ef77f2d2efbb5bb5ad43547c798de2efd00697f8468e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 229 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b92fcaf041b475253987f8a390f36d1f142be973d1c6e69afd1e7be28ea4abf0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 102434d2ce92cbf9bfca3f73eca562e57126dcb9d84963e91b016ba51e767986

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e8e40dcb524142148b849a8c34f96707fad6c726ad65edd451c4201c9e5c666

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 570 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f15f57e52f5add8ce4747718efafff30458c40a5d26d42abb63d5b7113fce5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 355 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e11ba4c66fdfddc18289ff6b33ad9b8c4f71a5807630f5286b3b6831050ec07d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b395f641b60df3299c1e1e2c0e5521433f1f5acff3ccc9bc4aeb248fb45cb00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.vessoft.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 117184
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:49 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.vessoft.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 38008
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 20 Apr 2022 19:15:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.vessoft.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:17:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:33 GMT
server: sffe
age: 117064
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:17:49 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 11 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.vessoft.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:18:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
age: 117031
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:18:22 GMT

GET
H2 200 x1_25-50.png
vessoftstatic.com/static2/software-out/n/nokiapcs/ 1 KB
1 KB 115ms
13ms Image
image/png 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vessoftstatic.com/static2/software-out/n/nokiapcs/x1_25-50.png?h=ws_

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

83aa0efaf7a832803a5b4006036fd6aebadc9301b8c3cf41cf370ab0e948ca09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
last-modified: Mon, 20 Jan 2020 22:44:15 GMT
server: nginx/1.16.1
etag: "5e262d3f-493"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=86400
content-length: 1171
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 x1_25-50.png
vessoftstatic.com/static2/software-out/c/copytranscc/ 1 KB
1 KB 116ms
15ms Image
image/png 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vessoftstatic.com/static2/software-out/c/copytranscc/x1_25-50.png?h=ooj

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d0efb693477d7a84d604f11a6f7e5771809531a85da4c8de847815cb802bca9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
last-modified: Mon, 20 Jan 2020 22:44:15 GMT
server: nginx/1.16.1
etag: "5e262d3f-441"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=86400
content-length: 1089
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 x1_25-50.png
vessoftstatic.com/static2/software-out/s/samsungkies/ 1010 B
1 KB 115ms
14ms Image
image/png 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vessoftstatic.com/static2/software-out/s/samsungkies/x1_25-50.png?h=RTJ

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

deae4f30e506778dee3b4bcb6d7ce4b4903b3e5373dea5f727111cf914e92aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
last-modified: Mon, 20 Jan 2020 22:44:16 GMT
server: nginx/1.16.1
etag: "5e262d40-3f2"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=86400
content-length: 1010
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 x1_25-50.png
vessoftstatic.com/static2/software-out/s/sharepod/ 2 KB
2 KB 115ms
13ms Image
image/png 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vessoftstatic.com/static2/software-out/s/sharepod/x1_25-50.png?h=Y1X

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

bd84d1985f08cd2aade4427a8ae74e779d43b96be438a0340319fbb003b32857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
last-modified: Mon, 20 Jan 2020 22:44:16 GMT
server: nginx/1.16.1
etag: "5e262d40-778"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=86400
content-length: 1912
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 x1_25-40.png
vessoftstatic.com/static2/software-out/a/avicodec/ 925 B
1 KB 115ms
14ms Image
image/png 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vessoftstatic.com/static2/software-out/a/avicodec/x1_25-40.png?h=hkI

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

51fe62faf6cea9d39664839dc1f9f8ad71212cf8adeb7aef5002f40d91ca6949

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
last-modified: Mon, 20 Jan 2020 22:44:15 GMT
server: nginx/1.16.1
etag: "5e262d3f-39d"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=86400
content-length: 925
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 x1_25-50.png
vessoftstatic.com/static2/software-out/c/codecsstndrd/ 1 KB
1 KB 115ms
14ms Image
image/png 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vessoftstatic.com/static2/software-out/c/codecsstndrd/x1_25-50.png?h=DOP

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d6ef66438698de0e3d24fcce54a95efc854f783482d6a1fb9a28b623fea42b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
last-modified: Mon, 20 Jan 2020 22:44:15 GMT
server: nginx/1.16.1
etag: "5e262d3f-4a9"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=86400
content-length: 1193
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e826bcf7808e1461eee5d6970282b352ef5a593039836c56b09e0bfc1d746250

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/ 222 KB
83 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8581079972849502&plah=tr.vessoft.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84655
x-xss-protection: 0
server: cafe
etag: 16615013293570182620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/ Frame 19F5 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210415/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.vessoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Apr 2021 14:54:34 GMT
expires: Tue, 04 May 2021 14:54:34 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 53659
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
32 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNGC9G

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1829f8b8c84eedc7f031cbb9a3325f8d29f426ce877fad1925c71287270fefaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32812
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
32 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZQF52&l=dataLayer2

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1b7b42ef62242c254bb1e6c94f55c52eab0e22034ddbcb15c5658cc8566fdae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32794
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/tr_TR/ 217 KB
64 KB 35ms
34ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=959cec15ea15647013f97290acb661c4&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28f273c58e6c4a0554bbebfa78b93f42068d4c068f7e2565bbfd959e8d6a957c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://tr.vessoft.com
Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dF2x1uTwKI3s1TVKwilhzg==
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Apr 2022 04:50:30 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65782
x-fb-rlafr: 0
x-fb-debug: YE1S9X7P5WdA64wxDEMadJg867srvpzEllpXRnMK6PLXtkxO+QleFEY4xaGVIOSGQKxrGdEjkf8TsCjygXVCBA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 55861a73e64e24a6bbe822cdb41fb833
date: Wed, 21 Apr 2021 05:48:53 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "93698e82aed62fdb4fded5b3a6f8a231"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 39ms
21ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: vessoft.disqus.com
URL: https://vessoft.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4188081
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 0994927aab00004aa4e2148000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 643453711ecb4aa4-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/ 0
93 KB 39ms
22ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: vessoft.disqus.com
URL: https://vessoft.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3670722
strict-transport-security: max-age=300; includeSubdomains
content-length: 94786
cf-request-id: 0994927aac00004aa4df893000000001
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 17:57:38 GMT
server: cloudflare
etag: "6047b712-17242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 643453711ecc4aa4-FRA
x-amz-cf-id: iGbO1sC_L2SXajbXh3fns4o9OWy9yuPPlUqsvZKLIHAqbdlN6Dbhow==
expires: Wed, 09 Mar 2022 18:10:09 GMT

GET
H2 200 lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js
c.disquscdn.com/next/embed/ 0
115 KB 27ms
15ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js

Requested by

Host: vessoft.disqus.com
URL: https://vessoft.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2363373
strict-transport-security: max-age=300; includeSubdomains
content-length: 117042
cf-request-id: 0994927aac00004aa4269ff000000001
timing-allow-origin: *
last-modified: Wed, 24 Mar 2021 20:33:38 GMT
server: cloudflare
etag: "605ba222-1c932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 643453711ecd4aa4-FRA
x-amz-cf-id: wHMVdFIOKMWmxOB1tyUv-pM5OppW3IdhZaJR7RDK4a0KJo8VIfLMZg==
expires: Thu, 24 Mar 2022 21:19:19 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 70ms
22ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: vessoft.disqus.com
URL: https://vessoft.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:53 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 35
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11688
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
258 B 31ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tr.vessoft.com&callback=_gfp_s_&client=ca-pub-8581079972849502

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8581079972849502&plah=tr.vessoft.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5fb091d4cfa1f4cc42fd6e40bb89f788dcdaea93b88855f83ef7587f6cf33462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tr.vessoft.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tr.vessoft.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37F5 74 KB
26 KB 1054ms
1052ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ad7b7f51f7b36878d16a40619ee31ea5c74675050cec31073f7c071370cedb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.vessoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 21 Apr 2021 05:48:54 GMT
server: cafe
content-length: 26325
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Apr-2021 06:03:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 05:48:54 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 682F 72 KB
24 KB 581ms
580ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7040bbc7c05c54cb5bfe070f62ccfc5ba0876c809ace51ca42a9f2c01a0c7cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.vessoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 21 Apr 2021 05:48:53 GMT
server: cafe
content-length: 24721
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Apr-2021 06:03:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 05:48:53 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49FF 0
19 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&adk=1812271804&adf=3025194257&lmt=1618984133&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133256&bpp=1&bdt=140&idt=75&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90%2C580x400&nras=1&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=81

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8581079972849502&output=html&adk=1812271804&adf=3025194257&lmt=1618984133&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133256&bpp=1&bdt=140&idt=75&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90%2C580x400&nras=1&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.vessoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Apr 2021 05:48:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Apr-2021 06:03:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 05:48:53 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNGC9G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6556
date: Wed, 21 Apr 2021 03:59:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 05:59:37 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 2480 6 KB
4 KB 175ms
175ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr

Requested by

Host: vessoft.disqus.com
URL: https://vessoft.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f96bcb163e6fd3ef6a341c9226c95c12261f253948748a802dec040543020334

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tr.vessoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

Connection: keep-alive
Content-Length: 2733
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sat, 30 Jan 2021 22:51:14 GMT
ETag: W/"lounge:view:5214360243.03c1f31b365e775026beca54f4cd54d1.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Wed, 21 Apr 2021 05:48:53 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 159ms
113ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg
c.disquscdn.com/next/embed/assets/img/ 1 KB
1 KB 13ms
13ms Image
image/svg+xml 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10029081
strict-transport-security: max-age=300; includeSubdomains
content-length: 1042
cf-request-id: 0994927b0f00004aa4d6a23000000001
timing-allow-origin: *
last-modified: Fri, 13 Nov 2020 18:39:53 GMT
server: cloudflare
etag: "5faed2f9-412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 64345371bfba4aa4-FRA
expires: Wed, 17 Nov 2021 18:15:25 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=62082446&t=pageview&_s=1&dl=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&ul=en-us&de=UTF-8&dt=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1879966662&gjid=629120868&cid=566432662.1618984133&tid=UA-54146963-1&_gid=1774518359.1618984133&_r=1&gtm=2wg472WNGC9G&z=431754752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tr.vessoft.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-6042937-47&cid=566432662.1618984133&jid=955538688&gjid=2144705790&_gid=1774518359.1618984133&_u=YCjAgAABAAAAAG~&z=848240875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 05:48:53 GMT
content-type: text/plain
access-control-allow-origin: https://tr.vessoft.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=62082446&t=pageview&_s=1&dl=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&ul=en-us&de=UTF-8&dt=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAgAABAAAAAC~&jid=955538688&gjid=2144705790&cid=566432662.1618984133&tid=UA-6042937-47&_gid=1774518359.1618984133&gtm=2wg472WZQF52&z=1241320579

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.load.a658a7c16140d8728cc859daf581cbbc.js Show response
c.disquscdn.com/next/embed/ Frame 2480 1 KB
1 KB 38ms
22ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.a658a7c16140d8728cc859daf581cbbc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce33b36f16a953ed16394b859ee8f1a6e7fd9785869fe62e3af78aa019c07f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2363373
strict-transport-security: max-age=300; includeSubdomains
content-length: 535
cf-request-id: 0994927bf5000007467b30b000000001
timing-allow-origin: *
last-modified: Wed, 24 Mar 2021 20:33:38 GMT
server: cloudflare
etag: "605ba222-217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 643453732aac0746-FRA
x-amz-cf-id: UvupA6cr16mXG4PtlTB7U9JZSc9DPN4CceokOKQXSpBYeLhaNgD-yw==
expires: Thu, 24 Mar 2022 21:19:18 GMT

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js Show response
c.disquscdn.com/next/embed/ Frame 2480 282 KB
93 KB 12ms
12ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.a658a7c16140d8728cc859daf581cbbc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3670722
strict-transport-security: max-age=300; includeSubdomains
content-length: 94786
cf-request-id: 0994927c0d00004aa4190e1000000001
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 17:57:38 GMT
server: cloudflare
etag: "6047b712-17242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 643453734a4e4aa4-FRA
x-amz-cf-id: iGbO1sC_L2SXajbXh3fns4o9OWy9yuPPlUqsvZKLIHAqbdlN6Dbhow==
expires: Wed, 09 Mar 2022 18:10:09 GMT

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ Frame 2480 126 KB
22 KB 15ms
15ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b6097504aed42f81fd7492b0e20ee87c7e7d8f9e0a367081741ec0c405f740

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4188081
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 0994927c4d00004aa44896d000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 64345373aaf14aa4-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H2 200 lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js Show response
c.disquscdn.com/next/embed/ Frame 2480 453 KB
115 KB 16ms
15ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8fc5b6de8c12b2eac649cc45206787aa6d5c9ab0987020574349688c3df288

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2363373
strict-transport-security: max-age=300; includeSubdomains
content-length: 117042
cf-request-id: 0994927c5500004aa4f6a79000000001
timing-allow-origin: *
last-modified: Wed, 24 Mar 2021 20:33:38 GMT
server: cloudflare
etag: "605ba222-1c932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 64345373bb0d4aa4-FRA
x-amz-cf-id: wHMVdFIOKMWmxOB1tyUv-pM5OppW3IdhZaJR7RDK4a0KJo8VIfLMZg==
expires: Thu, 24 Mar 2022 21:19:19 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 2480 11 KB
12 KB 23ms
22ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d0627e883f59b06ada61af684c0636818d0e01f4c3fed677f83f974196b8316f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:53 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 35
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11688
X-XSS-Protection: 1; mode=block

GET
H2 200 tr.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame 2480 30 KB
10 KB 13ms
12ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/tr.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd5c3e255df3019c1a3ad8c66685e280dbe2ddd6401e2e6f2c15b25a700316d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 439
strict-transport-security: max-age=300; includeSubdomains
content-length: 10058
cf-request-id: 0994927c8800004aa45729c000000001
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 18:44:51 GMT
server: cloudflare
etag: "6047c223-274a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=1200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 643453740b934aa4-FRA
x-amz-cf-id: STNY_MrrlS8HJLZC5xYCL3lmMiFqZ0-0cRpoMSpY9hP3Udq3yjlmZw==

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 2480 3 KB
3 KB 23ms
22ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=vessoft&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d02a6d2cd57ef66e9b124309c481738023f88238907b23068b7cd96ed6cdc3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:53 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 59
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2963
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1617742046/images/ Frame 2480 2 KB
2 KB 65ms
20ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1617742046/images/noavatar92.png

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1228417
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: xWdG9QMkX5ftAZ1fP3U_cqumyf1VNKUJFyyQkOI6XO8aAwjcw4n2iQ==
expires: Fri, 07 May 2021 00:35:16 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2480 13 KB
13 KB 12ms
12ms Image
image/svg+xml 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14523846
strict-transport-security: max-age=300; includeSubdomains
content-length: 13079
cf-request-id: 0994927cdd00004aa458998000000001
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-3317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 643453749c874aa4-FRA
expires: Tue, 19 Oct 2021 19:08:20 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 2480 3 KB
3 KB 13ms
13ms Image
image/gif 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5521240
strict-transport-security: max-age=300; includeSubdomains
content-length: 2971
cf-request-id: 0994927ce200004aa4038ee000000001
timing-allow-origin: *
last-modified: Mon, 14 Dec 2020 22:46:46 GMT
server: cloudflare
etag: "5fd7eb56-b9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 643453749c994aa4-FRA
x-amz-cf-id: EvCMTWKCjvve0qmqQvWzwZWa75ce5tSol6Ycs2_dayHQ8JpFyq0ZUw==
expires: Fri, 17 Dec 2021 09:57:52 GMT

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 2480 2 KB
2 KB 19ms
19ms Image
image/png 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5521240
strict-transport-security: max-age=300; includeSubdomains
content-length: 1862
cf-request-id: 0994927ce200004aa4f6a80000000001
timing-allow-origin: *
last-modified: Mon, 18 Jan 2021 17:33:12 GMT
server: cloudflare
etag: "6005c658-746"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW53-C1
accept-ranges: bytes
cf-ray: 643453749c9b4aa4-FRA
x-amz-cf-id: EgON8tp8Et0Hc79zmS9Vbrl1C9iZJkMbKnffWBuVEXPBZ0W_DSkg6Q==
expires: Fri, 21 Jan 2022 12:21:07 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 2480 8 KB
8 KB 15ms
15ms Font
application/octet-stream 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5521239
strict-transport-security: max-age=300; includeSubdomains
content-length: 7900
cf-request-id: 0994927ce3000007463aa0d000000001
timing-allow-origin: *
last-modified: Wed, 03 Feb 2021 18:02:57 GMT
server: cloudflare
etag: "601ae551-1edc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 643453749d900746-FRA
x-amz-cf-id: Rgooauymwnrvp5ORnFt12m3Cagi0Qgi2D6GgELQK7gROkGCk4txtzw==
expires: Sun, 06 Feb 2022 07:54:37 GMT

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
26 KB 13ms
13ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: vessoft.disqus.com
URL: https://vessoft.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10051569
strict-transport-security: max-age=300; includeSubdomains
content-length: 26578
cf-request-id: 0994927d3600004aa4d6a47000000001
timing-allow-origin: *
last-modified: Mon, 23 Nov 2020 17:22:41 GMT
server: cloudflare
etag: "5fbbefe1-67d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 643453752dbe4aa4-FRA
x-amz-cf-id: iwXvkWWneYUzTgpoGXrolZxBkoZQ2bfC3Qst_9vVPBWLaqb-vIiHXg==
expires: Mon, 29 Nov 2021 02:25:38 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2480 3 KB
2 KB 34ms
33ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a6b0e8dcead95b051bc3729d494e9a412ae496cc24817d0d29cb294d0740377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /ZztTeeQywJNrws1Qgk9bQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: xYHMJedx1UovLxTEdLAkXIQ8ffbA9LTwMrSkKC3rWX6YxfFtTK5OC7/2DjeXACbnmIRNixSZMHZO8MVRLnlMHg==
x-fb-content-md5: fa7ea3b595a89ccf81a0db9dc72bf5aa
x-frame-options: DENY
date: Wed, 21 Apr 2021 05:48:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4c51fb0b64e19597ba2733bdc6086158"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Apr 2021 05:51:26 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 2480 12 KB
6 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w0fCcoaoJrhoGdbonmzWlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6873478039673be44cc70fd23da24c6e"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-w0fCcoaoJrhoGdbonmzWlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2480 13 KB
13 KB 14ms
14ms Image
image/svg+xml 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14523846
strict-transport-security: max-age=300; includeSubdomains
content-length: 13079
cf-request-id: 0994927d4900004aa410292000000001
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-3317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 643453754ddf4aa4-FRA
expires: Tue, 19 Oct 2021 19:08:20 GMT

GET
H/1.1 200
OK event.js Show response
referrer.disqus.com/juggler/ Frame 2480 40 B
278 B 117ms
116ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://referrer.disqus.com/juggler/event.js?experiment=network_default_hidden&variant=fallthrough&page_referrer=direct&product=embed&thread=5214360243&thread_id=5214360243&forum=vessoft&forum_id=2231137&zone=thread&page_url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22light%22%2C%22anchor_color%22%3A%22rgb(25%2C118%2C210)%22%2C%22typeface%22%3A%22sans-serif%22%2C%22width%22%3A580%7D&event=activity&imp=8aa59dkfao7o3&prev_imp=&section=default&area=n%2Fa

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Content-Type: application/javascript

GET
H3-29 200 css
fonts.googleapis.com/ Frame 682F 3 KB
578 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 05:18:50 GMT
server: ESF
date: Wed, 21 Apr 2021 05:48:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 682F 1 KB
989 B 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:44:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 682F 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:42:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 682F 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:44:24 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 682F 118 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 682F 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:45:19 GMT

GET
H2 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 682F 25 KB
11 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 10:27:13 GMT
server: sffe
age: 585936
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Tue, 13 Jul 2021 11:03:17 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
129 B 41ms
23ms Image
image/gif 2606:4700::6810:a10d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=4.393828949418076
Requested by: Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
cf-cache-status: HIT
age: 3
cf-ray: 643453758ca0e00b-FRA
content-length: 43
x-amz-id-2: ocNaOiA66CCWc4UgSbS+VVp+GK0WLGf88tifC/6ngnq2lLnnuoCm/OYWXRU0AaNxRtesXEletAY=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JR68KD9PT5TY9KYX
cache-control: max-age=15, must-revalidate
cf-request-id: 0994927d710000e00ba11a7000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
570 B 38ms
20ms Image
image/gif 2606:4700::6810:a10d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=4.393828949418076
Requested by: Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
cf-cache-status: HIT
age: 3
cf-ray: 643453758ca1e00b-FRA
content-length: 43
x-amz-id-2: ocNaOiA66CCWc4UgSbS+VVp+GK0WLGf88tifC/6ngnq2lLnnuoCm/OYWXRU0AaNxRtesXEletAY=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JR68KD9PT5TY9KYX
cache-control: max-age=15, must-revalidate
cf-request-id: 0994927d710000e00b4c88e000000001
accept-ranges: bytes
content-type: image/gif

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 682F 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS-jpxbx_YIHiFMmQ3gPBl5v4C9u9-YJht4D6pPgMl8_-1fcaEAEg5dq5DGCViviBlAegAf_bisgDyAEBqAMByAPLBKoE8gFP0A4rFkd8GWP-yvZyx58qtT1SqLVIiEo-4U6sD2Gd5UYCJ-fv9bh89boxRmw7Lhviw9prff4fC3VBfAVh3kh7wc6woOHPNazMusVKgj83pRonx6qN0oT5VcSDLo1zjKXSJHL2UGc6IvfPmTPqpvmGyLgbpFHNmDMo4VT-AM8mKMMFCqtFcToyuaCnOZ8JB4Zbzs_tx9NzMCcgU_PKQenNK2ufT3NLg3qRUnAGGCJ7awJ_PLtpetCjH_AOgQb8urNxuR6qSs5wVQ0qlpXMkL-Nr3QX_LRpJhpssRdUQVrxKVVPhNTKLWz3B_HNzECFkMmY2sAEu8mC-MIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_DurKICqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJieetIICQiA4YAQEAEYH4AKAcgLAdgTDIgUAbIXGgoYCAASFHB1Yi04NTgxMDc5OTcyODQ5NTAy&sigh=x4Rc3EdeuWY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 21 Apr 2021 05:48:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Apr 2021 05:48:53 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7025 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnuwngJdNNdi_r-bwNjzl6BZtwKvXydY7vzqCt23-fZrBvwr3px-wL0DihICcY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=400&slotname=4668792129&adk=300297570&adf=3921225670&pi=t.ma~as.4668792129&w=580&lmt=1618984133&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133241&bpp=3&bdt=125&idt=79&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x90&correlator=6905675591907&frm=20&pv=1&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bM8OyiWeDf&p=https%3A//tr.vessoft.com&dtd=82

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 21 Apr 2021 05:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 448
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 682F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b40b2ec312f58bd4b31ab2fc87caddbde4c65447c07128fa1df69e49deb67a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2480 217 KB
64 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5e2dd92f89e579fce7d5af5fd1c091ee&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89c8579b5913c531d1b74bc6689da4303c52605725d65b6a01fe2324d4826279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0Q70idR44/vgCNh/O+8Kzg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65519
x-fb-rlafr: 0
x-fb-debug: Hd/YqTWuDcP1yiuzGTfJwruKY6qFveLvUGjaC7dUn+2frUETPUxj0JO11ja7lKNxOdlzDxb4ygemnLBBlUtX+A==
x-fb-content-md5: b85df5a6ad7dc6b91322570b609b8f4d
x-frame-options: DENY
date: Wed, 21 Apr 2021 05:48:54 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c2e83f750f91b73aad2a576f23db2038"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Apr 2022 04:37:19 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame 2480 102 KB
34 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 06:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 17:21:52 GMT
server: sffe
age: 516569
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34454
x-xss-protection: 0
expires: Fri, 15 Apr 2022 06:19:25 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 682F 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 243916
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 682F 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 531952
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7025
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnuwngJdNNdi_r-bwNjzl6BZtwKvXydY7vzqCt23-fZrBvwr3px-wL0DihICcY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Apr 2021 05:48:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 21-Apr-2021 06:48:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 05:48:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Apr 2021 05:48:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 889E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 27551
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame D63A 513 B
842 B 35ms
16ms Document
text/html 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85dbad8b8c3a914040906b62e216959c20644e9e9ad308c41f438260f637dcee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G381S5C1Yn1xZxWRxibVbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=214=kGribrTGC2Tn8hPezIZ4fpEZMIl3QsDJtM7Guvn7dgn8smiy5zzGcHpyvb4UNI8SpbZMSQfvDbrAZlE-IZmwtXBV2kdry9kqIUHjSQirMjz947f5dBfdbk18OU5XbnyiqmysCut7h3TunxQ2Nr0-FbXV1YsqvgOh5Bu97bmCXPU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Apr 2021 05:48:54 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-G381S5C1Yn1xZxWRxibVbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 2480 0
0 115ms
115ms Fetch
text/plain 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Ftr.vessoft.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dvessoft%26t_u%3Dhttps%253A%252F%252Ftr.vessoft.com%252Fsoftware%252Fwindows%252Fdownload%252Fitools%26t_d%3D%25C4%25B0ndir%2520iTools%25204.4.5.6%2520%25E2%2580%2593%2520Vessoft%26t_t%3D%25C4%25B0ndir%2520iTools%25204.4.5.6%2520%25E2%2580%2593%2520Vessoft%26s_o%3Ddefault%26l%3Dtr%23version%3Da658a7c16140d8728cc859daf581cbbc&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: xvqpsSc3+iRvLZA/UwgQg5ZursfnCJK0GBJ7E++rCaIEVKRNuPkHp4vSzpyTAGLUYZVh0+i1ocLC8DWFY85MtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Apr 2021 05:48:54 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1152779234-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame D63A 112 KB
39 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1152779234-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce39ecda470ad1ba3ac9fddad55abe54822a6f208578c1555b0805435694d07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 17:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 00:25:08 GMT
server: sffe
age: 215743
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39190
x-xss-protection: 0
expires: Mon, 18 Apr 2022 17:53:11 GMT

GET
H3-29 200 CNoh3WH2.css
vessoftstatic.com/static2/css/data/ 39 KB
10 KB 36ms
32ms Stylesheet
text/css 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vessoftstatic.com/static2/css/data/CNoh3WH2.css?h=PvnY8Ybu

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

06a903fe788f9e0b55438254f76751cd9952eb3644c60c8aa996bef774dc7e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: br
last-modified: Fri, 11 Dec 2020 20:11:31 GMT
server: nginx/1.16.1
etag: W/"5fd3d273-9a7f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
alt-svc: h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 Iy4YKj3x.js Show response
vessoftstatic.com/static2/js/ 10 KB
3 KB 36ms
33ms Script
application/javascript 2a01:4f8:202:3036::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vessoftstatic.com/static2/js/Iy4YKj3x.js?h=B76Jbn2e

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a01:4f8:202:3036::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ed4a01e99a6ec1c770e76691cc73602b6d0029254d2f4d4c7df994cf2e75cf6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: br
last-modified: Thu, 28 Jan 2021 22:29:05 GMT
server: nginx/1.16.1
etag: "60133ab1-c92"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
alt-svc: h3-29=":443"; ma=86400
content-length: 3218
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame D63A 14 B
58 B 30ms
16ms XHR
application/json 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1152779234-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 21 Apr 2021 06:48:54 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 2480 422 B
736 B 198ms
125ms Script
application/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=vessoft&thread_id=5214360243&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

fa8762b0e92abf6e58b8cc10f2408490cd081762e0ec33d0397739f5bc153c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1617742046/images/ Frame 2480 2 KB
2 KB 20ms
20ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1617742046/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.5c8cd56736a07a84352a4d37a862a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1228417
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: xWdG9QMkX5ftAZ1fP3U_cqumyf1VNKUJFyyQkOI6XO8aAwjcw4n2iQ==
expires: Fri, 07 May 2021 00:35:16 GMT

GET
H3-29 200 3bdf4bc5a105080d989d03306174de96.js Show response
www.gstatic.com/mysidia/ Frame 37F5 6 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bdf4bc5a105080d989d03306174de96.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c491669ffeb03b25a72061f0b309f113d9c442aad96d271841dabf757d3080ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:35:46 GMT
server: sffe
age: 76437
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2784
x-xss-protection: 0
expires: Mon, 19 Jul 2021 08:34:57 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 37F5 3 KB
578 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 05:14:59 GMT
server: ESF
date: Wed, 21 Apr 2021 05:48:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 05:48:54 GMT

GET
H3-29 200 8b3669de54c0a91cc791876ece123fd5.js Show response
www.gstatic.com/mysidia/ Frame 37F5 8 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b3669de54c0a91cc791876ece123fd5.js?tag=pingback

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3772e13754f3b099338534f0d91c44defbd1d9d66e729a9b56bee4e5a6afa7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 10:27:13 GMT
server: sffe
age: 585334
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3803
x-xss-protection: 0
expires: Tue, 13 Jul 2021 11:13:20 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 37F5 1 KB
909 B 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:44:53 GMT

GET
H3-29 200 0107d4d65a69ef1d3370745262ab87c7.js Show response
www.gstatic.com/mysidia/ Frame 37F5 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0107d4d65a69ef1d3370745262ab87c7.js?tag=analytics_pingback_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeef6f2fa6044cadada5782a968531ac7b2a0207e741d67671e441b1fc5a656d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 563476
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
expires: Tue, 13 Jul 2021 17:17:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 37F5 17 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:42:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 37F5 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:44:24 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37F5 118 KB
36 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 05:48:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 37F5 13 KB
5 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 05:45:19 GMT

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 37F5 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 10:27:13 GMT
server: sffe
age: 585937
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Tue, 13 Jul 2021 11:03:17 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 37F5 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIAwXxbx_YJ23FKTc3wPUl5PYAdu9-YJh_4H6pPgMl8_-1fcaEAEg5dq5DGCViviBlAegAf_bisgDyAEBqAMByAPLBKoE6QFP0Ov8Ih6D9Vi68b4AFLB7-pGs9Rg8ZXijK026Jpz_vr6vAM3UJKhKuWCI6g5cGGgfeqR8YeJsXXqSxaAGi6S4px6_iuIjbtQDUPR9KfvmQUaJAS8Fj-Sd3CsAdLTl92-k9QhKzZfbqfhe0S3GQw-tbgX5jCo_RMEh6JHFpKb5tVIqGyprlallU1jv8DU3168ETlkczo61JWMK0OX3qMWaO4h-JTueIK9dcEu0hsUPwsY3S3uTmHAFPJ294Djh6EBikE1hSiFF1GVI-rIzkxZ5YnE5hp-zbtiOQX0yOKdDgPpYTpp9X3T3esAEu8mC-MIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_DurKICqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENzEM9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUAbIXGgoYCAASFHB1Yi04NTgxMDc5OTcyODQ5NTAy&sigh=RCbAwcZ7LkQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 21 Apr 2021 05:48:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F55 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnuwngJdNNdi_r-bwNjzl6BZtwKvXydY7vzqCt23-fZrBvwr3px-wL0DihICcY; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8581079972849502&output=html&h=90&slotname=5587122124&adk=3217516946&adf=799834189&pi=t.ma~as.5587122124&w=1020&lmt=1618984133&rafmt=12&psa=0&format=1020x90&url=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618984133219&bpp=22&bdt=103&idt=69&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6905675591907&frm=20&pv=2&ga_vid=566432662.1618984133&ga_sid=1618984133&ga_hid=62082446&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060615%2C44740079&oid=3&pvsid=4269715404353271&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=05BHC3NUbS&p=https%3A//tr.vessoft.com&dtd=89

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 21 Apr 2021 05:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 448
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 37F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b4e9e1176dea7d07878e9d805e7ebe4b6896520fb2e1645793811f43db8efdc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 2480 43 B
295 B 115ms
115ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=641&event=init_embed&thread=5214360243&forum=vessoft&forum_id=2231137&imp=8aa59dkfao7o3&prev_imp&thread_slug=indir_itools_3210_international_1845_vessoft&user_type=anon&referrer=https%3A%2F%2Ftr.vessoft.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: tr.vessoft.com
URL: https://tr.vessoft.com/software/windows/download/itools

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 37F5 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 243916
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 37F5 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 531952
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 27ms
26ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210415&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef3ae76a8dc9bee62b668f2eec124ef1b904fc34391ad9bc2c2dbe6b98338754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6425
x-xss-protection: 0

GET
H3-29 200 like.php Show response
www.facebook.com/v9.0/plugins/ Frame CC1D 49 KB
15 KB 131ms
130ms Document
text/html 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16972819e95038%26domain%3Dtr.vessoft.com%26origin%3Dhttps%253A%252F%252Ftr.vessoft.com%252Ff3a1548f69eda88%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js?hash=959cec15ea15647013f97290acb661c4&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e3dd1b7372d0ac3c4e4da3c50a4ec7549b2fae692e197b6558800129599f0ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16972819e95038%26domain%3Dtr.vessoft.com%26origin%3Dhttps%253A%252F%252Ftr.vessoft.com%252Ff3a1548f69eda88%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false&size=large
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.vessoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v9.0
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: PFQLKfqg2MmBMeqzzewzaa0zulUAWa6J7AhXV54cggsuCSugbYYUm+5iRDjauu6vaEAXetsOmXljLGpdd1rTNw==
date: Wed, 21 Apr 2021 05:48:54 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F55
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnuwngJdNNdi_r-bwNjzl6BZtwKvXydY7vzqCt23-fZrBvwr3px-wL0DihICcY; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Apr 2021 05:48:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 21-Apr-2021 06:48:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 05:48:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Apr 2021 05:48:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 074A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 27551
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 358 B
790 B 112ms
64ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: c1093f8a3df4e00fd1739912575abe9c9e764d764e9490efe7a2e02d16bc00e3

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 05:48:54 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://tr.vessoft.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 358
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 21 Apr 2021 05:48:54 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37F5 0
20 B 14ms
14ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChIIASoOYmFubmVyLXZhbmlsbGEKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAyCgcIBioDMTAwCg0QAyEAALiEayiRQDAECg0QCiEAAABCuF4vQDAECg0QDSEAAAAAKnukPzAECg0QHioHMTAyMHg5MDAECg0QGSoHMTAyMHg5MDAECg0QDiEAAAAASLeOPzAECg0QECEAAAAAwLvZQDAECg0QESEAAAAAAOW7QDAECg0QEiEAAAAAAAAIQDAECg0QEyEAAAAAAAAAQDAECg0QBCEAAMT1KGuRQDAECg0QDyEAAAAAMHp0PzAECg0QFCEAAAAAACe-QDAECg0QFSEAAAAAAAAUQDAECg0QFiEAAAAAAAAIQDAECg0QBSEAADgK12uRQDAECg0QFyEAAMDC9dSRQDAECg0QGCEAAN4JVx2SQDAEEhpDTjJ0cVBIUmp2QUNGU1R1ZHdvZDFNc0VHdyIQdGV4dC92YW5pbGxhX3JkYSgD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/8b3669de54c0a91cc791876ece123fd5.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 05:48:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FF4D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.vessoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tr.vessoft.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 21:04:19 GMT
expires: Wed, 20 Apr 2022 21:04:19 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 31475
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 06AB 507 B
1 KB 203ms
160ms Document
text/html 13.224.102.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8aa59ft2c3ou2g&pctry=CH&referrer=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-86.zrh50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 4390c21e40329a5255567c6083556798289888b1a8354fbce94de3970a5a62a8

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8aa59ft2c3ou2g&pctry=CH&referrer=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr

Response headers

content-type: text/html; charset=utf-8
content-length: 507
date: Wed, 21 Apr 2021 05:48:54 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=cf51209e-8dfa-4414-9ae5-15a5395f5249:1618984134.71; Domain=rezync.com; Expires=Sun, 15-May-2022 22:48:54 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVyk0LgjAcgPGvEv-zB1sMSuimRNA2rJnYRXQunfhSbqNQ_O6t2_PAb4H8Jae-GORgIDCTlR6ITrnTECxQKf22rkDsiwIfngaJ3WhRDasHWmqtxiFX1V9uSqcylG0JP39Ymhh2uvbZzfdpGPkX3jUPnhjC7w3lBNPUuTbGrI0Q4TVmYfwlc2zpHB1hXX-qvDEW.E2FORg.f2aKPKAx-YIK7dIzQY52hGTkX-4; Expires=Mon, 16-May-2022 05:48:54 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: _C0qYHT0o8_HYoso7DeQr7zS7xngfZ2bsuphg0OKGYxXuj8laAy98A==

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame 86EB
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCMb5_oMGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENc7CiG0f2_k28pnfbJ8eF0&google_cver=1

42 B
318 B

28ms
27ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESENc7CiG0f2_k28pnfbJ8eF0&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /362358.gif?google_gid=CAESENc7CiG0f2_k28pnfbJ8eF0&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: rlas3=H7eMFnpSn5CLgfxMOGaPuSu1CtJNthWvd/jn1XXZ7Nk=; pxrc=CMb5/oMGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=H7eMFnpSn5CLgfxMOGaPuSu1CtJNthWvd/jn1XXZ7Nk=; Path=/; Domain=rlcdn.com; Expires=Thu, 21 Apr 2022 05:48:54 GMT; Secure; SameSite=None pxrc=CMb5/oMGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Sun, 20 Jun 2021 05:48:54 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Wed, 21 Apr 2021 05:48:54 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESENc7CiG0f2_k28pnfbJ8eF0&google_cver=1
date: Wed, 21 Apr 2021 05:48:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 289
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 2480
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac8aa59ft2c3ou2g&ret=img&ref=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
https://io.narrative.io/?io.narrative.guid.v2=41fa6e60-a265-11eb-906c-06452aced0fe&companyId=19&id=disqus_id%3Ac8aa59ft2c3ou2g&ret=img&ref=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownlo...

35 B
319 B

41ms
41ms

Image
image/gif

52.215.145.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=41fa6e60-a265-11eb-906c-06452aced0fe&companyId=19&id=disqus_id%3Ac8aa59ft2c3ou2g&ret=img&ref=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.145.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-145-5.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=vessoft&t_u=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&t_d=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&t_t=%C4%B0ndir%20iTools%204.4.5.6%20%E2%80%93%20Vessoft&s_o=default&l=tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 05:48:54 GMT
Cache-Control: no-cache
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=41fa6e60-a265-11eb-906c-06452aced0fe&companyId=19&id=disqus_id%3Ac8aa59ft2c3ou2g&ret=img&ref=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
Date: Wed, 21 Apr 2021 05:48:54 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame FF4D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 27551
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:09:43 GMT

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 51ms
51ms Image
image/gif 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 05:48:54 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
472 B 96ms
51ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: aa4a69d2d75050d63e60a448a0b1bc78412496e7b3cdb6d9c3666863c01cdcc3

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 05:48:54 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://tr.vessoft.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame CC1D 400 B
619 B 32ms
31ms Image
image/png 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16972819e95038%26domain%3Dtr.vessoft.com%26origin%3Dhttps%253A%252F%252Ftr.vessoft.com%252Ff3a1548f69eda88%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: jZuHwV4o1z7zVmYl8oFLmozdFyciW43SjmwI0e38boNn1NVHQsq/su36PizLu1KQpsP1Pru1BZBblMCE7+aHdA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 10 Apr 2022 17:56:05 GMT

GET
H2 200 qgld8yIc9vP.js Show response
static.xx.fbcdn.net/rsrc.php/v3iR5z4/yJ/l/tr_TR/ Frame CC1D 484 KB
126 KB 97ms
33ms XHR
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iR5z4/yJ/l/tr_TR/qgld8yIc9vP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

410d4ae0773a692a9685cd0aa6a2f23b9829da20248bc73f882c81f68ba435e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 05:48:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yTjetBcVBFLymJkYgNbH0A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 128113
x-fb-rlafr: 0
x-fb-debug: MyLBsCEXqHbaU08cxvOYEBm6Fok+RI/utpce1iK8exVvN3HOjd/vHR31SBJwHk1NGxqoZmHGFwT0b9xAApxnbg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Apr 2022 01:10:51 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210415&jk=4269715404353271&bg=!WlmlWR3NAAZUuIlwVLg7ACkAdvg8WhnAvFfFkQ4yv03MJM6u1vhrccAZ0uc1TvQu8S0ef2AsuNRq3wIAAACmUgAAAApoAQcKAGh-8mj1uyJCpQXi_fxoGg5_bQWg8pwIraQvpylufymQ1V6NB6LGmPKuky5inQ6sTWVrHEd-xFCEbmnsg5tTnlXYKmR4boVMUrXGVtYmcH-Uvi2zYK-xv6-FzxqS35P0yI5NDB5j2MeQDZkB5k6iuRML6dTFFx5FWnTt_wqraH8N_t56FTGIYMQUxwbr_x4oY_pUCb5jJdiYbZnKfjmBug3ZZBOTCBBWl1AFUZKKBF6FGRMag4YgNQ-SthffMQQgJyXDmAX438GOPFmCoMrU40YCoWrJSl1cmNuUIwwpSizUePZ1vF63mdyMNoswpH3HPQHsOabqtt6az8D-oUO3-XunGsg6tjhImIpzlNRjmaczcHif2m65tRWEhmx8mG-n_J_Ycjw5R01BULdTMmYW1kBC069e2wGwk4hYJPrmMTwwzUGFt4CwfBvZtzkzijugudrPiRVGlFB95KgMQYn0xeeqnZfiR61oetjuSjdHwXLoTZfP0xsAcS42RvcZ8UYbYtAgJhCS9nlVm801nJUi9N7k5xx2bWEmMU0tyGLge7aR0Hzy2tmvZfvopMBXoxgjrD2kot8m3MTe3Ttr3JhBpZD6GSuOgsZgpXPRBWJF3Za5xAl3MuUt98U3EnkPuL2o1fhy058UFZ-WNiZa0C_rXFImDpZPqdCmwfNJGY54TPQx9-knITzd34uiwl8wVx6oQBeoE2JqwGSOl2CjygiPHzvnt5rWCTby7TZW69MlSOd5HyASZerg9Hstjkh-s9jvschcp2v30c8EaZitoEXSqDsEtA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.vessoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 05:48:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame 06AB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3046754569432961095
https://p.rfihub.com/cm?pub=39342&in=1&userid=cf51209e-8dfa-4414-9ae5-15a5395f5249%3A1618984134.71&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc8aa59ft2c3ou2g
https://idsync.rlcdn.com/501709.gif?partner_uid=c8aa59ft2c3ou2g
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3046754569432961095

42 B
316 B

28ms
27ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3046754569432961095
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8aa59ft2c3ou2g&pctry=CH&referrer=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 05:48:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 05:48:55 GMT
X-Proxy-Origin: 37.120.137.166; 37.120.137.166; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.217:80
AN-X-Request-Uuid: b1b48fee-3bcd-436e-97f4-de0ec35a5a21
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3046754569432961095
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

397676.gif
idsync.rlcdn.com/ Frame 06AB
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=cf51209e-8dfa-4414-9ae5-15a5395f5249%3A1618984134.71&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316019380098446
https://idsync.rlcdn.com/501709.gif?partner_uid=c8aa59ft2c3ou2g
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=ROJ97twzDcJncR3cJW7M91KCElZNtHHR

42 B
316 B

28ms
28ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=ROJ97twzDcJncR3cJW7M91KCElZNtHHR
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8aa59ft2c3ou2g&pctry=CH&referrer=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 05:48:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=ROJ97twzDcJncR3cJW7M91KCElZNtHHR
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3082
date: Wed, 21 Apr 2021 05:48:54 GMT
content-length: 221
content-type: text/html; charset=utf-8

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame CC1D 67 B
97 B 91ms
90ms Image
image/png 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618984134684&t_start=1618984134684&t_domcontent=1618984134705&t_layout=1618984134889&t_onload=1618984134890&t_paint=1618984134890&t_creport=1618984134890&t_tti=1618984134705&lid=6953483909938601802-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16972819e95038%26domain%3Dtr.vessoft.com%26origin%3Dhttps%253A%252F%252Ftr.vessoft.com%252Ff3a1548f69eda88%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftr.vessoft.com%2Fsoftware%2Fwindows%2Fdownload%2Fitools&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ci56KV1O6EeoR/3V7dD/AS9SUKvnxmZwENXtTlsjsiW5MWjlgdwm1AT5UdSVTzq6NP88pd9Xl77CEEcHRm+asw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Apr 2021 05:48:54 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 682F 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoZgwDGrXslVVHpuHE_LgT3BiIaHsYVz3QIB6zbqzXJ3JNqRTylb3D3sdMrxthRftoWOio8m_8ewRuSAnhTxNmSU7Mv82g7iLdjewwJHoImB4OVcOkM1Zb6uf8Mw&sai=AMfl-YRu7L32VkqBHi--XcPBpC9OQlWATFtEFDM88-bA071JLOa3cKt4IZikSCAK9xXZcAp4oCamhpCLSZth&sig=Cg0ArKJSzESr3XKz_DAxEAE&id=lidar2&mcvt=1000&p=540,290,940,870&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=300297570&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618984133324&dlt=627&rpt=43&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 05:48:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 37F5 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHy5lOulSp6S0JJFC2QS1xgkuR8QbcBzbMA1S-UIJu8alib13Ijiw6gML584eKGStjSMCWriY8dfuOlt8hlRoabsAszY1rx-vc97_wZjR8Ebre9TVCjmzlOroz_Q&sai=AMfl-YRjJR-oOp9XoQJvp1t4WmHfiPVlez0i2yCiHiVCD2sj3VTX1rt8aPJKzZjRO_b5R9i_sNDDzNx22tYp&sig=Cg0ArKJSzPPJ6_IrFtYXEAE&id=lidar2&mcvt=1000&p=70,290,160,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3217516946&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618984133310&dlt=1063&rpt=65&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 05:48:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:06:35	Name: NID Value: 214=kGribrTGC2Tn8hPezIZ4fpEZMIl3QsDJtM7Guvn7dgn8smiy5zzGcHpyvb4UNI8SpbZMSQfvDbrAZlE-IZmwtXBV2kdry9kqIUHjSQirMjz947f5dBfdbk18OU5XbnyiqmysCut7h3TunxQ2Nr0-FbXV1YsqvgOh5Bu97bmCXPU
.disqus.com/	1970-01-20 02:28:40	Name: disqus_unique Value: 8aa59ft2c3ou2g
.tr.vessoft.com/	1970-01-19 17:43:04	Name: _dc_gtm_UA-6042937-47 Value: 1
disqus.com/	1970-01-19 17:43:05	Name: __jid Value: 8aa59dkfao7o3
.doubleclick.net/	1970-01-19 17:43:07	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:04:40	Name: IDE Value: AHWqTUnuwngJdNNdi_r-bwNjzl6BZtwKvXydY7vzqCt23-fZrBvwr3px-wL0DihICcY
.tr.vessoft.com/	1970-01-19 17:43:04	Name: _gat_UA-54146963-1 Value: 1
.tr.vessoft.com/	1970-01-19 17:44:30	Name: _gid Value: GA1.3.1774518359.1618984133
.tr.vessoft.com/	1970-01-20 11:14:16	Name: _ga Value: GA1.3.566432662.1618984133
.vessoft.com/	1970-01-20 03:04:40	Name: __gads Value: ID=b3fcaabfb5b03b8a-22e852579ba700ae:T=1618984133:RT=1618984133:S=ALNI_MYlWeGurq1_gZrEfxe6WLhc-RyaPQ
.doubleclick.net/	1970-01-19 17:43:05	Name: test_cookie Value: CheckForPermission
tr.vessoft.com/	1970-01-20 21:29:44	Name: s Value: qtzCw0KK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
c.disquscdn.com
cdn.viglink.com
cm.g.doubleclick.net
connect.facebook.net
disqus.com
dl3.vessoft.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
links.services.disqus.com
live.rezync.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
referrer.disqus.com
ssl.gstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.vessoft.com
vessoft.disqus.com
vessoftstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.224.102.86
142.250.185.66
142.250.186.98
151.101.112.64
151.101.114.49
151.101.64.134
193.0.160.128
199.232.196.134
2606:4700::6810:a10d
2606:4700::6812:a813
2a00:1450:4001:801::2008
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200d
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9a
2a01:4f8:202:3036::2
2a02:2638::1c
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
35.244.174.68
37.252.172.250
52.215.145.5
84.16.241.70
06a903fe788f9e0b55438254f76751cd9952eb3644c60c8aa996bef774dc7e90
0a6b0e8dcead95b051bc3729d494e9a412ae496cc24817d0d29cb294d0740377
0b4e9e1176dea7d07878e9d805e7ebe4b6896520fb2e1645793811f43db8efdc
0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035
102434d2ce92cbf9bfca3f73eca562e57126dcb9d84963e91b016ba51e767986
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1829f8b8c84eedc7f031cbb9a3325f8d29f426ce877fad1925c71287270fefaa
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
20b6097504aed42f81fd7492b0e20ee87c7e7d8f9e0a367081741ec0c405f740
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
28f273c58e6c4a0554bbebfa78b93f42068d4c068f7e2565bbfd959e8d6a957c
2ad7b7f51f7b36878d16a40619ee31ea5c74675050cec31073f7c071370cedb5
2b40b2ec312f58bd4b31ab2fc87caddbde4c65447c07128fa1df69e49deb67a4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
372df7b4bbbdf6369a96ef77f2d2efbb5bb5ad43547c798de2efd00697f8468e
3b395f641b60df3299c1e1e2c0e5521433f1f5acff3ccc9bc4aeb248fb45cb00
3cd5c3e255df3019c1a3ad8c66685e280dbe2ddd6401e2e6f2c15b25a700316d
3f15f57e52f5add8ce4747718efafff30458c40a5d26d42abb63d5b7113fce5c
410d4ae0773a692a9685cd0aa6a2f23b9829da20248bc73f882c81f68ba435e5
4390c21e40329a5255567c6083556798289888b1a8354fbce94de3970a5a62a8
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
51fe62faf6cea9d39664839dc1f9f8ad71212cf8adeb7aef5002f40d91ca6949
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5c6a01dbad524bcc3f3fd995f7e1fab1ca526bb3b593e52537b5845ab5ede401
5e3dd1b7372d0ac3c4e4da3c50a4ec7549b2fae692e197b6558800129599f0ae
5fb091d4cfa1f4cc42fd6e40bb89f788dcdaea93b88855f83ef7587f6cf33462
6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba
63ca2d60350fa898883e8afc83054c90db14a1da49d52c690136ab4522771623
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec978ae4a0e243a279bb1cdce5f9f2c70171fb8685a0bd963f2c15ca777c841
7040bbc7c05c54cb5bfe070f62ccfc5ba0876c809ace51ca42a9f2c01a0c7cdb
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa0efaf7a832803a5b4006036fd6aebadc9301b8c3cf41cf370ab0e948ca09
85dbad8b8c3a914040906b62e216959c20644e9e9ad308c41f438260f637dcee
89c8579b5913c531d1b74bc6689da4303c52605725d65b6a01fe2324d4826279
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8e7e1c0ca7f4b5de4bf685edab1b4db31bff56e83fa2745700947fea85ff3095
983b2c7848dc10fbafb0bb8ac802ae0c9f68bed5a78eb8a414004aa17bb5aa97
9e8e40dcb524142148b849a8c34f96707fad6c726ad65edd451c4201c9e5c666
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
aa4a69d2d75050d63e60a448a0b1bc78412496e7b3cdb6d9c3666863c01cdcc3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64
aeef6f2fa6044cadada5782a968531ac7b2a0207e741d67671e441b1fc5a656d
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b92fcaf041b475253987f8a390f36d1f142be973d1c6e69afd1e7be28ea4abf0
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd84d1985f08cd2aade4427a8ae74e779d43b96be438a0340319fbb003b32857
c1093f8a3df4e00fd1739912575abe9c9e764d764e9490efe7a2e02d16bc00e3
c491669ffeb03b25a72061f0b309f113d9c442aad96d271841dabf757d3080ee
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c75a63cda7dfe34d58dd4b827115d192490cf109ac5995e486fb41f59b28570e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
ce33b36f16a953ed16394b859ee8f1a6e7fd9785869fe62e3af78aa019c07f7b
ce39ecda470ad1ba3ac9fddad55abe54822a6f208578c1555b0805435694d07c
ce8fc5b6de8c12b2eac649cc45206787aa6d5c9ab0987020574349688c3df288
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02a6d2cd57ef66e9b124309c481738023f88238907b23068b7cd96ed6cdc3de
d0627e883f59b06ada61af684c0636818d0e01f4c3fed677f83f974196b8316f
d0efb693477d7a84d604f11a6f7e5771809531a85da4c8de847815cb802bca9f
d3772e13754f3b099338534f0d91c44defbd1d9d66e729a9b56bee4e5a6afa7d
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d6ef66438698de0e3d24fcce54a95efc854f783482d6a1fb9a28b623fea42b34
deae4f30e506778dee3b4bcb6d7ce4b4903b3e5373dea5f727111cf914e92aa5
e11ba4c66fdfddc18289ff6b33ad9b8c4f71a5807630f5286b3b6831050ec07d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826bcf7808e1461eee5d6970282b352ef5a593039836c56b09e0bfc1d746250
ed4a01e99a6ec1c770e76691cc73602b6d0029254d2f4d4c7df994cf2e75cf6d
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3ae76a8dc9bee62b668f2eec124ef1b904fc34391ad9bc2c2dbe6b98338754
f1b7b42ef62242c254bb1e6c94f55c52eab0e22034ddbcb15c5658cc8566fdae
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f650c5c81a766ec723aef80c022fcc13041fcd4f314679f193cddd5e7052fe77
f96bcb163e6fd3ef6a341c9226c95c12261f253948748a802dec040543020334
fa8762b0e92abf6e58b8cc10f2408490cd081762e0ec33d0397739f5bc153c45

tr.vessoft.com Open in urlscan Pro 2a01:4f8:202:3036::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

100 %HTTPS

64 %IPv6

24 Domains

39 Subdomains

27 IPs

5 Countries

1612 kBTransfer

3865 kBSize

12 Cookies

61 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tr.vessoft.com Open in urlscan Pro
2a01:4f8:202:3036::2 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

100 %
HTTPS

64 %
IPv6

24
Domains

39
Subdomains

27
IPs

5
Countries

1612 kB
Transfer

3865 kB
Size

12
Cookies

118 HTTP transactions
13 data transactions