urlscan.io logo urlscan.io
SecurityTrails logo

galasoft.ch Open in urlscan Pro
52.174.235.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.galasoft.ch/
Effective URL: https://galasoft.ch/
Submission: On February 09 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 52.174.235.29, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is galasoft.ch.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 5th 2022. Valid for: a year.
This is the only time galasoft.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    52.174.235.29 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.galasoft.ch
galasoft.ch
7    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
imgur.com
3    76.74.234.208 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
cdn1.developermedia.com
apps.developermedia.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 galasoft.ch
www.galasoft.ch
galasoft.ch
132 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
76 KB
8 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5080
imgur.com — Cisco Umbrella Rank: 3740
321 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
141 KB
3 developermedia.com
cdn1.developermedia.com — Cisco Umbrella Rank: 100485
apps.developermedia.com — Cisco Umbrella Rank: 99450
10 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
65 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
64 KB
1 google.nl
adservice.google.nl — Cisco Umbrella Rank: 13560
792 B
53 9
Domain Requested by
18 galasoft.ch galasoft.ch
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 i.imgur.com galasoft.ch
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
galasoft.ch
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 apps.developermedia.com cdn1.developermedia.com
2 www.googletagservices.com cdn1.developermedia.com
securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 s0.2mdn.net securepubads.g.doubleclick.net
1 googleads4.g.doubleclick.net galasoft.ch
1 8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 cdn1.developermedia.com galasoft.ch
1 imgur.com 1 redirects
1 www.galasoft.ch 1 redirects
53 16
Subject Issuer Validity Valid
galasoft.ch
Go Daddy Secure Certificate Authority - G2		 2022-01-05 -
2023-02-06		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.developermedia.com
Starfield Secure Certificate Authority - G2		 2020-07-13 -
2022-07-14		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://galasoft.ch/
Frame ID: 2F8D128D6C36804CFE751B0011120435
Requests: 37 HTTP requests in this frame

Frame: https://8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B852084464E763E07B12AD053FCAAD15
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoKQTtljep2tT42-je2zxMbdjVvlScWGc7uIp5Cuvs-OUxa0yaCBqV3asiCl7WjsOQSyRBhbrDj5OssuJuTnra3Ha-YDFTRK6VO9UgXI3YVBjAIarJpARJ4wsh0jMFbxYqA1csOA4_CS4RLj_PR--57PrWTx-bhFHNDNsao-jroDzCaajAP0hb8sMYl1hiB3vNygUxE_r5_SPSzihVKCOk6GeG7WU_zT33VQmvMTy5TNz4tci5-FCzszcCXknbPUSx59czq9xvPGf_RhcUKNCLOr6yFSP1eu0jtV_wXGDTwf-CI0hg0mhmaEmyYoXyyj96wXtBoYon91WHyDj42CqYeGsrn1ujVusHziOoR5AGZyuktrXZR2dcs1xN&sai=AMfl-YS3Zf7gUhxbR07JIkuEPwL4ot-p_JP3vqcpJOODWYc7ZsB6jBxDiJaWTVLoTnp6ItJI2NoVUJrSEmK2cHRYcGa1cplCnDj9r2xXiKRVpPRW3EcpGM-2QiY9tfUbGs0&sig=Cg0ArKJSzB1sllLhfuiyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: BAD60E9408FCA47665DDC16BD8C04678
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AE693F575659F881C9E4AAE42F12C878
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5D64996F5175B99ADAD6E248A9E9BF5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48A85BBD4FD92FD4FFD270AC93B4B85F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GalaSoft Laurent Bugnion - On Azure

Page URL History Show full URLs

  1. http://www.galasoft.ch/ HTTP 302
    https://galasoft.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <(?:script|link)[^>]*sh(?:Core|Brush|ThemeDefault)

Page Statistics

53
Requests

98 %
HTTPS

57 %
IPv6

9
Domains

16
Subdomains

14
IPs

4
Countries

811 kB
Transfer

1345 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.galasoft.ch/ HTTP 302
    https://galasoft.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://imgur.com/DvsPpbC.png HTTP 301
  • https://i.imgur.com/DvsPpbC.png

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galasoft.ch/
Redirect Chain
  • http://www.galasoft.ch/
  • https://galasoft.ch/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a69f639a23ced1fea55a1babd58dcbc90e786aaa6a81a84a32d6a9c28cbe3e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

Cache-Control
private
Content-Length
3860
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNetWebPages-Version
3.0
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:4fc25b32-81fc-4c22-8a28-3676224b05ef
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Wed, 09 Feb 2022 18:04:21 GMT

Redirect headers

Content-Length
137
Content-Type
text/html; charset=utf-8
Location
https://galasoft.ch/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Date
Wed, 09 Feb 2022 18:04:20 GMT
gslb.web.css
galasoft.ch/_old/layout/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/_old/layout/gslb.web.css
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7bfa30c03f54b37ef65cc4bffc9e7132a0b8e1fb7372cb1a37c4cb1750304bd7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Content-Encoding
gzip
ETag
"01f97842eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2563
shCore.css
galasoft.ch/layout/code/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/layout/code/shCore.css
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b58d4522947809ad4536ce04640877ee2d5c999f49a3c77d9549ea6a380cbbd0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1587
shThemeVS2012Light.css
galasoft.ch/layout/code/ 		2 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/layout/code/shThemeVS2012Light.css
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d49f5c26d28783d1b672d1c61fa620723444e47de82ada528a172bc2b0a1691

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
639
shCore.js
galasoft.ch/script/code/ 		16 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shCore.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6dbf4654879f75b7ad27e267f7d2eded08373ad9399fda728d068d791d543adc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
10552
shBrushCSharp.js
galasoft.ch/script/code/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushCSharp.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bfa4f9c5c33be03258c362ccd5ba0982135bf37f62046d0a5e65b0e8eb54241

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1370
shBrushCss.js
galasoft.ch/script/code/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushCss.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e681d66f2bb8fc8b501b3b02f52744271f8e4936c4ebe1b81fac9cddafcc2485

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2810
shBrushJScript.js
galasoft.ch/script/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushJScript.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d65918c3c3adb72d7c72492ed9f91ed704612f46282de25da12816fe069bb59b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
928
shBrushPlain.js
galasoft.ch/script/code/ 		783 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushPlain.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a078836bb41c26ffa505627c4ee1859c39778e3cdd5ed5d7d81ad047922c6b1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
524
shBrushXml.js
galasoft.ch/script/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushXml.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
93cc64a5d9d9d177b8f0a20709dde88c1834837f4874479f4c1c57fa2da025da

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1115
shBrushPowerShell.js
galasoft.ch/script/code/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galasoft.ch/script/code/shBrushPowerShell.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82d27ea5d429114f5f3cc9a37e41b32cd1a50573fb547f1c5f93267d6d394c78

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Content-Encoding
gzip
ETag
"04cc8852eb4d61:0"
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1978
HeaderHead.png
galasoft.ch/_old/layout/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/layout/HeaderHead.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f89807343cf609f6240174c531bb4c35fb4fc45cc9b1cf630b3935ac4f1faa48

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4703
HeaderLogo.png
galasoft.ch/_old/layout/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/layout/HeaderLogo.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff3617a12d1691296933ec180d886baeb9d7a073a1e3782c9456d23428bfec45

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4845
profile.jpg
galasoft.ch/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/images/profile.jpg
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f8bcdccb04fe84f378924da66af8589ac8bf685fa4fc7fefecebe35ad19f951a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"04cc8852eb4d61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
17053
logo_120x30.png
galasoft.ch/_old/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/logo_120x30.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
929c903174e996005b91087025e8ed45e776f017742a10f873ab36035fc1b1d1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3086
RQnXDKV.png
i.imgur.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/RQnXDKV.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8c9a3f6cb23db666a4dd6a50378bd86ef07d055caeb0d1068c761869675dc0ca
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
1326430
x-cache
HIT, HIT
content-length
23962
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra19161-FRA
last-modified
Fri, 03 Dec 2021 08:37:24 GMT
server
cat factory 1.0
x-timer
S1644429861.471624,VS0,VE2
etag
"d9f2bc0f2d5368d66e29ce68e71a3a4e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
DMJvFuO.png
i.imgur.com/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DMJvFuO.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5ea63677c0a6fb2416c7491ca64d7e92ffd741de9e4056a5b00fe8e53e7cb926
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
1002881
x-cache
HIT, HIT
content-length
22878
x-served-by
cache-iad-kcgs7200061-IAD, cache-fra19161-FRA
last-modified
Fri, 03 Dec 2021 08:36:02 GMT
server
cat factory 1.0
x-timer
S1644429861.471918,VS0,VE2
etag
"66e17efa18c10ab632751ad7a60e0ad6"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
5XOVHoY.png
i.imgur.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/5XOVHoY.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8e3f2accb9d3fae77940287661f833aa76ed87f61e285d40bb9cd515f1b35783
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
1649450
x-cache
HIT, HIT
content-length
23450
x-served-by
cache-iad-kiad7000029-IAD, cache-fra19161-FRA
last-modified
Sat, 20 Nov 2021 15:23:44 GMT
server
cat factory 1.0
x-timer
S1644429861.471741,VS0,VE2
etag
"2a69ae54aada08e2ddb5161a41e6fc5d"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
DvsPpbC.png
i.imgur.com/
Redirect Chain
  • https://imgur.com/DvsPpbC.png
  • https://i.imgur.com/DvsPpbC.png
80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DvsPpbC.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ad3b8ad629dfa55519a87d83749ab11a88334ed85fc117474c51070e625004c9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
2962573
x-cache
HIT, HIT
content-length
81463
x-served-by
cache-iad-kiad7000154-IAD, cache-fra19161-FRA
last-modified
Mon, 04 Oct 2021 10:07:15 GMT
server
cat factory 1.0
x-timer
S1644429861.471427,VS0,VE2
etag
"9ca556025a35574eff77764a370cc0cf"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

date
Wed, 09 Feb 2022 18:04:21 GMT
server
cat factory 1.0
x-timer
S1644429861.441084,VS0,VE0
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/DvsPpbC.png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
x-cache-hits
0
strict-transport-security
max-age=300
accept-ranges
bytes
access-control-allow-origin
https://imgur.com
content-length
0
retry-after
0
x-served-by
cache-ams21038-AMS
iXcJPNX.png
i.imgur.com/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/iXcJPNX.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
dac40bfa1b053b284d8fe9c1b5e89aa7eff2510c755c15a0fad7ac9ce18747df
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
4132623
x-cache
HIT, HIT
content-length
85323
x-served-by
cache-iad-kjyo7100093-IAD, cache-fra19161-FRA
last-modified
Mon, 04 Oct 2021 10:07:15 GMT
server
cat factory 1.0
x-timer
S1644429861.471964,VS0,VE2
etag
"8158c9d7deef6215c4963f98d54491f4"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
KaE7doy.png
i.imgur.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/KaE7doy.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
49d2fcc3b11e4b0b87d9d3e79c1fd78cf920f35fe29657daa97eddce3afec1da
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
1321113
x-cache
HIT, HIT
content-length
25709
x-served-by
cache-iad-kjyo7100173-IAD, cache-fra19161-FRA
last-modified
Thu, 16 Sep 2021 12:31:39 GMT
server
cat factory 1.0
x-timer
S1644429861.471706,VS0,VE2
etag
"dca518cd238159bd3f98366186d108d9"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
HV8ue4v.png
i.imgur.com/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HV8ue4v.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
27d91bf12ed58f45909e9377f210972f0178aa9bad74e084fe3416608eba00b9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-content-type-options
nosniff
age
6766063
x-cache
HIT, HIT, HIT
content-length
64548
x-served-by
cache-bwi5171-BWI, cache-iad-kcgs7200166-IAD, cache-fra19161-FRA
last-modified
Mon, 22 Mar 2021 08:20:17 GMT
server
cat factory 1.0
x-timer
S1644429861.471675,VS0,VE2
etag
"9970f64638f635c4bdc815397f51632a"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1, 1
MVVM_BlackText_190x147.png
galasoft.ch/_old/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/MVVM_BlackText_190x147.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3614d348d7184c23b569bfa7faca484b9da3e6f7f55b39ed9e46745b23598c16

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
27361
paypal.png
galasoft.ch/_old/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/paypal.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f0ed7fc3db22bb5c5da56afdb99fa34ce4b9ad255fabbccab5dd155b3a85fcbc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:21 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1921
XamarinCertifiedBadge.png
galasoft.ch/_old/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galasoft.ch/_old/images/XamarinCertifiedBadge.png
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.174.235.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb8efda14783f4d733266bd5e188e6664127aba26bcf892ff79a59040df79ca7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:04:20 GMT
Last-Modified
Fri, 06 Nov 2020 11:18:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01f97842eb4d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
42657
a.min.js
cdn1.developermedia.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.developermedia.com/a.min.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
23cc012647ba52fcd608113fccf328e42061421ae723cfa607e0b89a96ff3c5f

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:20 GMT
content-encoding
gzip
etag
"0bbb5a5c645d61:0"
last-modified
Thu, 18 Jun 2020 23:17:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
9352
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn1.developermedia.com
URL: https://cdn1.developermedia.com/a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
872ead08ec3cccc424b2877e5004974dd2561be7e05f972c81c26deef875c336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27172
x-xss-protection
0
server
sffe
etag
"1126 / 236 of 1000 / last-modified: 1644427664"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Feb 2022 18:04:22 GMT
pubads_impl_2022020301.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122037
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Feb 2023 17:44:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		46 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=galasoft.ch
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2c0bbebd8b530fc02a6482279e2190e080d2306ece2ab3bd2b9b783682e5363b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58
x-xss-protection
0
expires
Wed, 09 Feb 2022 18:04:22 GMT
GetTerms
apps.developermedia.com/Ads/PageTerms/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apps.developermedia.com/Ads/PageTerms/GetTerms
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://galasoft.ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Content-Type, Accept
access-control-max-age
1728000
x-powered-by
ASP.NET
date
Wed, 09 Feb 2022 18:04:21 GMT
content-length
0
GetTerms
apps.developermedia.com/Ads/PageTerms/ 		159 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps.developermedia.com/Ads/PageTerms/GetTerms
Requested by
Host: cdn1.developermedia.com
URL: https://cdn1.developermedia.com/a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54b976840b7d5ee62fd4f1e0dd2a177a332f2842f99455400289557a4e85f45a

Request headers

Referer
https://galasoft.ch/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Feb 2022 18:04:21 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
159
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=galasoft.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=galasoft.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		434 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1113731158511054&correlator=3885948447404107&output=ldjh&impl=fifs&eid=31064764%2C44755509&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220209&iu_parts=6839%2Clqm.galasoftlaurent.site%2Cron&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60&prev_scp=kw%3D%252C%252C&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644429862869&lmt=1644429862&dlt=1644429861224&idt=1190&frm=20&biw=1600&bih=1200&oid=2&adxs=601&adys=901&adks=1512318294&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgalasoft.ch%2F&vis=1&scr_x=0&scr_y=0&psz=620x60&msz=468x-1&ga_vid=1432415361.1644429863&ga_sid=1644429863&ga_hid=1698646270&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
7b039cbb8cf1072012e142ab5eebaa25965fa2d4c46550ffe74bfefd5df3bf58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://galasoft.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1113731158511054&correlator=3885948447404107&output=ldjh&impl=fifs&eid=31064764%2C44755509&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220209&iu_parts=6839%2Clqm.galasoftlaurent.site%2Cron&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=kw%3D%252C%252C&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644429862876&lmt=1644429862&dlt=1644429861224&idt=1190&frm=20&biw=1600&bih=1200&oid=2&adxs=395&adys=204&adks=3180670870&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgalasoft.ch%2F&vis=1&scr_x=0&scr_y=0&psz=175x600&msz=160x-1&ga_vid=1432415361.1644429863&ga_sid=1644429863&ga_hid=1698646270&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
193a9986bfa984d4e05d3fb73178ae4d98821bb87ea46e3e33fff436088b9b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19988
x-xss-protection
0
google-lineitem-id
5834119844
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377678135
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://galasoft.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09ec95bdec55aa3bed40b174a3a7c28be9ac376f41f88485549c2ec9760a0395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9963
x-xss-protection
0
container.html
8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B852 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 09 Feb 2022 18:04:22 GMT
expires
Thu, 09 Feb 2023 18:04:22 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 18:04:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BAD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoKQTtljep2tT42-je2zxMbdjVvlScWGc7uIp5Cuvs-OUxa0yaCBqV3asiCl7WjsOQSyRBhbrDj5OssuJuTnra3Ha-YDFTRK6VO9UgXI3YVBjAIarJpARJ4wsh0jMFbxYqA1csOA4_CS4RLj_PR--57PrWTx-bhFHNDNsao-jroDzCaajAP0hb8sMYl1hiB3vNygUxE_r5_SPSzihVKCOk6GeG7WU_zT33VQmvMTy5TNz4tci5-FCzszcCXknbPUSx59czq9xvPGf_RhcUKNCLOr6yFSP1eu0jtV_wXGDTwf-CI0hg0mhmaEmyYoXyyj96wXtBoYon91WHyDj42CqYeGsrn1ujVusHziOoR5AGZyuktrXZR2dcs1xN&sai=AMfl-YS3Zf7gUhxbR07JIkuEPwL4ot-p_JP3vqcpJOODWYc7ZsB6jBxDiJaWTVLoTnp6ItJI2NoVUJrSEmK2cHRYcGa1cplCnDj9r2xXiKRVpPRW3EcpGM-2QiY9tfUbGs0&sig=Cg0ArKJSzB1sllLhfuiyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:04:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 09 Feb 2022 18:04:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BAD6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: galasoft.ch
URL: https://galasoft.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 15:11:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BAD6 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644237382599929"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 18:04:23 GMT
12533974922501701526
s0.2mdn.net/simgad/ Frame BAD6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12533974922501701526
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14aa4d42029cef3544856b9779a1436f3ef1c9b3b40db8c7bf809e8b161a0f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 07:03:48 GMT
x-content-type-options
nosniff
age
212435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65306
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 19:17:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 07:03:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AE69 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 15:11:50 GMT
expires
Thu, 09 Feb 2023 15:11:50 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
10353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5D6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 17:55:14 GMT
expires
Thu, 09 Feb 2023 17:55:14 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 48A8 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be5ba03ef5581f2a3018d20437d2443cbb1663276907fb2c7538a0734084f235
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AsLcp68TGE7bP22/tlkacQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 09 Feb 2022 18:04:23 GMT
date
Wed, 09 Feb 2022 18:04:23 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AsLcp68TGE7bP22/tlkacQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BAD6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88c15f6c118fa3e25687f6d3315e7ebc1346b48b55443f3eba9ec2ceb96d911a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
pagead2.googlesyndication.com/bg/ Frame AE69 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
36665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13808
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 07:53:18 GMT
OJsPeSlINeJyzOQXpTvtD9cMgHq4K4YXI50fjA0xvQc.js
pagead2.googlesyndication.com/bg/ Frame B5D6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OJsPeSlINeJyzOQXpTvtD9cMgHq4K4YXI50fjA0xvQc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
389b0f79294835e272cce417a53bed0fd70c807ab82b8617239d1f8c0d31bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13596
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 15:59:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BAD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSAAsaCPUKv2zbRD_y-pgad_kIKuQhe42oIT01F3ZW1zXwQCmXc1MBcUE4KPRzun_zvtC9c2XiXbHoRzL_auPx1QZa2-eLmcPXOjviZQqMtTtOp8wy2wNYrUvpyOgVb3y6M7DI_M2cIJbsbK5Ir5K_UaOfeoMl2hyC8aouAcLTiHLG10Mcw7MAO1CXLyXtG1wUBbZxkIctSAoo2TcO6QL2g-uSq0Jw6AnslgvHkXgmSz2rZGLbiPPOF7qn1aHpIZIzjPzY3R9TjXzRyPxdkBPE41SQA9QwL0aodY-E0TVnnbDdJzlax2QfoVzvTQTxIQclzbl64A&sai=AMfl-YQxyuN-MSjJWlNUjJeEWtSYs9hxoH0wYkOApqJCLI3aPchDJ5lBmxTYchfVv0J7hm4QIM2Tc_S3TCWj-k1hhkhV19Q4h7gRjXCW0ms7v44JRflpspT3a1cIhyeLVpU&sig=Cg0ArKJSzBtd9yaaE2nKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:04:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 09 Feb 2022 18:04:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 48A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=1113731158511054&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B5D6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Posu4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:04:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE69 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHdnFJgIEYqOpN86GjuwP8ISq4AMAAAAAOAHgBAI&bg=!_v2l_bnNAAa4sGsQuLA7ACkAdvg8WqCT4VTvwWnOiBjDHslExb72dd7ZRVPcpgQShpMf6VTzIPrD7AIAAACBUgAAAAJoAQeZApWiF3UvVidcLbZORJWMnHwSqBAb9Da_k022Yxmte4WSh6HeBaNKRWwuniWArv6DLdIla6zBmi_VhXGuH1WIurUUOuwJa0re6LkrXImbFyZezjAzq-VggJsFqb4QE1I58eLsTQdUmBXIpEvetFTDDoVfgWJERwbKghV52a5QntIDrhqbRZ3q1Q3Lg6NYnqGxfxiZoUDiTtFrdPO1TEd-mSiHp0-pLVCVzLP_4AW3Q6pJyzMcksNxjGLhBJzAVl-FDEkx-IP_Y1aiuKTFa4OGop6MY1oCOGRNYs_i-ZxkldxF_tc62wrd6JHXwPxQmrWryFVi1yfwTTkkbNGEWAGML_ZfSCBAT9KuVOHQqQ-VOwFFMKof83kRIDCYvbMpfoonFpur3VxkCP7bJRHju0YMhL2eHAVDZX3dY-I08MIF0I14-74PmdJ0pvF4kvRuZM6l7UcNkwnURKRUAXqH-648AAVl6baKsTOpsIynhzXjYNGWLdkct8T0k8fIxM8hedEX_V7tQXcb11aQzMWh7fKSyLzwpctaI-96Z1QD9HNx_m677JFIp59aySwLlo7tOSeSpaXtAnrwfWkrjPWO0wDf-GqmUBeaJZrpEC5zuPgY3IAMwv0CDutsoR9WBbti5JLxTsM-zoM387YAyrJM7iJyipRukaSs3FXxvhZ6dreViGzKwoM4GZWtKWdMq6Fe7bTW2mstepWUR9lBiH3hGbUeaxV-gJwgQvKpu09W2P65J8OHvVoJSQJoJzoLuo_epkQlE-FryUDju_xDCxMvHxF3BdEqUGtLa0x_HjCoQMkwrka7naHpY4kvAQlNGIsox8kRzmFZGsN3aTNwwT6iNMgpECLf2uZkbYhby0fr9qV1XVRmNPnM-0MP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:04:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=1113731158511054&bg=!kZKlktbNAAa4sGsQuLA7ACkAdvg8WlUgdU814Gzlbx3toHFY2yepsabzr--kbG8zA4KP9VTMz8ZYSwIAAACFUgAAAAhoAQcKAFf9u4dvtRfMB3TPQuFcSNxKPFA4h2h5RHbw4EmfdtgegDB41o1XdmJoc3jqBx9vbh3UUV_bJhijtMMeShKARvV8KyuCTcC4991vKNPHQM8E7eEpXAIOL5aZAnw35FYU7gjrLan4lIZ74JLjp9XyF3jYF3XifM6A0DIKqs5nzXjxqIMOKkG_CcdtzFoNpBGFTh99kRQJQGomjLeJaKoCIoArVHtunL2tRLIUYddqyojtHtYYXvYZ8_CsZfpkIvBV8YonzW0cmw_peUY1VvcNuJSQX8QLTax_LnPXGSDSjlmvKW22zU59g_ic9W0wLRuexz9SS6-IjTDNEJGSWpWmK3wPNjil1Q_kabiKeaFjvC4tQwkJpyFqCdwAUC27c-RH8eXu9NEYWQQS-WGp4enxyCWW-pHgIINjdmVrvvlbVTYz0IGdRVg6eM9Unii5A392vsIVX9bg6XN8l8gwJH1bDs2W5hJiJyqnBT-oK-oVNAebU4SkXH_0tt7TZGBmJkcgcF3rfWafPrNWHrOjILiJIkNFro_u0cxybbXfqBR8XeI7jSRhLne3j_2B_MXhrrEEsLxNfF8fAYkt8aXcpZchqU91s9B11WUvYH7eCINllXFOtSXjsbQqyjouJzjUmAmrTsfNHcU3vXLERrAR21e9f9GBvWpsZPlftJExD2syUGSFh2lIh_9JWCFGyBfEyEOKhzqpAgV0aRgB-rc40gDCeic_D7TrbMmLyGLNLYGIlmhJSU42CZczA0JudwS34gyGLSMHPgxLwE704sSUW8itrhblPXbygrAbsU0AWRXiKcq5Z_-jdf2jmCc04_KqG77HV_brsno62QtU8xx1I3ZPuPVk0H_uUNpfbVlUwziv-AC3bImSKoI_rhbkcT3TZ10RGkxPm79m-q90PamiSaoxQuV5wmlhzOqN4op_mniiw9s5ZVERhITEeorvZkNpAA4MBHuth1LJgrs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:04:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BAD6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWmVUu7pQQB-0XnpNU5vBO5-yAcovqq6gQMhXFnoStotCt3xeLbJ0pZUilejxhuppZDFOOrXd2-4s8RacvbS0wG8Bp1JPgZ1GaJMvCLdRN28PK-ddV6JmOGVW2RaWIQ_ZgAurFCb2QQMpzNJf13Rg0AiV0IR_Vcy7pg2kObxf5&sig=Cg0ArKJSzNSGmdh-qBUzEAE&id=lidar2&mcvt=1000&p=204,395,804,555&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3180670870&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644429862993&rpt=192&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://galasoft.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:04:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone function| XRegExp object| SyntaxHighlighter function| _dmBootstrap function| _dmFollowup object| googletag boolean| SendDmAdUid boolean| SendSearchTermsToServer string| CodeProjectPublisherId boolean| EnableMutableAds boolean| EnableViewOnScroll string| adServer string| SearchTermUrl string| AdClickUrl string| DownvoteUrl string| UndoDownvoteUrl string| ReportAdUrl string| GlobalIdUrl string| CloseAdImageUrl string| UndoCloseAdImageUrl string| DmLogoImageUrl object| PIIViolatingUrls object| DMAdXHelper object| DMUserIdentityHelper object| DMAds object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.www.galasoft.ch/ Name: ARRAffinity
Value: 794d2e29b216a38426e6c6e3e51535ed1e4150c79377b11d366a1dca183f4849
.galasoft.ch/ Name: ARRAffinity
Value: 794d2e29b216a38426e6c6e3e51535ed1e4150c79377b11d366a1dca183f4849
.galasoft.ch/ Name: ARRAffinitySameSite
Value: 794d2e29b216a38426e6c6e3e51535ed1e4150c79377b11d366a1dca183f4849
.galasoft.ch/ Name: __gads
Value: ID=706a09e9647e6cc1-22af12703acd00aa:T=1644429862:S=ALNI_MawGWfo3_mfnOCwW-oPTPicMU_lSw
.doubleclick.net/ Name: IDE
Value: AHWqTUlU-A7FfISlHMyAUmXm8USPHXJTuqiQGS2eYvgWv8F7-glj64dS6yFaywydu5s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e47248e462a5b8dd1fa064911f30742.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
apps.developermedia.com
cdn1.developermedia.com
galasoft.ch
googleads4.g.doubleclick.net
i.imgur.com
imgur.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.galasoft.ch
www.google.com
www.googletagservices.com
142.250.185.194
142.250.186.162
151.101.12.193
199.232.192.193
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
52.174.235.29
76.74.234.208
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
09ec95bdec55aa3bed40b174a3a7c28be9ac376f41f88485549c2ec9760a0395
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14aa4d42029cef3544856b9779a1436f3ef1c9b3b40db8c7bf809e8b161a0f28
193a9986bfa984d4e05d3fb73178ae4d98821bb87ea46e3e33fff436088b9b76
1bfa4f9c5c33be03258c362ccd5ba0982135bf37f62046d0a5e65b0e8eb54241
23cc012647ba52fcd608113fccf328e42061421ae723cfa607e0b89a96ff3c5f
27d91bf12ed58f45909e9377f210972f0178aa9bad74e084fe3416608eba00b9
2c0bbebd8b530fc02a6482279e2190e080d2306ece2ab3bd2b9b783682e5363b
3614d348d7184c23b569bfa7faca484b9da3e6f7f55b39ed9e46745b23598c16
389b0f79294835e272cce417a53bed0fd70c807ab82b8617239d1f8c0d31bd07
3d49f5c26d28783d1b672d1c61fa620723444e47de82ada528a172bc2b0a1691
49d2fcc3b11e4b0b87d9d3e79c1fd78cf920f35fe29657daa97eddce3afec1da
4a69f639a23ced1fea55a1babd58dcbc90e786aaa6a81a84a32d6a9c28cbe3e2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54b976840b7d5ee62fd4f1e0dd2a177a332f2842f99455400289557a4e85f45a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a078836bb41c26ffa505627c4ee1859c39778e3cdd5ed5d7d81ad047922c6b1
5ea63677c0a6fb2416c7491ca64d7e92ffd741de9e4056a5b00fe8e53e7cb926
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6dbf4654879f75b7ad27e267f7d2eded08373ad9399fda728d068d791d543adc
7b039cbb8cf1072012e142ab5eebaa25965fa2d4c46550ffe74bfefd5df3bf58
7bfa30c03f54b37ef65cc4bffc9e7132a0b8e1fb7372cb1a37c4cb1750304bd7
82d27ea5d429114f5f3cc9a37e41b32cd1a50573fb547f1c5f93267d6d394c78
872ead08ec3cccc424b2877e5004974dd2561be7e05f972c81c26deef875c336
88c15f6c118fa3e25687f6d3315e7ebc1346b48b55443f3eba9ec2ceb96d911a
8c9a3f6cb23db666a4dd6a50378bd86ef07d055caeb0d1068c761869675dc0ca
8e3f2accb9d3fae77940287661f833aa76ed87f61e285d40bb9cd515f1b35783
929c903174e996005b91087025e8ed45e776f017742a10f873ab36035fc1b1d1
93cc64a5d9d9d177b8f0a20709dde88c1834837f4874479f4c1c57fa2da025da
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
ad3b8ad629dfa55519a87d83749ab11a88334ed85fc117474c51070e625004c9
b58d4522947809ad4536ce04640877ee2d5c999f49a3c77d9549ea6a380cbbd0
be5ba03ef5581f2a3018d20437d2443cbb1663276907fb2c7538a0734084f235
cb8efda14783f4d733266bd5e188e6664127aba26bcf892ff79a59040df79ca7
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
d65918c3c3adb72d7c72492ed9f91ed704612f46282de25da12816fe069bb59b
dac40bfa1b053b284d8fe9c1b5e89aa7eff2510c755c15a0fad7ac9ce18747df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e681d66f2bb8fc8b501b3b02f52744271f8e4936c4ebe1b81fac9cddafcc2485
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ed7fc3db22bb5c5da56afdb99fa34ce4b9ad255fabbccab5dd155b3a85fcbc
f89807343cf609f6240174c531bb4c35fb4fc45cc9b1cf630b3935ac4f1faa48
f8bcdccb04fe84f378924da66af8589ac8bf685fa4fc7fefecebe35ad19f951a
ff3617a12d1691296933ec180d886baeb9d7a073a1e3782c9456d23428bfec45