www.exedb.com Open in urlscan Pro
78.46.72.84  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Show response www.exedb.com/md/	41 KB 41 KB	108ms 24ms	Document text/html	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash bde80b5a0b038858f84cbfbc565e7318f91c9bcd668e26698bd2c1ccabf70dd6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private,public content-encoding gzip content-length 41947 content-type text/html date Sun, 10 Sep 2023 13:33:26 GMT server Microsoft-IIS/10.0 vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	257 KB 88 KB	74ms 24ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4956cbb50ace5ad17ed63208b0b3d1ae69e68b156851d6d1c4b777f9dc12d9e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89428 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 10 Sep 2023 13:33:27 GMT
GET H2	200	global2.css www.exedb.com/css/	12 KB 3 KB	12ms 12ms	Stylesheet text/css	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/css/global2.css Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 78a165e02b88d1c3d8d4b1efac689aff4e62b8de2d4491f1b5633c54e12a405a Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT content-encoding gzip last-modified Mon, 09 Jan 2023 08:37:02 GMT server Microsoft-IIS/10.0 etag "08b9e8b524d91:0" vary Accept-Encoding content-type text/css cache-control max-age=2592000,public accept-ranges bytes content-length 2878
GET H2	200	header.js Show response www.exedb.com/javascripts/	1 KB 1 KB	12ms 11ms	Script application/javascript	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/javascripts/header.js Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT content-encoding gzip last-modified Wed, 28 Sep 2022 17:45:20 GMT server Microsoft-IIS/10.0 etag "0b8ce1362d3d81:0" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000,public accept-ranges bytes content-length 1147
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 50 KB	117ms 73ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331 Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8e396bc9e9b1e69f6a79371c35e71c452f6bd5d568a6eee57f1f532f2aeeb31d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Origin https://www.exedb.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:27 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50850 x-xss-protection 0 server cafe etag 4763387422611321566 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sun, 10 Sep 2023 13:33:27 GMT
GET H2	200	exeIcon.svg www.exedb.com/images/	895 B 1009 B	12ms 11ms	Image image/svg+xml	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/images/exeIcon.svg Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Wed, 28 Sep 2022 16:37:46 GMT server Microsoft-IIS/10.0 etag "0696fa358d3d81:0" content-type image/svg+xml cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 895
GET H2	200	us.gif www.exedb.com/flags/	998 B 1 KB	24ms 23ms	Image image/gif	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/flags/us.gif Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash ed1cef68ccd99c7f6c4d3aa2c611f5d9af5d168056eb2a56914a6f20c5498ad7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Sun, 30 Sep 2018 02:12:25 GMT server Microsoft-IIS/10.0 etag "1a3ae176358d41:0" content-type image/gif cache-control max-age=2592000,public accept-ranges bytes content-length 998
GET H2	200	antivirus-scan-result.svg www.exedb.com/	39 KB 40 KB	34ms 33ms	Image image/svg+xml	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/antivirus-scan-result.svg Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash dfee30df6a202cf88bc395d8308b223d962fd4d0b77ebe92b4d282118079ecf0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Sun, 15 Jan 2023 07:00:57 GMT server Microsoft-IIS/10.0 etag "72e3f91daf28d91:0" content-type image/svg+xml cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 40411
GET H2	200	0.png www.exedb.com/	640 B 718 B	14ms 13ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/0.png Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 0e43c7004fa0c1d4d7e02d5966c08928120f1757ed58f80c7e31c4aa83eddfb3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Sun, 20 Dec 2015 10:49:34 GMT server Microsoft-IIS/10.0 etag "0b3db1c143bd11:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 640
GET H2	200	vote-safe-32.png www.exedb.com/	592 B 679 B	14ms 12ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/vote-safe-32.png Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 6594d88954238143ec387448c00efd7c166b4193bc755328092d6285a6916b29 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Tue, 21 Jun 2022 06:54:42 GMT server Microsoft-IIS/10.0 etag "edf59cc83b85d81:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 592
GET H2	200	vote-danger-file.png www.exedb.com/	586 B 665 B	14ms 13ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/vote-danger-file.png Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash e913a4f0f31847bffaa1019f3cdcb59d563b1df51a53b2ef5fa1ff144bd93f2a Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Tue, 21 Jun 2022 06:55:22 GMT server Microsoft-IIS/10.0 etag "bcc1ace03b85d81:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 586
GET H2	200	jquery.min.js Show response www.exedb.com/javascripts/	87 KB 30 KB	13ms 11ms	Script application/javascript	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/javascripts/jquery.min.js Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT content-encoding gzip last-modified Thu, 29 Sep 2022 05:40:40 GMT server Microsoft-IIS/10.0 etag "0fc1e2c6d3d81:0" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000,public accept-ranges bytes content-length 30891
GET H2	200	file-name.jpg www.exedb.com/	26 KB 26 KB	24ms 23ms	Image image/jpeg	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/file-name.jpg Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash bc387acd22b26623760146269dcd92e9b6571c960775277b6dbd7bc146b7b265 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:26 GMT last-modified Tue, 21 Jun 2022 08:03:41 GMT server Microsoft-IIS/10.0 etag "b9c0ad6b4585d81:0" content-type image/jpeg cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 26420
POST H2	204	collect region1.google-analytics.com/g/	0 253 B	36ms 15ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-RMPSQLW73D&gtm=45je3960&_p=862592843&cid=1256475313.1694352807&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694352807&sct=1&seg=0&dl=https%3A%2F%2Fwww.exedb.com%2Fmd%2Fpospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml&dt=What%20is%20pospaymentsworker.exe%20full%20information%20and%20solutions%20(Solved)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sun, 10 Sep 2023 13:33:27 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.exedb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/	379 KB 129 KB	110ms 89ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 188bbd8d95b9320584b1057981aae2a498e629ba8cea8c7ac2cb5185050f00e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:27 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131796 x-xss-protection 0 server cafe etag 14284033400311851382 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 10 Sep 2023 13:33:27 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 82B8	10 KB 5 KB	73ms 13ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 77775 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4438 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Sep 2023 15:57:12 GMT etag 8554266389219770021 expires Sat, 23 Sep 2023 15:57:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	385 B 601 B	70ms 17ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&callback=_gfp_s_&client=ca-pub-3100504127201331 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9699dad7db5233bc54e5b0628a4f9140325cbd9f7eb2d84a34bdbc67ec8fdac1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 249 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7437	27 KB 6 KB	623ms 622ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1694345607&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2Fmd%2Fpospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694352807175&bpp=4&bdt=176&idt=206&shv=r20230906&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8577954225855&frm=20&pv=2&ga_vid=1256475313.1694352807&ga_sid=1694352807&ga_hid=862592843&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076838%2C31077560%2C44798323&oid=2&pvsid=1277100023485066&tmod=425161747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=222 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f3ffbf1b712bc716667a1079b533ec152dc908371e8616be1ad8699127aeed07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 5721 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Sep 2023 13:33:28 GMT expires Sun, 10 Sep 2023 13:33:28 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	109ms 108ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=bg-primary-300&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: www.exedb.com URL: https://www.exedb.com/md/pospaymentsworker.exe---77d96999819206e9208df12819e5dba7.shtml Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sun, 10 Sep 2023 13:33:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	57ms 56ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b54c08beeb697228fe5c04d4b226d8b711c1fd028107a08072e6a520ca280d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:28 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11652 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	108ms 108ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44797162&hl=en&pvc=1277100023485066 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sun, 10 Sep 2023 13:33:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	49ms 26ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 10 Sep 2023 13:33:28 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B72	13 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 20745 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 10 Sep 2023 07:47:43 GMT expires Mon, 09 Sep 2024 07:47:43 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame C9CD	829 B 1 KB	38ms 16ms	Document text/html	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f7d35e04a40b1b3fca15e0ab0460a38b8eccde241d45e93535608a05449b1969 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-e_T1NTi_p0_a_SUvj-djNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 535 content-security-policy script-src 'report-sample' 'nonce-e_T1NTi_p0_a_SUvj-djNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 10 Sep 2023 13:33:28 GMT expires Sun, 10 Sep 2023 13:33:28 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response pagead2.googlesyndication.com/bg/ Frame 4B72	37 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 07:24:57 GMT content-encoding br x-content-type-options nosniff age 194911 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14472 x-xss-protection 0 last-modified Mon, 04 Sep 2023 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Sep 2024 07:24:57 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C9CD	0 0	108ms 108ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=1277100023485066&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 4B72	0 10 B	7ms 7ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?PgjWRQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:33:28 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	114ms 113ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=1277100023485066&bg=!V1SlVBvNAAa6D61Rmg87ADQBe5WfOC4LX7mD9cmpSrzNGvEcu9AJJptNIY-T93pNUKtQytD6C5e9ElqmSRSjG4_hcDBWAgAAAFVSAAAACGgBBwoAQ4NmpkCBzZ38sJk8n3ufmS-Uco7YfMKcZihCzSig2sjRSCXpB5WSmiwByb7MGhSeyBK-ExaqG8HjCG75PIxUxQz47xSZArboCb8Z-RKM0txtQoApG3zPJ_HnMaGu8S_t6DBfAG6xUpXNEkCJxedDslUjc-V1OT88fWcwb6vRPdxuiLnkCAKkBmOjDn45Kmyqf3Qyj2tAeeSohDPen_AM564Z5Bt7U8v2zeeGNS2rNo_ucyuAy4HhHZRoa_b1IQ0DWdWKmfbU2GZDhvMKATpNAO_u1W_FZyaSgBatL8DdfMaJfUi4-2yBdXMVDNS2vn-BI54NoCqTRPUt5Lk7H1Cwil2YHtmbd7bq_5fIuGg5QA3ycM27BA4NgIky_DeBN_I5FDw0mKCNxxIZAsnm4tm_11VSyNXPAnQEVWmjUrA0Tv84epUB6IElvpriKLZggUuZiOjp5dw_PPpKK19r_dmTnwg0axg5oaK3tZDZeG7CZkx79tDdRyyOCOjKS-5NeHFhmUttGmE9RWfsPp9qdcXwNY9HXHPxgsJC7YMg1Qhxwun21Ti_I-_vWzitFNy1ZTTJXE11aGFVUlaP2miHcBjmf9KaYgib2Nkt9PQzp4aZYHR-1n3octW7YPeRkI5KGlKa06zESzDndxRK4Dt7EVX_EzCQxdHEldYv0J8M3dOfYpqd6D0K6lGS_w4a8EmI4oG6hIoz4ETnVOb5IzG4USzpL-idWeprcp_AA5Vcl4b8gi5DtgSCvo1NqXNQWuVzIkQJtCTjVaQUDHNjIJBDDzSt-nd6bCkiop2N5hr8_XAgXRqgKfyLH13K-IzF95XSC009vS2i1aHDa5ZEi-o_HR4XITgPHKRFazGmTQ8CU0JJyimSZ88sG19dhlZml-j0Q3BhCNDz_QBkjZBNWmwLSszT4JGbO3R3iOHHjOEu9_SAPgJXqBtLFRUUTHlOsI_XhNb-8gAzsVc_PyzrlTHaN5t1LMrKY7wlCE2jpfxHdg7AAcVfAQfLs9J2P3D6YwIP Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer object| d number| n number| ny function| $ function| jQuery string| url string| currentFilename object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googTempStyleOverrideInfo object| googNavStack object| GoogleGcLKhOms

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.exedb.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDCGACSARS Value: HPLEPBKCPOAOOBJFMLMOHEDK
			.exedb.com/	1970-01-21 00:15:12	Name: _ga_RMPSQLW73D Value: GS1.1.1694352807.1.0.1694352807.0.0.0
			.exedb.com/	1970-01-21 00:15:12	Name: _ga Value: GA1.1.1256475313.1694352807
			.exedb.com/	1970-01-21 00:00:48	Name: __gads Value: ID=5fb9e218815967f6-2280a38f6bde00d5:T=1694352807:RT=1694352807:S=ALNI_MaP7SBMu2TW1MYA8tWBR9DVXfgK1A
			.exedb.com/	1970-01-21 00:00:48	Name: __gpi Value: UID=00000c71a104c4db:T=1694352807:RT=1694352807:S=ALNI_MYoQ0OT4gKNl5CN4ZYwXHgfATNLyA
			.doubleclick.net/	1970-01-20 14:39:13	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.exedb.com
www.google.com
www.googletagmanager.com
2001:4860:4802:32::36
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
78.46.72.84
0e43c7004fa0c1d4d7e02d5966c08928120f1757ed58f80c7e31c4aa83eddfb3
188bbd8d95b9320584b1057981aae2a498e629ba8cea8c7ac2cb5185050f00e8
22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7
3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466
4956cbb50ace5ad17ed63208b0b3d1ae69e68b156851d6d1c4b777f9dc12d9e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6594d88954238143ec387448c00efd7c166b4193bc755328092d6285a6916b29
70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b
78a165e02b88d1c3d8d4b1efac689aff4e62b8de2d4491f1b5633c54e12a405a
8b54c08beeb697228fe5c04d4b226d8b711c1fd028107a08072e6a520ca280d7
8e396bc9e9b1e69f6a79371c35e71c452f6bd5d568a6eee57f1f532f2aeeb31d
9699dad7db5233bc54e5b0628a4f9140325cbd9f7eb2d84a34bdbc67ec8fdac1
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
bc387acd22b26623760146269dcd92e9b6571c960775277b6dbd7bc146b7b265
bde80b5a0b038858f84cbfbc565e7318f91c9bcd668e26698bd2c1ccabf70dd6
dfee30df6a202cf88bc395d8308b223d962fd4d0b77ebe92b4d282118079ecf0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e913a4f0f31847bffaa1019f3cdcb59d563b1df51a53b2ef5fa1ff144bd93f2a
ed1cef68ccd99c7f6c4d3aa2c611f5d9af5d168056eb2a56914a6f20c5498ad7
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f3ffbf1b712bc716667a1079b533ec152dc908371e8616be1ad8699127aeed07
f7d35e04a40b1b3fca15e0ab0460a38b8eccde241d45e93535608a05449b1969