Submitted URL: http://nirsoft.net/
Effective URL: https://www.nirsoft.net/
Submission: On October 19 via manual from GB — Scanned from GB

Summary

This website contacted 24 IPs in 4 countries across 15 domains to perform 84 HTTP transactions. The main IP is 138.128.181.29, located in Ocoee, United States and belongs to DIMENOC, US. The main domain is www.nirsoft.net. The Cisco Umbrella rank of the primary domain is 498323.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 25th 2023. Valid for: 3 months.
This is the only time www.nirsoft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 138.128.181.29 33182 (DIMENOC)
1 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
1 23.212.201.72 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.246.213.214 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.226 15169 (GOOGLE)
2 4 104.18.26.193 13335 (CLOUDFLAR...)
2 3 37.252.172.123 29990 (ASN-APPNEX)
1 74.125.206.157 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
6 2600:1f13:800... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
84 24
Apex Domain
Subdomains
Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
402 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
bid.g.doubleclick.net — Cisco Umbrella Rank: 1020
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
105 KB
10 google.com
cse.google.com — Cisco Umbrella Rank: 3340
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 474
174 KB
10 nirsoft.net
nirsoft.net — Cisco Umbrella Rank: 448922
www.nirsoft.net — Cisco Umbrella Rank: 498323
21 KB
9 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
174 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
2 KB
3 gstatic.com
www.gstatic.com
23 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
118 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
60 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
601 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
245 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3381
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
80 KB
84 15
Domain Requested by
20 pagead2.googlesyndication.com www.nirsoft.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
fw.adsafeprotected.com
www.googletagservices.com
11 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.nirsoft.net
9 www.nirsoft.net www.nirsoft.net
7 www.google.com 1 redirects cse.google.com
www.google.com
www.nirsoft.net
tpc.googlesyndication.com
6 dt.adsafeprotected.com googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net fw.adsafeprotected.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 cse.google.com www.nirsoft.net
www.google.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 static.adsafeprotected.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net googleads.g.doubleclick.net
1 clients1.google.com www.nirsoft.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 s7.addthis.com www.nirsoft.net
1 www.googletagmanager.com www.nirsoft.net
1 nirsoft.net 1 redirects
84 24

This site contains links to these domains. Also see Links.

Domain
blog.nirsoft.net
launcher.nirsoft.net
feeds.feedburner.com
usbspeed.nirsoft.net
www.win7dll.info
Subject Issuer Validity Valid
nirsoft.net
cPanel, Inc. Certification Authority
2023-08-25 -
2023-11-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.nirsoft.net/
Frame ID: 43CB938E04935B85DC1DA025F3115BDE
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 72B2EFEA06C4A0F90A2072EC944983A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Frame ID: C4F41A946EEC8FFE2AAA9CC83206F102
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1697706358&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nirsoft.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957337&bpp=5&bdt=564&idt=1532&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=6209365162741&frm=20&pv=1&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1540
Frame ID: 7D98C206AF368F7319F09C49513171D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQY0vue-gEwAQ&v=APEucNULmlsKaffMysPSLzoXiw09kzGkjAxsAI6Fcbrto0FGHeHKIbrAP3iZyXRu2VNYdmebQMj5doCAnLcvAdoOS38TSsF6_LAv2bgIarnWto7KOjuGQWfoRQq8GVBe0fyWyQER02LNmv2pMNzlmgbKuRCIhN7C2k1JqMA3IsGb9fc-r0-6250
Frame ID: 0EF0F2C2135285F03E1D9F6323BB6C7E
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5F74C4C8D3ACE890C73BFD96F7735F16
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B15D4C7DB885C7BFC9375C7E85ED58E0
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7112C76B18C6FFFB44906D4A90C77AD0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77CD513EC1A24BFFBA69FA88F7F92A5D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: BB81E8FE933DF0A843CE4FDC8BABA058
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37336D4670A17C7E18BFE82BEBE7B7E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1CA8C2287393FABA10928950FAC0B40A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

NirSoft - freeware utilities: password recovery, system utilities, desktop utilitiessearch

Page URL History Show full URLs

  1. http://nirsoft.net/ HTTP 301
    https://www.nirsoft.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

84
Requests

94 %
HTTPS

65 %
IPv6

15
Domains

24
Subdomains

24
IPs

4
Countries

1158 kB
Transfer

3042 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nirsoft.net/ HTTP 301
    https://www.nirsoft.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
Request Chain 37
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTD-iOe9fBxZnAGw0JPGWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENm9WWm0cFCb7NU14T78-zo&google_cver=1
Request Chain 39
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0ODM4MjcwNzEyODE4NDM2MA%3D%3D
Request Chain 42
  • https://fw.adsafeprotected.com/rfw/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014440192&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20647159193&bidurl=https://www.nirsoft.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i-4e3jYwHcQr8Q_RFYlbsq&adsafe_url=https%3A%2F%2Fwww.nirsoft.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nirsoft.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5286073190998405%26output%3Dhtml%26h%3D600%26slotname%3D8544847776%26adk%3D2347419153%26adf%3D3905112207%26pi%3Dt.ma~as.8544847776%26w%3D160%26lmt%3D1697706358%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.nirsoft.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697709957318%26bpp%3D4%26bdt%3D545%26idt%3D1530%26shv%3Dr20231011%26mjsv%3Dm202310160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6209365162741%26frm%3D20%26pv%3D2%26ga_vid%3D1581670272.1697709957%26ga_sid%3D1697709959%26ga_hid%3D745733990%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D5%26ady%3D613%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C31077328%252C31078020%252C31078830%252C44798934%252C44805112%252C44805534%252C44805680%252C44805918%252C31078297%26oid%3D2%26pvsid%3D371503592579976%26tmod%3D1219092591%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Djmjor1OSlf%26p%3Dhttps%253A%2F%2Fwww.nirsoft.net%26dtd%3D1545&adsafe_type=d&adsafe_jsinfo=,id:3c083683-8d02-2ca1-368d-16ac0faa1d2b,c:rtZvQs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-l4chs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:1acddd80-6e67-11ee-bf08-923d329c03ee,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_xappb=
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.nirsoft.net/
Redirect Chain
  • http://nirsoft.net/
  • https://www.nirsoft.net/
38 KB
7 KB
Document
General
Full URL
https://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
7040861e8d3b047aa24c3de4f1b999b55399f30d6fda4549dc1c7ce44c7d6c69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7304
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Oct 2023 10:05:56 GMT
Keep-Alive
timeout=4, max=50
Server
Apache
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 19 Oct 2023 10:05:55 GMT
Keep-Alive
timeout=4, max=50
Location
https://www.nirsoft.net/
Server
Apache
main.css
www.nirsoft.net/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.nirsoft.net/main.css
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 06:22:16 GMT
Server
Apache
ETag
"126d6c-1c14-59bff7f2a5600-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=49
Content-Length
1568
js
www.googletagmanager.com/gtag/
224 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bd4cc293d3a7fb9f57f384965afceda84c3166736c9f7ae1964f1db0b85603f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 10:05:57 GMT
nirsoft2.gif
www.nirsoft.net/
4 KB
4 KB
Image
General
Full URL
https://www.nirsoft.net/nirsoft2.gif
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Mon, 06 Sep 2004 14:43:52 GMT
Server
Apache
ETag
"126d5f-e6e-3e36ce8cf3a00"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=48
Content-Length
3694
empty729x90.gif
www.nirsoft.net/banners/
1 KB
1 KB
Image
General
Full URL
https://www.nirsoft.net/banners/empty729x90.gif
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
00cf697b03001a7246a8e7e26c626ff8aa3bc125759bc6bb87efafe63a4cfc24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Mon, 08 Feb 2010 10:45:39 GMT
Server
Apache
ETag
"143fc3-4cc-47f1480833ac0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=47
Content-Length
1228
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da2ee12d083128f020ddda69259b2505860d833d66beb16d742895829d386504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51258
x-xss-protection
0
server
cafe
etag
18004595223502438039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 10:05:57 GMT
addthis_widget.js
s7.addthis.com/js/250/
0
0
Script
General
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.201.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

feed.png
www.nirsoft.net/
1 KB
2 KB
Image
General
Full URL
https://www.nirsoft.net/feed.png
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Tue, 30 Sep 2008 06:39:51 GMT
Server
Apache
ETag
"126d62-5a1-45817402c9bc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
1441
cse.js
cse.google.com/
6 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
0ff854220ca35b42182833e7c8b42f201589a3204f407692cd471ea11dff86c4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-RWauF4EUe4r6bOlZRQ7G7w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-RWauF4EUe4r6bOlZRQ7G7w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Thu, 19 Oct 2023 10:05:57 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2447
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Thu, 19 Oct 2023 10:05:57 GMT
menubg.png
www.nirsoft.net/
448 B
723 B
Image
General
Full URL
https://www.nirsoft.net/menubg.png
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Sun, 12 Jan 2020 19:55:26 GMT
Server
Apache
ETag
"1200ca-1c0-59bf6bd6f4780"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
448
menutomain.gif
www.nirsoft.net/
805 B
1 KB
Image
General
Full URL
https://www.nirsoft.net/menutomain.gif
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Sat, 21 Apr 2007 15:17:30 GMT
Server
Apache
ETag
"126d84-325-42ea0ef395680"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=46
Content-Length
805
toptomain.gif
www.nirsoft.net/
805 B
1 KB
Image
General
Full URL
https://www.nirsoft.net/toptomain.gif
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Sat, 21 Apr 2007 15:31:48 GMT
Server
Apache
ETag
"12332e-325-42ea1225d6100"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
805
whatnewbg.gif
www.nirsoft.net/
1 KB
1 KB
Image
General
Full URL
https://www.nirsoft.net/whatnewbg.gif
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.128.181.29 Ocoee, United States, ASN33182 (DIMENOC, US),
Reverse DNS
138-128-181-29.static.hostdime.com
Software
Apache /
Resource Hash
7aea3fb8ef09574f7103909575d48e51b2a930c6b3f9297d3b4d54e7e239fee0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 10:05:57 GMT
Last-Modified
Sat, 21 Apr 2007 20:41:58 GMT
Server
Apache
ETag
"123acb-473-42ea5779b7180"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=50
Content-Length
1139
collect
region1.google-analytics.com/g/
0
245 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P2Q08WF7BK&gtm=45je3ai0&_p=745733990&cid=1581670272.1697709957&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697709957&sct=1&seg=0&dl=https%3A%2F%2Fwww.nirsoft.net%2F&dt=NirSoft%20-%20freeware%20utilities%3A%20password%20recovery%2C%20system%20utilities%2C%20desktop%20utilities&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:05:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nirsoft.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cse_element__en.js
www.google.com/cse/static/element/e992cd4de3c7044f/
309 KB
103 KB
Script
General
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105313
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 19 Oct 2023 10:05:58 GMT
default+en.css
www.google.com/cse/static/element/e992cd4de3c7044f/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 19 Oct 2023 10:05:58 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 19 Oct 2023 10:06:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/
394 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da4b4d0a3e3ee94bd15efa308dd0560aac2fe300622cd79e008e1922bd828ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137114
x-xss-protection
0
server
cafe
etag
4731182147483322108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 10:05:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 72B2
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nirsoft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
76183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Wed, 01 Nov 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
389 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nirsoft.net&callback=_gfp_s_&client=ca-pub-5286073190998405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8408b4ed6c63c7bbd982bdfd22aeeb7be76b5482dc940e316c14b8b5bcfd3836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C4F4
32 KB
13 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
405a69db39bcef2539c7f1e9a1867d738883a5063b16d016b620a158b5b0466e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nirsoft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12616
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:06:00 GMT
expires
Thu, 19 Oct 2023 10:06:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D98
153 KB
46 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&adk=1812271804&adf=3025194257&lmt=1697706358&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nirsoft.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957337&bpp=5&bdt=564&idt=1532&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=6209365162741&frm=20&pv=1&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1540
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f33522d012103c5b3ef56cb064fcb5ec2c37df5cf0175bc14d936bc1250c4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nirsoft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46514
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:06:00 GMT
expires
Thu, 19 Oct 2023 10:06:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async-ads.js
cse.google.com/adsense/search/
144 KB
53 KB
Script
General
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
830179b0aa3829a00191b4580a21eac232a09e77d715c919ea7ca0ce0031fc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"14775677045273887321"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Thu, 19 Oct 2023 10:05:58 GMT
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:04:55 GMT
x-content-type-options
nosniff
age
511263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 12 Oct 2024 12:04:55 GMT
branding.png
www.google.com/cse/static/images/1x/en/
1 KB
1 KB
Image
General
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:42:59 GMT
x-content-type-options
nosniff
age
580979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 11 Oct 2024 16:42:59 GMT
generate_204
clients1.google.com/
0
117 B
Image
General
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:05:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F4
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRQ_QGFGrrqsYXyQHLzSpfrlf1CmFT5HZoZo6W1BkQRZ3dgM4fBeg5uWPepq0-LDxrFLc61S88K06GYgR5jLzSNP1tPPAsM6DVU60U5FQ2ZETRxLg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F4
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9319171725588049042&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C4F4
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 10:06:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1712960/75657828/xbbe/creative/ Frame C4F4
257 KB
78 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014440192&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20647159193&bidurl=https://www.nirsoft.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i-4e3jYwHcQr8Q_RFYlbsq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.213.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-213-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
34b670db4106be9a53b7d9ae64ac80563cf218c48b0d38fead2872bb8747ed81

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C4F4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 09:20:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C4F4
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
41443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4F4
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 10:06:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0EF0
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQY0vue-gEwAQ&v=APEucNULmlsKaffMysPSLzoXiw09kzGkjAxsAI6Fcbrto0FGHeHKIbrAP3iZyXRu2VNYdmebQMj5doCAnLcvAdoOS38TSsF6_LAv2bgIarnWto7KOjuGQWfoRQq8GVBe0fyWyQER02LNmv2pMNzlmgbKuRCIhN7C2k1JqMA3IsGb9fc-r0-6250
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:06:00 GMT
expires
Thu, 19 Oct 2023 10:06:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F4
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2519072073308&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F4
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2519072073308&version=m202309260101&ct=76&x=1&cor=9319171725588050000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C4F4
16 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6DjOYD9eo4EA43rjOjUX1AK5PeRStBkGFj5XWBM6GZyxpSIZCGjucfQZwhnzySwd_C-27FnS8alCjn2Z5r48ntbma-FeEQGJx6ASMP-4PuE52I5DdYWn9eO5Mb0pnV6mTan3bUVLZJdIU_P_74ssOQoHKgH8bXwbeltG9QR-d5Fq_gOI&cry=1&dbm_d=AKAmf-CnS7pOaf8-M_zP-hhUPl08HxkkfRMeAb38a1curzqo0GIdqGeqPdT1hmeFYK_6PLkrHXjWk_YJ8KRTNU5SXun5KglNHKsCGo1oJhBn3TiYS555u1w-oXwFOb5_1ZUK0D5FYdg8K38f3AwCKAnDJk39KhA3169PcHLXeYieurSSBsJF0T2QCpYlma_y0dpNW0X3kpjPd2uYbx1NusHSVoBLqCMT0kLySXz_5j-6CuoNgxW_Nc9AT3qNSlLFGc90c_61Mhl9ro7kW6cnanMgD0S8za1A0gxAf77TVn4viuHp4H1GXTjz-cLF7bK_dPjWQRj2_aV7SIoMkkjQMx-NBKbq9tjs6uQkrB0MQ-Eik3SHvr-JH7yiKcrBBsZ1cv-G1tdrMj2inL8kffegI3GZQu5Ic_7nXrhcg0nFdE2JDf7LBUr09sD16T_ut2kEkncYyAshutDoIHP5Yj2ClZHZY8AJmavPy3N3D3_EulnBWovRJt3D-V6rnLDzTzVuiYM7-y8f4Gc1AB2C5ww6a6Td0ZMcp6J23bywSR0Qgfw39Vcd8h1b3DLn2MgzIGy3gmvsOOGtWqLb1YkWAsfDcNnmp0CGwnzEtMOlQr0pr8WhZgbeg9AbtIkSuYAMK9fFZWijLTbFk6140k_bQGbRPaBtgouGgnMCFlZ8B5w-WHSAxMeHkjoCC20PLCdXxOZB7JZa7UonvFaBYJNWqkiBG3GrOwL-FfXqHMPaAl2LyRsvauA2v6qMUGgnobsY7JnJ9BaJRMs5APnSucJgkCsCIMb1-KTaJtT5Hgbtts_sRZz6fHPaVqt18yuwC2sQS8pwAPMdXLanMKXlEd4Ft8K2ksmjjjI1IqqgOqfGO5fi4ucPqGQ4myHCGRObLW8l983a5Kk5GDjAMYg5iQ4ZtdIkK75b7c752d77rFobGvHzpxXZ2-VWpnH-9x5YTElC5tChVpMVdsDAuov5vlno9zBVTL0Y1gl_jDcJ3rSAS3CXxAMSqoM8DqXPdA4xD7npQ5nC-yhahbDqvm_SC7A7iGKsi2z9fFq6P8I_NK_er7fWnmndcgvmPVDaFoLgDdYvtzfrGImtl2gT5fbtwS6PyWztapbszGNvgdPD8iwsoBSs1l8OcWSGzQFJBQrtgolrMtPT6c3SpEvJongvXSEQnIrk1cF620gpalBiIixGUSsrbD641xnvEvDJIXOjYiT6MamWYxXQjr-r8oc-UY5iD6Q-O3R0JK-KLt7pSbgO_ICpW93AxP1L_CF46MoP9QgJsgDH7ffb2kqYAPg_hJKw_ESodlSCRacU1yY2wXL-goORykKXa6BLyc7f6WDAmDHZD-jyF8jlolE6u-EO495Ja9zaYY2GNoy2PjkiOGw-rJbw8YmbL3Wn5RjUeKlygWfLkFyS2bl75U08FzR91grz2zzV0RNyH5gUIySNJ7csiADgmbEuvhQAomxAuNoX-WNtC8brqI0rQpHo4fpaVe6rIb17fl5AF_3KhYjn96oI8ivNo_y_jQac0Ik4MVvUn_rBeYzJx4amYDTopvHHJtiXzTwH8NMOOTnPPJTuEEbjgndFDfk9CV9kdQasmm7eat5TOsuP5_ftY_-FKvLMarHwaFytvPGzYZ5GaJa9mnDXJUIvRYvpqqnU93Shm86GhyTxiofYw_GDXNzl1Jl9Nd9Q6PMbAjn9T2Fr288OfMBiinIODqv11HjydK1RbOLwZhmGIr3lJ1w5c_7WeiBy7A-APTy3a_4vOvhgkb38HVaA4E-Bs2L4ZQS9Y_PShFmpMBP2hhR6Y-xU_uxGVl3V12-t1l8uGuLxhep3Hc7iz5AZ6IfsmrHSZq3sIU_kM8uzJP_PAUmRqwPS_igKHVpNTXHO2CAvXobFqPUZEr5ZiHHUeO_PUr6IZKD6e7q0w-Ai2QOw1RwFLctmzEpMlTrWdBMrimTIIm4mOms583TfIWiRdVLkgaLvq8sv5JB3cvQpFjy4K6OeDiwh-WZ8jNEe-SBZ2nosAguGovHnjdwtLnF_QaDbIcLFk111EK50ip_IlLNB6cUCnqEDw7Qmd9GkRnZokvW9jT_tATlKVCYW-Y1oYZASm7hWX48HHC4-2P1mukwiU8z4ybz41_B9NWCgYMQwDgv-6dfun8OuZ9xLY4KmDPeJe9Zh88hbMfvPchmOANSIQFDFWL7_g8mJK-k-6sgNYswdVRqHMON_KX6IgG25EKve-NTmbQKfue1xFWob6YcuYI06jO2rzhuVTVzR2d1q4ceavmY-VhCm4WPOaiAIj1Y0YwyRQBc5Rs2k6LyJTxWUgwFJSNuSTGBCkbjx0lKg62vcUCU8VW0GmPEkX5kYBTdC04cJpg9JUY2nM9CRMrPY0VEo8H1RSu9ggxHYFpm3Vf9awzAr2ejhOcxLrdeHiP1aaXHMIYu9OkDpHtEdhzdgXlTc5eWVb2-LomejGRvdNwo-TupW8wGId6-bmmGW5oLMWu13i1ACmfccaWVjN4GzPTjPzDd9SgrHnIf6IB5dASIpn_TcdaoOSeTWnUAa1MYmCAMZ0PxfTDIan7QeLISBEnW0BhHWQM6BHl9Ma9YQFelzPyxi8D2JuEgEWrLRDH_pZJDWY7K1-g0qQmOrPvJXuUYrgETMEBAhmJLJZ1IvAUSGwhvl0-yyHvtxGKo5q5QjZwPXisYsjGTabtZXloNjOs0gqjZKRqo82dx7pm1FcXGwS-R611ExpUWyXev19hKNGWo2j68S9g7nAkPkX0odu7-qsfaa_TWUw-pb7HzQa0LPmjhKzX10T74QlYZ9DwEx4SyEGDc-2pXWU6ZbSRqciN3rgtoQ90YBYvC8rSt2I1ZE_reDdFB9bMEYwiO3Ba9lUVCQ27Vqn_qkVnMj1OiXwD19k7zIZ2NZpDjNfA_Pejy46gWJre7-fNAFrjBMCsjpPpSqt8Ji_ELjFkEDZdqbdr9HF6yWjYlDsX2UZdYCIV01ruc3wtWKrLgQU2eizm4xggbOWNordHg9rSJf67b4r62LIOycX8BBC-qfi6ZA33yqdAKTgWQFbKMc5OY4IiddNF4CqlsGIXt3CIYgks8r9s2JOhTRMiVBCrO4&cid=CAQSTADICaaNIG-yzcRtoplxau4ZqN3OaIuMgLiC9WiO-l3YYb_45wa4TwwsnNZKukfr6HWO105GO6-to63vsMIYm0ZkpgE1fPSdUHxji6EYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.nirsoft.net%2F&ds=l&xdt=1&iif=1&cor=9319171725588050000&adk=356101037&idt=273&cac=0&dtd=28
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c27a03bfd6c83b4fe5aefbc0da6aa48612b8fb412ed54d0587d0eb980b00337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12377
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0EF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
43 B
341 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQY0vue-gEwAQ&v=APEucNULmlsKaffMysPSLzoXiw09kzGkjAxsAI6Fcbrto0FGHeHKIbrAP3iZyXRu2VNYdmebQMj5doCAnLcvAdoOS38TSsF6_LAv2bgIarnWto7KOjuGQWfoRQq8GVBe0fyWyQER02LNmv2pMNzlmgbKuRCIhN7C2k1JqMA3IsGb9fc-r0-6250
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9KAnOWMmTxJMjJIBwBwClbQJDeEiOyVtUcQfozNE762wGerLukb%2FbTeTNNBNqhjCKWuKdZEMoZZwEEHnlI%2Flkj4u9r6%2FSwEJ2miSn07KT7ZRsrBOEGBHobkJwhROt%2Bdxwjji0azSrrmgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818834b70bdf654f-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0EF0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTD-iOe9fBxZnAGw0JPGWgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQY0vue-gEwAQ&v=APEucNULmlsKaffMysPSLzoXiw09kzGkjAxsAI6Fcbrto0FGHeHKIbrAP3iZyXRu2VNYdmebQMj5doCAnLcvAdoOS38TSsF6_LAv2bgIarnWto7KOjuGQWfoRQq8GVBe0fyWyQER02LNmv2pMNzlmgbKuRCIhN7C2k1JqMA3IsGb9fc-r0-6250
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdFU5IVsBAf2FFWhuNldZdsg1CUxUJJehlLfZYoKwU3j%2FrdKVfPa67299liEAJlLlqyAuQtN2wdPYRyXu4R4uedigcPTDH20Z5fYGfFzLLvNRREhEzm03JTrrlx%2FW8p1npPlMNBpthUO0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818834b75a456322-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEN81-g6ytz9ouE76DEsZIU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0EF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENm9WWm0cFCb7NU14T78-zo&google_cver=1
43 B
835 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENm9WWm0cFCb7NU14T78-zo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQY0vue-gEwAQ&v=APEucNULmlsKaffMysPSLzoXiw09kzGkjAxsAI6Fcbrto0FGHeHKIbrAP3iZyXRu2VNYdmebQMj5doCAnLcvAdoOS38TSsF6_LAv2bgIarnWto7KOjuGQWfoRQq8GVBe0fyWyQER02LNmv2pMNzlmgbKuRCIhN7C2k1JqMA3IsGb9fc-r0-6250
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
an-x-request-uuid
3e42bb3f-bf9d-4eba-9401-b2f10e030c96
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
194.74.212.77; 194.74.212.77; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENm9WWm0cFCb7NU14T78-zo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0EF0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0ODM4MjcwNzEyODE4NDM2MA%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0ODM4MjcwNzEyODE4NDM2MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQgL6YlQQY0vue-gEwAQ&v=APEucNULmlsKaffMysPSLzoXiw09kzGkjAxsAI6Fcbrto0FGHeHKIbrAP3iZyXRu2VNYdmebQMj5doCAnLcvAdoOS38TSsF6_LAv2bgIarnWto7KOjuGQWfoRQq8GVBe0fyWyQER02LNmv2pMNzlmgbKuRCIhN7C2k1JqMA3IsGb9fc-r0-6250
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
an-x-request-uuid
3293f925-859b-4904-a28a-288f2206f789
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0ODM4MjcwNzEyODE4NDM2MA%3D%3D
x-proxy-origin
194.74.212.77; 194.74.212.77; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/
158 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45bfcd7b2229034e4d85607d008b72ce1c3eccdad115bd699e0c3688bf5783f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55136
x-xss-protection
0
server
cafe
etag
15236860413974541879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 10:06:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C4F4
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6DjOYD9eo4EA43rjOjUX1AK5PeRStBkGFj5XWBM6GZyxpSIZCGjucfQZwhnzySwd_C-27FnS8alCjn2Z5r48ntbma-FeEQGJx6ASMP-4PuE52I5DdYWn9eO5Mb0pnV6mTan3bUVLZJdIU_P_74ssOQoHKgH8bXwbeltG9QR-d5Fq_gOI&cry=1&dbm_d=AKAmf-CnS7pOaf8-M_zP-hhUPl08HxkkfRMeAb38a1curzqo0GIdqGeqPdT1hmeFYK_6PLkrHXjWk_YJ8KRTNU5SXun5KglNHKsCGo1oJhBn3TiYS555u1w-oXwFOb5_1ZUK0D5FYdg8K38f3AwCKAnDJk39KhA3169PcHLXeYieurSSBsJF0T2QCpYlma_y0dpNW0X3kpjPd2uYbx1NusHSVoBLqCMT0kLySXz_5j-6CuoNgxW_Nc9AT3qNSlLFGc90c_61Mhl9ro7kW6cnanMgD0S8za1A0gxAf77TVn4viuHp4H1GXTjz-cLF7bK_dPjWQRj2_aV7SIoMkkjQMx-NBKbq9tjs6uQkrB0MQ-Eik3SHvr-JH7yiKcrBBsZ1cv-G1tdrMj2inL8kffegI3GZQu5Ic_7nXrhcg0nFdE2JDf7LBUr09sD16T_ut2kEkncYyAshutDoIHP5Yj2ClZHZY8AJmavPy3N3D3_EulnBWovRJt3D-V6rnLDzTzVuiYM7-y8f4Gc1AB2C5ww6a6Td0ZMcp6J23bywSR0Qgfw39Vcd8h1b3DLn2MgzIGy3gmvsOOGtWqLb1YkWAsfDcNnmp0CGwnzEtMOlQr0pr8WhZgbeg9AbtIkSuYAMK9fFZWijLTbFk6140k_bQGbRPaBtgouGgnMCFlZ8B5w-WHSAxMeHkjoCC20PLCdXxOZB7JZa7UonvFaBYJNWqkiBG3GrOwL-FfXqHMPaAl2LyRsvauA2v6qMUGgnobsY7JnJ9BaJRMs5APnSucJgkCsCIMb1-KTaJtT5Hgbtts_sRZz6fHPaVqt18yuwC2sQS8pwAPMdXLanMKXlEd4Ft8K2ksmjjjI1IqqgOqfGO5fi4ucPqGQ4myHCGRObLW8l983a5Kk5GDjAMYg5iQ4ZtdIkK75b7c752d77rFobGvHzpxXZ2-VWpnH-9x5YTElC5tChVpMVdsDAuov5vlno9zBVTL0Y1gl_jDcJ3rSAS3CXxAMSqoM8DqXPdA4xD7npQ5nC-yhahbDqvm_SC7A7iGKsi2z9fFq6P8I_NK_er7fWnmndcgvmPVDaFoLgDdYvtzfrGImtl2gT5fbtwS6PyWztapbszGNvgdPD8iwsoBSs1l8OcWSGzQFJBQrtgolrMtPT6c3SpEvJongvXSEQnIrk1cF620gpalBiIixGUSsrbD641xnvEvDJIXOjYiT6MamWYxXQjr-r8oc-UY5iD6Q-O3R0JK-KLt7pSbgO_ICpW93AxP1L_CF46MoP9QgJsgDH7ffb2kqYAPg_hJKw_ESodlSCRacU1yY2wXL-goORykKXa6BLyc7f6WDAmDHZD-jyF8jlolE6u-EO495Ja9zaYY2GNoy2PjkiOGw-rJbw8YmbL3Wn5RjUeKlygWfLkFyS2bl75U08FzR91grz2zzV0RNyH5gUIySNJ7csiADgmbEuvhQAomxAuNoX-WNtC8brqI0rQpHo4fpaVe6rIb17fl5AF_3KhYjn96oI8ivNo_y_jQac0Ik4MVvUn_rBeYzJx4amYDTopvHHJtiXzTwH8NMOOTnPPJTuEEbjgndFDfk9CV9kdQasmm7eat5TOsuP5_ftY_-FKvLMarHwaFytvPGzYZ5GaJa9mnDXJUIvRYvpqqnU93Shm86GhyTxiofYw_GDXNzl1Jl9Nd9Q6PMbAjn9T2Fr288OfMBiinIODqv11HjydK1RbOLwZhmGIr3lJ1w5c_7WeiBy7A-APTy3a_4vOvhgkb38HVaA4E-Bs2L4ZQS9Y_PShFmpMBP2hhR6Y-xU_uxGVl3V12-t1l8uGuLxhep3Hc7iz5AZ6IfsmrHSZq3sIU_kM8uzJP_PAUmRqwPS_igKHVpNTXHO2CAvXobFqPUZEr5ZiHHUeO_PUr6IZKD6e7q0w-Ai2QOw1RwFLctmzEpMlTrWdBMrimTIIm4mOms583TfIWiRdVLkgaLvq8sv5JB3cvQpFjy4K6OeDiwh-WZ8jNEe-SBZ2nosAguGovHnjdwtLnF_QaDbIcLFk111EK50ip_IlLNB6cUCnqEDw7Qmd9GkRnZokvW9jT_tATlKVCYW-Y1oYZASm7hWX48HHC4-2P1mukwiU8z4ybz41_B9NWCgYMQwDgv-6dfun8OuZ9xLY4KmDPeJe9Zh88hbMfvPchmOANSIQFDFWL7_g8mJK-k-6sgNYswdVRqHMON_KX6IgG25EKve-NTmbQKfue1xFWob6YcuYI06jO2rzhuVTVzR2d1q4ceavmY-VhCm4WPOaiAIj1Y0YwyRQBc5Rs2k6LyJTxWUgwFJSNuSTGBCkbjx0lKg62vcUCU8VW0GmPEkX5kYBTdC04cJpg9JUY2nM9CRMrPY0VEo8H1RSu9ggxHYFpm3Vf9awzAr2ejhOcxLrdeHiP1aaXHMIYu9OkDpHtEdhzdgXlTc5eWVb2-LomejGRvdNwo-TupW8wGId6-bmmGW5oLMWu13i1ACmfccaWVjN4GzPTjPzDd9SgrHnIf6IB5dASIpn_TcdaoOSeTWnUAa1MYmCAMZ0PxfTDIan7QeLISBEnW0BhHWQM6BHl9Ma9YQFelzPyxi8D2JuEgEWrLRDH_pZJDWY7K1-g0qQmOrPvJXuUYrgETMEBAhmJLJZ1IvAUSGwhvl0-yyHvtxGKo5q5QjZwPXisYsjGTabtZXloNjOs0gqjZKRqo82dx7pm1FcXGwS-R611ExpUWyXev19hKNGWo2j68S9g7nAkPkX0odu7-qsfaa_TWUw-pb7HzQa0LPmjhKzX10T74QlYZ9DwEx4SyEGDc-2pXWU6ZbSRqciN3rgtoQ90YBYvC8rSt2I1ZE_reDdFB9bMEYwiO3Ba9lUVCQ27Vqn_qkVnMj1OiXwD19k7zIZ2NZpDjNfA_Pejy46gWJre7-fNAFrjBMCsjpPpSqt8Ji_ELjFkEDZdqbdr9HF6yWjYlDsX2UZdYCIV01ruc3wtWKrLgQU2eizm4xggbOWNordHg9rSJf67b4r62LIOycX8BBC-qfi6ZA33yqdAKTgWQFbKMc5OY4IiddNF4CqlsGIXt3CIYgks8r9s2JOhTRMiVBCrO4&cid=CAQSTADICaaNIG-yzcRtoplxau4ZqN3OaIuMgLiC9WiO-l3YYb_45wa4TwwsnNZKukfr6HWO105GO6-to63vsMIYm0ZkpgE1fPSdUHxji6EYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.nirsoft.net%2F&ds=l&xdt=1&iif=1&cor=9319171725588050000&adk=356101037&idt=273&cac=0&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame C4F4
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf...
62 KB
24 KB
Script
General
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_xappb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
cafe /
Resource Hash
a07e16bcf3bb64d14576540deff1e70affc862969ba675951c42695faf3c8c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:00 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_xappb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5F74
91 KB
92 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:19:22 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
16022799
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
FdPbVauJn1HVWI8gypPiHJEoIss11U7wSlrCG8xRe1CLd-sb6TOo5w==
dt
dt.adsafeprotected.com/ Frame C4F4
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=3c083683-8d02-2ca1-368d-16ac0faa1d2b&tv=%7Bc:rtZvR0,pingTime:-3,time:56,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:377f:b368:693b:683d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:01 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C4F4
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=3c083683-8d02-2ca1-368d-16ac0faa1d2b&tv=%7Bc:rtZvR2,pingTime:-6,time:58,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&tpiLookup=ao:www.nirsoft.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:377f:b368:693b:683d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:01 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C4F4
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=3c083683-8d02-2ca1-368d-16ac0faa1d2b&tv=%7Bc:rtZvR6,pingTime:-2,time:62,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1746,beZ:1748,mfA:1750,cmA:1752,inA:1752,inZ:1757,prA:1757,prZ:1762,si:1769,poA:1770,poZ:1799,cmZ:1799,mfZ:1799,loA:1803,loZ:1806,ltA:1808,ltZ:1808%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:62,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:23,sinceFw:37,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:377f:b368:693b:683d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:01 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B15D
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
591388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:49:32 GMT
expires
Fri, 11 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 7112
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nirsoft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
85151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 10:26:49 GMT
etag
2603938475786422795
expires
Wed, 01 Nov 2023 10:26:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame B15D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
43714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 21:57:26 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 7112
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 08:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 08:22:16 GMT
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame 7112
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4599
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:39 GMT
css
fonts.googleapis.com/ Frame 7112
14 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 08:59:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 10:06:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 7112
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
41443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 7112
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 11:38:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
80826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 11:38:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 7112
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 09:20:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 7112
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
41443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7112
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 10:06:00 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 7112
35 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 09:30:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame C4F4
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014440192&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20647159193&bidurl=https://www.nirsoft.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i-4e3jYwHcQr8Q_RFYlbsq&adsafe_url=https%3A%2F%2Fwww.nirsoft.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nirsoft.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5286073190998405%26output%3Dhtml%26h%3D600%26slotname%3D8544847776%26adk%3D2347419153%26adf%3D3905112207%26pi%3Dt.ma~as.8544847776%26w%3D160%26lmt%3D1697706358%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.nirsoft.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697709957318%26bpp%3D4%26bdt%3D545%26idt%3D1530%26shv%3Dr20231011%26mjsv%3Dm202310160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6209365162741%26frm%3D20%26pv%3D2%26ga_vid%3D1581670272.1697709957%26ga_sid%3D1697709959%26ga_hid%3D745733990%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D5%26ady%3D613%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C31077328%252C31078020%252C31078830%252C44798934%252C44805112%252C44805534%252C44805680%252C44805918%252C31078297%26oid%3D2%26pvsid%3D371503592579976%26tmod%3D1219092591%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Djmjor1OSlf%26p%3Dhttps%253A%2F%2Fwww.nirsoft.net%26dtd%3D1545&adsafe_type=d&adsafe_jsinfo=,id:3c083683-8d02-2ca1-368d-16ac0faa1d2b,c:rtZvQs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-l4chs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:1acddd80-6e67-11ee-bf08-923d329c03ee,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c75166534a7cf375f7963558a6a55858688f6c289c9d200706ce1592669ffe3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:16:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
35393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11596
x-xss-protection
0
server
cafe
etag
6499730840814102677
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 00:16:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame C4F4
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014440192&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20647159193&bidurl=https://www.nirsoft.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i-4e3jYwHcQr8Q_RFYlbsq&adsafe_url=https%3A%2F%2Fwww.nirsoft.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nirsoft.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5286073190998405%26output%3Dhtml%26h%3D600%26slotname%3D8544847776%26adk%3D2347419153%26adf%3D3905112207%26pi%3Dt.ma~as.8544847776%26w%3D160%26lmt%3D1697706358%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.nirsoft.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697709957318%26bpp%3D4%26bdt%3D545%26idt%3D1530%26shv%3Dr20231011%26mjsv%3Dm202310160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6209365162741%26frm%3D20%26pv%3D2%26ga_vid%3D1581670272.1697709957%26ga_sid%3D1697709959%26ga_hid%3D745733990%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D5%26ady%3D613%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C31077328%252C31078020%252C31078830%252C44798934%252C44805112%252C44805534%252C44805680%252C44805918%252C31078297%26oid%3D2%26pvsid%3D371503592579976%26tmod%3D1219092591%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Djmjor1OSlf%26p%3Dhttps%253A%2F%2Fwww.nirsoft.net%26dtd%3D1545&adsafe_type=d&adsafe_jsinfo=,id:3c083683-8d02-2ca1-368d-16ac0faa1d2b,c:rtZvQs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-l4chs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:1acddd80-6e67-11ee-bf08-923d329c03ee,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:02:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
39839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 23:02:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C4F4
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvBi2NpeY1USKkfFbKXkXX1V28wF8Yv_VKRn6zwGJSYBpo_o8Mw96xrcDlWq4tYGyzaBFVJfZ0VqbS8I85f3KGXZR4ULFSW6P_nRYmJxMYc0fVBVE5w8Fu564PrXyBh1rVDRMtkA2EQJOX1Rd_ENtmKT6oMgmX4r2flC_QrsQcqroWimDy6l-bUFopcNOyQnSD2Gb8MDaUjH1MBFTIcvw1o&sai=AMfl-YTRZ7YtUc1IRc4_8MafJrNycF34K0PR8Ix3q0D1ubEa0uRSIY89LuPOIWinXX1xVFna0kmJi0gS93BMwXnmNeKK0rXdyUKIK6cRUkYcFNhP2E28NeUqif6DusXNY3F9jHguDFP4nJJVeH-brvV65elDsS50&sig=Cg0ArKJSzDuLfcZaKIvAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231011.35284&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014440192&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20647159193&bidurl=https://www.nirsoft.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i-4e3jYwHcQr8Q_RFYlbsq&adsafe_url=https%3A%2F%2Fwww.nirsoft.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nirsoft.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5286073190998405%26output%3Dhtml%26h%3D600%26slotname%3D8544847776%26adk%3D2347419153%26adf%3D3905112207%26pi%3Dt.ma~as.8544847776%26w%3D160%26lmt%3D1697706358%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.nirsoft.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697709957318%26bpp%3D4%26bdt%3D545%26idt%3D1530%26shv%3Dr20231011%26mjsv%3Dm202310160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6209365162741%26frm%3D20%26pv%3D2%26ga_vid%3D1581670272.1697709957%26ga_sid%3D1697709959%26ga_hid%3D745733990%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D5%26ady%3D613%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C31077328%252C31078020%252C31078830%252C44798934%252C44805112%252C44805534%252C44805680%252C44805918%252C31078297%26oid%3D2%26pvsid%3D371503592579976%26tmod%3D1219092591%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Djmjor1OSlf%26p%3Dhttps%253A%2F%2Fwww.nirsoft.net%26dtd%3D1545&adsafe_type=d&adsafe_jsinfo=,id:3c083683-8d02-2ca1-368d-16ac0faa1d2b,c:rtZvQs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-l4chs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:1acddd80-6e67-11ee-bf08-923d329c03ee,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
16004903402252021426
s0.2mdn.net/simgad/ Frame C4F4
60 KB
60 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/16004903402252021426
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24114cc6d2f6c6d25e3cb26a14e598aa72d6cdceb4a22eca6d6c3822b42fe2ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:26:40 GMT
x-content-type-options
nosniff
age
20361
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61378
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 07:29:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:26:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 77CD
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 09:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C4F4
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6958d4f3a8c4d3a413e0e8b901beafa490b439d4589a001da3f98af0e9862abd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7112
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aab6baaa4cc091f9bc39922538ff1fc1aa5abab52edb3a4b5d9f476d6da6d92

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 7112
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COGV0hv8wZaPmOP-S78EP5OKj8Aru25jHc8u4mrWgDmQQASCLi-QKYLsGoAGN7OTZAsgBAakCmf0SPoRzqD6oAwHIA8sEqgTFAU_QEuYNpCbSxi21_qyE2NUeLKyneMQzh36rQsRbEZ_thqSa83-KxLT0fDeYXNhQAffc6-qagd7FePfkvnu1SAYlWY5fwV7dqMTUaKkR6ZZg-QC5WZvvAqxTe64LImsn-SsQ4A6DEP5AtSdawBBjqdypIUnhSQNmLR8Y6gCXuNf0l_Q6gUPhLqo045YUeMLZtU4Hyll5aYNtaoi3sdjpKyuptnOz82brJ-ZGzyL8a7I3L5vAkHH-4vvV9c6YF4Hnpw5PkyGQwATgwp3M5gOIBZGl3IA0kgUECAQYAZIFBAgFGASAB9uTm6YBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6t8E0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDYgUC9AVAYAXAbIXHAoaCAASFHB1Yi01Mjg2MDczMTkwOTk4NDA1GAA&sigh=uFjhdBzI7v4&uach_m=[UACH]&cid=CAQSTADICaaNN5eE0_keFQYgoUUXK7TzsNL8baoYzXW3XX13oQ1zQzPobMsP7rpAoy72nweZny9nN-ncXhtUYpOyvxJUm8kxviMke2xdsu0YAQ&cbvp=2&vis=1
Requested by
Host: www.nirsoft.net
URL: https://www.nirsoft.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 10:06:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 77CD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:06:01 GMT
expires
Thu, 19 Oct 2023 10:06:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:06:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame BB81
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
43715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 21:57:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B15D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXkFbiP8wZbCGIZeXjuwPzoq6oAQAAAAAOAHgBAI&bg=!NDelN3jNAAZy-tsgUvo7ADQBe5WfOFgIMjlwXOXFlH57sMU3PE0B1D1Hu6AJVX4W5MwjvmdbK0no8232J99VaJ3qQOIWAgAAAShSAAAAKWgBB5kDJFKH3ngKDVDw09JKF1IzjNVxU5BqnHm3_26dgHsLYsWDbd8ASds88CzYP1Vrs1dnnBODCVlx1EFsEUuUFDXcQ7ZNf1hp28-txGvPBX69_AVwwCY8zJV087HVnHXhfoCC6nQ-kTBvY4ibV_VJJLh4_S7wreKr09WVkVPHLdh4AifKCnGNU8yvP38UNebzD-chBo8dr2aNFMZ5LqObGN8h_ebqaMQZLQ_mu93ldcjp4k6ReOg2AbMlGuojAMcSmcyyMJ-o_YoiqfL7a4-G0JKGO2UbETRR0v6ZIg5Cal1_i3o9SauyC5cx_JMw1Har8q2XOykDdlned49KLyMzLJIRf28sOH_6HxxPKeZNZ8wqNZUi5M8t2zm_D-1209MzLcU-9edW9qKe1GL9LWxv97jxRyNTlbWBPB-B22R5eDPq2oUtvOQD2lMtElrgIpEF3UpSdv1TIDWHx5A4arHxCT6eI6pgErYisQhpjNsnDZI_Mb3r0FOleCiPNgIPauQh-mmM47rztDZPZ6so8HZu5ParoP74Xjyo9i6YjnMOjzrOnrjdT1cbAVpND3HzuwmKn2X_aqsGybVu8rpxbFTTsylnhzcI7rKpWS1cYv6FEL_UZE7y5pbi-IJnK4lnC0PgmHlOQ7D42NUSrMAAebV5t5q09u7wj9psDICzoXNo0dXbRbQpmbTiEbLIkXzhb40vkmYM1EqIwP905x_istv2ArTpqJBZvcjMMmXoqP8sbutRB25APNjgRYdJ6t6gEDTC1loOyYVIfoYhvePEbKqtYRzmzFgmcMqzHl12s_Co2HXkS2i0ZRUZHd73CjkV8-CHHukw6r9K-1qcsRFc4vqJDoWpyTut-v_C-UHoTyiXts9Sdt1l8kUp_AdNnvP4i9fr1cNaB5_38nEFNyPiD4dfhLqr7i_6vpmMSeuOhIjQc8QL2HNXpqUi9CQT1mwRenr_ph7LvvcYUyK1M2ijSn8rm-ZPNiAvsRWqWZeWmCFRn26-EWLxmKOBpSOLTbLp-I5yh31mApBtYsM3nmNWZrF4r1Rciq0VDNJ7ngD2H-ZEwAGaUmr_gdAzQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C4F4
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvBi2NpeY1USKkfFbKXkXX1V28wF8Yv_VKRn6zwGJSYBpo_o8Mw96xrcDlWq4tYGyzaBFVJfZ0VqbS8I85f3KGXZR4ULFSW6P_nRYmJxMYc0fVBVE5w8Fu564PrXyBh1rVDRMtkA2EQJOX1Rd_ENtmKT6oMgmX4r2flC_QrsQcqroWimDy6l-bUFopcNOyQnSD2Gb8MDaUjH1MBFTIcvw1o&sai=AMfl-YTRZ7YtUc1IRc4_8MafJrNycF34K0PR8Ix3q0D1ubEa0uRSIY89LuPOIWinXX1xVFna0kmJi0gS93BMwXnmNeKK0rXdyUKIK6cRUkYcFNhP2E28NeUqif6DusXNY3F9jHguDFP4nJJVeH-brvV65elDsS50&sig=Cg0ArKJSzDuLfcZaKIvAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=306&vt=11&dtpt=305&dett=2&cstd=0&cisv=r20231011.35284&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1712960/75657828/xbbe/creative/adj?p=APEucNUySr-ptmum7FUrNTWZ2H8r2hJn2DZA4Jd0Klhc-k-rVeFtYDg&d=CokBAKAmf-BZ27XmU_Ia6Ruuw3FU2KTtGQIALOh4TvAPVRjZQV54IfV1Tryhm9I88x2WI7m8w62CVA6yEhEvLydGf2-BSlE0_ESO6TRk2Ma9HTGWDd01Wm-zNaZp4ZN9j2496mGcYnfjPWxQ3Ru5obbvj_D60gwLlte7RNqsu9eXSvACsI3z9afRvoQSqRQAoCZ_4FJhuXMz8A1AF9BQVAJT8dh9ai9AtUxZ51F0DWweDzr_5RC3DYNmF6skg0j7X5aOz7zuSLRxZdELo2YGSBGfiyrjcXWuTnKOgHGdF0mssaK5MID6J7MH8okO-d0mluCYS5etlJQM1l1SCfgqnbj-UbTK0xlzdImnyL-Hj1kaf56D-SYdtOS-5Z6X3tv2a-lVIPSFh3KE4-cEZWt5cCSKoguvQYBaiY8nByWM3xYA4PukEgVGEz_E5rwGx9c-u1O8E9qGlqcxc_LkPrTORdv-WfI5lR6vgSDbgCzPBuiNE_T3bsabnOfwJyXEDhTjq2KgOu2-3AfEwf7BTMFeg5smb0GteSb3lRiXnuy6ggKOJOzP4KiShcvRmyl1ElGAKfzV1qvnpXmnwNOQcQGf1N12DcnJ32wJLEgKAnv73hZVzIZJHgUPOKR40XWlK2RdQ8Ck4ly6CCQiXeRQJZlIiKEBsUiWVbInhgxlAXPNrc10A2N1Sd6HtvV_PCeNE4sIMogxFAiuPwdDh9vSUGd1UlioPACS5SEiLrKkjoJF17GZ2WrEA2LgfabYyl6ZcSuW4F-t2qWF9e5GQ-c-a_nRTURkm7Hqq1nCsTuSVHe24MH5EhhmAtqNwgYOkaXCEqndj_0rdxNG0d18UxJOLjsNYCndEXLuNnuDes0i_VQy42b8oj-PSKvlL1YHG7BM4LDllPczGfvz5fHFxt7xw4W2mZJU2-EO02Ymc_JSdzej7EH9-xvXv8OpwqmwQ2mmYtC7TwzEh0oVmxH9J9eKlUHgUcmpWDqsQA12mBqZ4GngkQOXIQrsC1MDJl9PokrRRlVQYJ1A5Elf9hSQ8RBicYR8xFEtMf3HULLdwaYQcFmwTITQ0d3GLu5rTWTqWr1XvnyzqWPQNGvTAYfcYYU3zp5REHLGPX0T_uSTKllSLbdmhA425cs6u51VcYdzjDSYALrbvjQI66YMAoqYj0TVnuA_hzUMy-d0HawTvPdPw_rfxYc4I8Cm7Un9kserLEg8NydLRaEoJDMKatHwxciHuwg2F8Moetn2aGnjsMq_O4S5DZz9V22C-Gjqjdw3DaTMjZpcgnVTZZwH0VM4i4KKFiyLvAntnGEEA04frhYbhwQ2O7p7wO3diEEy8htTjcNwNgdb3HMe_R8bjCOScIJbTq1mfbA7k8GWyPp3INMxkZZDV-kyLEV-y5SGkwdLGYWKXilQ4SnYDxgntOse46rpRpls8R8WLZJhidErtaogeASXKBchNq_4Hi9HRhNk2LBzYQU2RC_YM-C_VNL2beo_2HTbIxhtvjDA-cjyvE_xeHM8KMjvkIV6dmQYrDQwelk4E9ynZJYXwSMrxBnQS0LuIvAeCxJh00ZI3Pn3wdwFwBFDoaIRILsk9FuncDyc2oZOnLG1MA96UP6qTkyPUXkv-OOfS2d9xksb55iPyb74Wdw1hzXFOXRU-MAWprfR9VG0XcKJ5KKrdpOd-mbsseNvD7P4FPC7hMGxCLma_0Tyh9KmM8t-BGvoJmogHvVGgDySwCeS3MbDOy7CdvaKcbP5MjLsIuqiNlH73kP3qG3e9kWyEsfmbiOuBL8WkSa84uIZczyl8p42IqZAqmDE28iNBWW8fJsMR57rjIQFBsXGsiV5k6VMrhaBMwP69ZaHv8EiEW_Rus3dzmkanWmV-_cM1UMMMe3U9CRRvbR_Cz6IVcAzI5frfhiKb_-WRxNy-a7WOOqd8ZNsmDzLQnzZSC1I-rJsnHlT5q2yKqo2_PgKJp5CSCOg10KbZC3nA_03ATV4RqzZ1KL55qam6HMpA-Wssz4HwvmOsYBCZ77zDgiJnFb2x5BNCVdcOH0eJkSfiKwhjERvGp8-SaVYCV2FRc9rRwgSus-yG-GSTSIRAXVXWXBbq57Po_StH4enMWDbppzMV87a_JgpqAiI9E0xvKBV9b9YwT8eW_TKJm6LZ3QUcz5dRKmJ82yI0CHoIEg7ym1nu7UrrEH8OYDmWZh3EoUtfKMxrGG9Rqc6fmt9T84G9navwmwF_Cz126DvSU4isXpb4z6xrd775gldN5bl7uWOoV4HzhB81ddI8Hu_NE_V3l2cRts2etm1RxA2bvO1-OIZx_7qW4Z31IrNl40aqc8TJpq0A1lqGHmXmOuoy8jwIwmw3vl9jPFQMtYwKjNji1_S7JzSMXkffNThR48ppZThYCPm3p0BLVycZq-KB4k-MzoPjWxBeAGBnwboPv0YYFe49NuhdUyU9TiYkjxtb_YpHasVYcFEzFHBnShXjbaEijkn_GQdz150XHK1eO1dkDKRpKS9yx6Tjlp5BCBX-PCKg6xTZzMw6j-oWb-7Itl85TJeV9GPStRsRxffp6dXU_IhTZ_I7Apj9Mp0EuQi7awHOHSU3z-zMtpzm4myGu3V4vIu3FKDmYOR7qXUYQ1snoZorgH_o-g87TqahH1fJEkOfSwlyTdH7BaRndv-OXaV7PtbJD95TtD7vv9RsBRMdG63liKXaENPd4tSKnhaMcaq7_IeIoRgoYQTXQ39xw3Q_mU1bB-lyDkI8PGCsNqVzvO6HfmEWFmFF-M0E7FPi1Rm36Ww74WEAXiAiVm4cS2t-PON4mp19ROAvA6eGHieqUX3G3Tr_CEEEdVpVW_is2dN8ZhiqByjiBGShUI9Q66-1JYtqA3EHPpBSpcb0HuhqR8kXBFd2PeR4Yb9L6IWnVvcmWYmIO_NgRkWd6qT4LHeOro-4tDLgsuz_UEHlqRpltDXbJXPhtxpl1iAfTMBmaQ1r5grx0Js2TfEjbWdFJmvzm__9v50_50lclqOxRSX59AOsbibzKFAWH4KNSqGzYmBJpRex4v6jeLwiiChtCUNAt1SUXle1hKIZRQM9Y0PqR-_-7ekg_U8QfNpMq1lHjbxgRYgSFdvn1NMqA0g94BCOEItf1PBEZzg59Gmm6tHIb4Wni37iyO5eEWTdJ3qIdc3MI_OvK2edy5jpQVjHi8T32cLd8GdwWlOZ0WnyWIZYVQEii8R5bHYQwQTOrCQY5C911_I6VflghxWCT-TuiGguvhsOwWrvmmpSy54181ggnlJ537NenEvPj6WoTuu_Bng4JYULChb3_Lg_Mf5LqyTJDiMrGMAehC7S-ozBQLV8WY_NYiQtjFQtoRUghXdOSvn42BQ7cWeDLJNXox07AHsRfUjgad7HrFuUQIWTHoYf2y2KhXHSN7CHpW4CdGB247c_iOuqVa5eYEwqujo-7AQpZH6zDtcIxO2AIiitP8jCXMYy8J-Y6PQ1NitbVBSzsswZa01JS0pWio1md_dtioe_1BS5xmBosnWfLelUsVCxgPZqfScnXquUwoZLREOQvpNlh-0HD590056pD0Je23yg6OD1PpxZj2GkgaxhX9FDhuu7iATCNYrzNoKUJOG__Re757YiZJfGJXCM3ksaStFgWKi6Wkgf8iYaPWFneaNlv8kNJ83B5SpwevAJQUaUggEEkwAyAmmjSBvss3EbaKZcWruGajdzmiLjIC4gvVojvpd2GG_-OcGuE8MLJzWSrpH6-h1jtdORjuvraOt77DCGJtGZKYBNXz0nVB8Y4uhGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014440192&ias_pubId=pub-5286073190998405&ias_chanId=1&ias_placementId=20647159193&bidurl=https://www.nirsoft.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i-4e3jYwHcQr8Q_RFYlbsq&adsafe_url=https%3A%2F%2Fwww.nirsoft.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nirsoft.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5286073190998405%26output%3Dhtml%26h%3D600%26slotname%3D8544847776%26adk%3D2347419153%26adf%3D3905112207%26pi%3Dt.ma~as.8544847776%26w%3D160%26lmt%3D1697706358%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.nirsoft.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697709957318%26bpp%3D4%26bdt%3D545%26idt%3D1530%26shv%3Dr20231011%26mjsv%3Dm202310160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6209365162741%26frm%3D20%26pv%3D2%26ga_vid%3D1581670272.1697709957%26ga_sid%3D1697709959%26ga_hid%3D745733990%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D5%26ady%3D613%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C31077328%252C31078020%252C31078830%252C44798934%252C44805112%252C44805534%252C44805680%252C44805918%252C31078297%26oid%3D2%26pvsid%3D371503592579976%26tmod%3D1219092591%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Djmjor1OSlf%26p%3Dhttps%253A%2F%2Fwww.nirsoft.net%26dtd%3D1545&adsafe_type=d&adsafe_jsinfo=,id:3c083683-8d02-2ca1-368d-16ac0faa1d2b,c:rtZvQs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-l4chs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:1acddd80-6e67-11ee-bf08-923d329c03ee,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame C4F4
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=3c083683-8d02-2ca1-368d-16ac0faa1d2b&tv=%7Bc:rtZw3x,pingTime:-10,time:833,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjg4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697709961443%7C%7Cbd04a939aa6912c073cc3136a6823b57%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7Cd2598d5a6ffdc6642753a55d80142081%7C%7Cc9ad5f116d64ec0c5f70b9182c39e7c8%7C%7C8eb30a4c5f72d95e3996a6bda3552720%7C%7C6f80e649909c32db76467f0c18386503%7C%7C7d9cb4ee1b5686ca8a853a2ac1d85e17%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:377f:b368:693b:683d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:01 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C4F4
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=3c083683-8d02-2ca1-368d-16ac0faa1d2b&tv=%7Bc:rtZw78,time:1056,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1056,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0%5D,as:%5B1048~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:796,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:23,sis:449%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5286073190998405&output=html&h=600&slotname=8544847776&adk=2347419153&adf=3905112207&pi=t.ma~as.8544847776&w=160&lmt=1697706358&format=160x600&url=https%3A%2F%2Fwww.nirsoft.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697709957318&bpp=4&bdt=545&idt=1530&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=6209365162741&frm=20&pv=2&ga_vid=1581670272.1697709957&ga_sid=1697709959&ga_hid=745733990&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077328%2C31078020%2C31078830%2C44798934%2C44805112%2C44805534%2C44805680%2C44805918%2C31078297&oid=2&pvsid=371503592579976&tmod=1219092591&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jmjor1OSlf&p=https%3A//www.nirsoft.net&dtd=1545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:377f:b368:693b:683d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:01 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b3c8e75569b389a6129253d97e84140618381c92f40a4fdf65a25716c61f90d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12273
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7112
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIb9WPiEeksYqkee6KMoG_4sDsquHj6pHk59XbspU97hMPgD_YgcjbrUyZs9u3S7_QRPd5KIAbf69q749R2KRiLkr4wybkl0b5OsRrNm3OLkD1nBp4cB9d_dSFn9fT2uoAt8hyfQnf4BUC&sai=AMfl-YSlooC_IN_30EPa3m5JhEKUwNRFwtrZQkoe-O8_yc1lSYSyo88CQNZ6VptIbo1qkKJNf_2HKh8llM-5_e5FmlafgrcuT_E0d-SLvUcANwYno6FL_ArG2HvnS9f9ZZDZfAMnlwk81UmFFk1lSw&sig=Cg0ArKJSzLkwQ8ZFcnoqEAE&cid=CAQSTADICaaNN5eE0_keFQYgoUUXK7TzsNL8baoYzXW3XX13oQ1zQzPobMsP7rpAoy72nweZny9nN-ncXhtUYpOyvxJUm8kxviMke2xdsu0YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=186,845,1000,1000,1000&tos=186,659,155,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697709960720&rpt=502&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5286073190998405&plah=www.nirsoft.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 10:06:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3733
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nirsoft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
4889
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 08:44:33 GMT
expires
Fri, 18 Oct 2024 08:44:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1CA8
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
82d81ac9ecb31c1968853001ac27f91159840b32289d4f71c68ca9c9304f6db6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kVzAGgpQziLTO1nZum5Tag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nirsoft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kVzAGgpQziLTO1nZum5Tag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:06:02 GMT
expires
Thu, 19 Oct 2023 10:06:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame C4F4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN2GyXEmqDQmGIw6eu9qgym_C_rDyPIjlN5qBxEffNC-aysrd6_PTJftUgvKU8g9iQmEt81Z_vBicd9HvPsB8T1pZWia3TC9YOTJO449LxFQ1T3UQLmEpwb2NC_ZFVKRUzy25q6a0GYku-&sai=AMfl-YRZWdy19eHGZnvwK4Zm7uZ51gKJJ6AZIus183NXH2OHz1tnqvuoYqKNrlq2E2ktXaZoTaVIChN6L9BaPgyhJ858vzBneLs3vBfLBmbdR2yEfAW635BeYrBUhtBXBQQ7et84b9URN66SeOYCuA&sig=Cg0ArKJSzNkZuWqdCxcBEAE&cid=CAQSTADICaaNIG-yzcRtoplxau4ZqN3OaIuMgLiC9WiO-l3YYb_45wa4TwwsnNZKukfr6HWO105GO6-to63vsMIYm0ZkpgE1fPSdUHxji6EYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2347419153&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697709958864&rpt=2498&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1CA8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=371503592579976&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 3733
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 09:20:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 3733
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?poPXEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:06:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F4
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2519072073308&version=m202309260101&ct=76&x=1&cor=9319171725588050000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=371503592579976&bg=!HxylHFPNAAbFpEfJ5aQ7ADQBe5WfOMfbI6zKU_8EIiIl3Hq-kzxgPN9Z7XqRxMsftMUxj9emTWJjaHLlwFLE2I5tbHtTAgAAAHhSAAAACWgBBwoARnb5mUMxIg42dpZfYdXRqS7w5igkLfRgZ1WB2b7TKfkG8Es6tAqP1g6z4M4jbGWU1-zgmGsAYNQkxbJIzu1oCBbdAfBmPfSZAvHfEoQna7ujRoRntTDG49iqP1JCCbSYrubc7uSN7AzDLVqODNeSvIJl8dim6Hx1OVoc6x2qKt4PEc5_rM-xmY2HLt87XQKL-aNqluDu3hc2GU9N9jbwHpyUoq7QI3GUe833mVto3qlKJzdExNMrZzKmaaC0E7uhBzacpmpREE9wlp2ePUj2np4s00SPpqkLrC9NTMabV5-78itSpdTZzqAgnibJggEGYZgxMpMmkMCFoF3b6WS10calzOICzivb8qtfkjr-zWydHUmz_ZTV5mVTDx8QeBIGXvArBO5jd9lykVXQ6c4UsxUfiDz6mey9Mtvu-zPJf3Yo2KipfMVRVvBGSGDNiOY5w1uyp5_3ecSazMgoihLTNiOM4L6HN3deII2UxSYfl95vng2KvpYAB6B2B6lt5bdFHV-qt2RndnqwEexxSU9A6o9Hp1vDXwGRJEkUuBrZLst-dw6dp4JHSLAZ-CsUz0IlDJl8VytwKp0bOoZZZK_myA7bKiI3q24HnZji0NgIXBvpFhQmJ9oFPUj8lHHhQqhxaWZy7F82Pz2aHRCF-R_dCJQJdYvxI8PsC_ct4sEf_v8vG1_ncNexJ9RLp3hsEwqaFbgL34skiQmAo2dHY8BVjsFhuAjVK450P0OYpR5u0dCwiAKeJX2_PCep8gcCfb4ciZ_fVMiNpVgUwMjTSyCPMXWrq_pYlWdZUQhNNfSepcSWMWpJZmQsfnx7X3NNfMcl5ikM_LIbDnN6tG-yNHmvZoOHRyTKKhDUbxFau3BCu9O2Qv6p3M3bd8ha5iwg8XZxlBWsXwNBx0FtRgrMNmLRApRJRCb8FAP261JopPfXoFQ9CFTPkxsR5FlRyGFKhoJK16DhRvw14fcrIu_VYoQ70LP5lnIE1DRXKEpZUhyX1loMIJDYqiimvUScgxMKxU5nyVSGkMBdzxzoEvLwJuPN9eIveuAtuTa_FrfH6RfkyM_ENAHV9ObCNXZoLb7oUloa6pdGWmKmiW9wi2k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.nirsoft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

dt
dt.adsafeprotected.com/ Frame C4F4
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=3c083683-8d02-2ca1-368d-16ac0faa1d2b&tv=%7Bc:rtZwyj,pingTime:1,time:2741,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D,%7Bpiv:98,vs:i,r:,t:1740%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1740,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1732~0,1~75%5D,as:%5B1733~160.600%5D%7D%7D,%7Bsl:i,t:1740,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:98,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~75%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:273,fm:tT7PYPw+11%7C12*.1712960-75657828%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:23,sis:449%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:377f:b368:693b:683d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:06:03 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| gtag object| dataLayer object| adsbygoogle object| addthis_config object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal object| __gcse object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state string| google_user_agent_client_hint number| google_rum_task_id_counter function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| googleNDT_ number| googleAltLoader object| google_llp object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.nirsoft.net/ Name: _ga
Value: GA1.1.1581670272.1697709957
.doubleclick.net/ Name: IDE
Value: AHWqTUnl8IkCyrCDadsTxYq3RNyu33PpD75Dz8ZirS9rrK7FEP6B2krJaaXoSCje
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: APC
Value: AfxxVi55ugeUT2F8SsQ60qnLNgCnq34YffjABxjeM6U9GCfSww5N9A
.casalemedia.com/ Name: CMID
Value: ZTD-iOe9fBxZnAGw0JPGWgAA
.casalemedia.com/ Name: CMPS
Value: 4408
.casalemedia.com/ Name: CMPRO
Value: 4408
.adnxs.com/ Name: uuid2
Value: 3648382707128184360
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%sCn.GY!@wnfH8K6pQK`!5=E<*L5?%K7k1tLRk0(gp6Uc(3jFkN_li<N#CdLL_nOa6q%nugO%v4VB%nmd8)szal
.nirsoft.net/ Name: __gads
Value: ID=c331d9d30af9e25a:T=1697709958:RT=1697709958:S=ALNI_MbBvMBNOd4J70DUJe54mTasplyXJw
.nirsoft.net/ Name: __gpi
Value: UID=00000c9c7d73433b:T=1697709958:RT=1697709958:S=ALNI_MaG8Uj6fSGuJkb_tGjqnzKR7i1cXA
.nirsoft.net/ Name: _ga_P2Q08WF7BK
Value: GS1.1.1697709957.1.0.1697709961.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
clients1.google.com
cm.g.doubleclick.net
cse.google.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
nirsoft.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
s7.addthis.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nirsoft.net
104.18.26.193
138.128.181.29
142.250.185.226
172.217.16.194
2001:4860:4802:34::36
23.212.201.72
2600:1f13:800:7781:377f:b368:693b:683d
2600:9000:2127:3e00:8:48e:53c0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
34.246.213.214
37.252.172.123
74.125.206.157
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
00cf697b03001a7246a8e7e26c626ff8aa3bc125759bc6bb87efafe63a4cfc24
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
0aab6baaa4cc091f9bc39922538ff1fc1aa5abab52edb3a4b5d9f476d6da6d92
0b3c8e75569b389a6129253d97e84140618381c92f40a4fdf65a25716c61f90d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5
0f33522d012103c5b3ef56cb064fcb5ec2c37df5cf0175bc14d936bc1250c4a9
0ff854220ca35b42182833e7c8b42f201589a3204f407692cd471ea11dff86c4
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b
24114cc6d2f6c6d25e3cb26a14e598aa72d6cdceb4a22eca6d6c3822b42fe2ef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
34b670db4106be9a53b7d9ae64ac80563cf218c48b0d38fead2872bb8747ed81
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
405a69db39bcef2539c7f1e9a1867d738883a5063b16d016b620a158b5b0466e
432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8
45bfcd7b2229034e4d85607d008b72ce1c3eccdad115bd699e0c3688bf5783f4
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6958d4f3a8c4d3a413e0e8b901beafa490b439d4589a001da3f98af0e9862abd
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7040861e8d3b047aa24c3de4f1b999b55399f30d6fda4549dc1c7ce44c7d6c69
7aea3fb8ef09574f7103909575d48e51b2a930c6b3f9297d3b4d54e7e239fee0
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
82d81ac9ecb31c1968853001ac27f91159840b32289d4f71c68ca9c9304f6db6
830179b0aa3829a00191b4580a21eac232a09e77d715c919ea7ca0ce0031fc36
8408b4ed6c63c7bbd982bdfd22aeeb7be76b5482dc940e316c14b8b5bcfd3836
9bd4cc293d3a7fb9f57f384965afceda84c3166736c9f7ae1964f1db0b85603f
9c27a03bfd6c83b4fe5aefbc0da6aa48612b8fb412ed54d0587d0eb980b00337
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07e16bcf3bb64d14576540deff1e70affc862969ba675951c42695faf3c8c20
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c75166534a7cf375f7963558a6a55858688f6c289c9d200706ce1592669ffe3b
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
da2ee12d083128f020ddda69259b2505860d833d66beb16d742895829d386504
da4b4d0a3e3ee94bd15efa308dd0560aac2fe300622cd79e008e1922bd828ee2
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4