urlscan.io logo urlscan.io
SecurityTrails logo

www.windowexe.com Open in urlscan Pro
115.71.236.95  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Submission: On August 13 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 115.71.236.95, located in Korea, Republic Of and belongs to DAOU-AS-KR DAOU TECHNOLOGY, KR. The main domain is www.windowexe.com.
This is the only time www.windowexe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 115.71.236.95 45996 (DAOU-AS-K...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 6
4    115.71.236.95 (Korea, Republic Of)

ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR)
www.windowexe.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 windowexe.com
www.windowexe.com
39 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1649
93 KB
2 gstatic.com
fonts.gstatic.com
174 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
176 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
4 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5 KB
13 6
Domain Requested by
4 www.windowexe.com www.windowexe.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com www.windowexe.com
fonts.googleapis.com
2 pagead2.googlesyndication.com www.windowexe.com
pagead2.googlesyndication.com
1 fonts.googleapis.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
13 6
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Frame ID: B50E4725DCF4937136C49DE8113025B0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 77B4182C3E2971E9FCA5C59C4F3F2B49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

브라우저 확장모듈(BHO) iconm1.dll 삭제하기 [ID:42835]

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

62 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

492 kB
Transfer

1228 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request board.php
www.windowexe.com/bbs/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Protocol
HTTP/1.1
Server
115.71.236.95 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
Apache / PHP/5.3.3
Resource Hash
322b74a0b56e9a68c5785d3a598f8985e142b9734dac302bb2f0265b3ffaaec9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
pre-check=0, post-check=0, max-age=0
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Date
Sun, 13 Aug 2023 23:04:31 GMT
Expires
0
Keep-Alive
timeout=15, max=100
Last-Modified
Sun, 13 Aug 2023 23:04:31 GMT
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/5.3.3
style.css
www.windowexe.com/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.windowexe.com/style.css
Requested by
Host: www.windowexe.com
URL: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Protocol
HTTP/1.1
Server
115.71.236.95 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
Apache /
Resource Hash
217d6219a11a91c7f02c62c042f177079786357d3a1357a6a3ecb8b21ec557ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 23:04:31 GMT
Last-Modified
Thu, 11 Apr 2013 11:50:03 GMT
Server
Apache
ETag
"c26d4-713-4da14630f70c0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1811
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.windowexe.com
URL: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abbf37fe1a8dc89f0dceb12eea78c02f0e880c9b9004833942e060ab1f721d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:04:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50944
x-xss-protection
0
server
cafe
etag
11710646557318651623
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 23:04:29 GMT
common.js
www.windowexe.com/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.windowexe.com/js/common.js
Requested by
Host: www.windowexe.com
URL: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Protocol
HTTP/1.1
Server
115.71.236.95 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
Apache /
Resource Hash
51955abe453072a1fe4f841f27c6a2ddc83c7928ebe46e54630398cc69615d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 23:04:32 GMT
Last-Modified
Fri, 22 Nov 2013 03:29:01 GMT
Server
Apache
ETag
"c2657-12ae-4ebbb9d851940"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4782
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 		372 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121111628244688&plah=www.windowexe.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e3d3420e2e64cc83c2e3e3e05bdad92efa4cf78e8d08c42d4b96fed7bd4292d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:04:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128646
x-xss-protection
0
server
cafe
etag
6714213766319225084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 23:04:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 77B4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.windowexe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
184
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 23:01:25 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 23:01:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wrest.js
www.windowexe.com/js/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.windowexe.com/js/wrest.js
Requested by
Host: www.windowexe.com
URL: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Protocol
HTTP/1.1
Server
115.71.236.95 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
Apache /
Resource Hash
4250de59fb6fcf91557da76a53487364e2bde3c936d981ae8eff2cea3a944e34

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 23:04:32 GMT
Last-Modified
Fri, 12 Feb 2010 02:56:41 GMT
Server
Apache
ETag
"c26cf-3cb3-47f5e6ab8ec40"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
15539
ca-pub-4121111628244688
fundingchoicesmessages.google.com/i/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4121111628244688?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121111628244688&plah=www.windowexe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ebc41dcbccc7bd16bdd516d6b39fb2c0643dac612de74f6e8851a4bb5be64f3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-h_ls1875XocAvIKp3hJh6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:04:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-h_ls1875XocAvIKp3hJh6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUKweFjY_AkxTSGty4gsBYO23IDSRuXNo6Unmn87bO82MWtmyQRy07CIXGMBffhYeYi_8gKEJ6Lfv7wL2fBsXMdio0FU5R6dIhWEWeO9M1lQnUz8KobQsEC8YkoQKJSYojsilMQXg==
fundingchoicesmessages.google.com/f/ 		270 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUKweFjY_AkxTSGty4gsBYO23IDSRuXNo6Unmn87bO82MWtmyQRy07CIXGMBffhYeYi_8gKEJ6Lfv7wL2fBsXMdio0FU5R6dIhWEWeO9M1lQnUz8KobQsEC8YkoQKJSYojsilMQXg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxOTY3ODcwLDEwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL3d3dy53aW5kb3dleGUuY29tL2Jicy9ib2FyZC5waHAiLG51bGwsW1s4LCJIeFJIZ1dOeVM1USJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ae9e8a299eedcd3c34034ad1b6bf712aa5a829f6bebea9fd1c13d51f746da57
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rFFYNpMSuWYZ1cPpNH92hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:04:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rFFYNpMSuWYZ1cPpNH92hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		69 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d61260c6c74dd9bed84e1dbc7e04e98c91fad783ece1cdce4e07de3970df6866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.windowexe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 23:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 23:04:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 23:04:33 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.windowexe.com
URL: http://www.windowexe.com/bbs/board.php?q=iconm1-dll-c-users-administrator-appdata-roaming-iconmania-iconm1-dll
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.windowexe.com/
Origin
http://www.windowexe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 03:54:37 GMT
X-Content-Type-Options
nosniff
Age
241796
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
128352
X-XSS-Protection
0
Last-Modified
Tue, 07 Mar 2023 19:51:56 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 10 Aug 2024 03:54:37 GMT
AGSKWxWb_AUMboJfkzGhpL1nVv9l3PJ_ryprz8GGKKHH-YtbWs6dpqArb6Imjw4CY65hAkEYoh1GUgr6IgG75ZzZL77oXwkYOvlkK6Lyv8qPaiNDnm-c2LXy62zupFAkiUWozPEYMN6KEw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWb_AUMboJfkzGhpL1nVv9l3PJ_ryprz8GGKKHH-YtbWs6dpqArb6Imjw4CY65hAkEYoh1GUgr6IgG75ZzZL77oXwkYOvlkK6Lyv8qPaiNDnm-c2LXy62zupFAkiUWozPEYMN6KEw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yEW9WC0QJB40wUD7yopTQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.windowexe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Aug 2023 23:04:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-yEW9WC0QJB40wUD7yopTQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.windowexe.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.windowexe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 09:02:59 GMT
x-content-type-options
nosniff
age
223294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 09:02:59 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| g4_path string| g4_bbs string| g4_bbs_img string| g4_url string| g4_is_member string| g4_is_admin string| g4_bo_table string| g4_sca string| g4_charset string| g4_cookie_domain boolean| g4_is_gecko boolean| g4_is_ie boolean| COMMON_JS string| errmsg undefined| errfld object| last_id function| check_field function| error_field function| clear_field function| trim function| number_format function| del function| set_cookie function| get_cookie function| delete_cookie function| menu function| check_byte function| doc_write function| google_spfd number| google_unique_id object| google_sv_map boolean| WREST_JS string| wrestMsg object| wrestFld string| wrestFldDefaultColor string| wrestFldBackColor object| arrAttr function| wrestItemname function| wrestTrim function| wrestRequired function| wrestMinlength function| wrestTelnumber function| wrestEmail function| wrestMemberId function| wrestHangul function| wrestHangul2 function| wrestHangulAlphaNumeric function| wrestNumeric function| wrestAlpha function| wrestAlphaNumeric function| wrestAlphaNumericUnderLine function| wrestJumin function| wrestSaupja function| wrestNospace function| wrestSubmit function| wrestInitialized function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| M2RkNjliMjY4NDZkNjM5ZWxvYWRlcl9qcw== string| M2RkNjliMjY4NDZkNjM5ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

3 Cookies

Domain/Path Name / Value
www.windowexe.com/ Name: PHPSESSID
Value: h7rncfse7io9559tlduuq929t2
www.windowexe.com/ Name: f33d2ed86bd82d4c22123c9da444d8ab
Value: MTY5MTk2Nzg3MQ%3D%3D
www.windowexe.com/ Name: 2a0d2363701f23f8a75028924a3af643
Value: ODAuMjU1LjEwLjIwMQ%3D%3D