URL: https://sysmon.soft32.com/old-version/
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 101 HTTP transactions. The main IP is 18.66.122.88, located in United States and belongs to AMAZON-02, US. The main domain is sysmon.soft32.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 26th 2024. Valid for: a year.
This is the only time sysmon.soft32.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
26 cloudfront.net
d3gx3uz4yj2hnq.cloudfront.net
d3fnqfpn2r2a3x.cloudfront.net
drugnom0x8w61.cloudfront.net
193 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
c6a97c3b64b319fe0a7e96b4032c71be.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
245 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 416
104 KB
6 gstatic.com
fonts.gstatic.com
204 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
22 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
119 KB
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1306
28 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207
141 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 594
18 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
92 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 289
29 KB
1 soft32.com
sysmon.soft32.com
21 KB
0 nr-data.net Failed
bam.nr-data.net Failed
0 facebook.net Failed
www.facebook.net Failed
101 16
Domain Requested by
20 cdn.ampproject.org securepubads.g.doubleclick.net
20 d3fnqfpn2r2a3x.cloudfront.net sysmon.soft32.com
15 pagead2.googlesyndication.com sysmon.soft32.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 tpc.googlesyndication.com sysmon.soft32.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 fonts.gstatic.com sysmon.soft32.com
fonts.googleapis.com
5 d3gx3uz4yj2hnq.cloudfront.net sysmon.soft32.com
d3gx3uz4yj2hnq.cloudfront.net
4 www.google-analytics.com sysmon.soft32.com
www.google-analytics.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 platform.twitter.com d3gx3uz4yj2hnq.cloudfront.net
platform.twitter.com
1 drugnom0x8w61.cloudfront.net
1 js-agent.newrelic.com sysmon.soft32.com
1 lh3.googleusercontent.com sysmon.soft32.com
1 region1.google-analytics.com www.googletagmanager.com
1 c6a97c3b64b319fe0a7e96b4032c71be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagmanager.com www.google-analytics.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com sysmon.soft32.com
1 sysmon.soft32.com
0 bam.nr-data.net Failed js-agent.newrelic.com
0 www.facebook.net Failed sysmon.soft32.com
101 22
Subject Issuer Validity Valid
soft32.com
Amazon RSA 2048 M03
2024-02-26 -
2025-03-27
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh

This page contains 8 frames:

Primary Page: https://sysmon.soft32.com/old-version/
Frame ID: B014C0841BBD7367ADF38397823E77F6
Requests: 53 HTTP requests in this frame

Frame: https://c6a97c3b64b319fe0a7e96b4032c71be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C437BD876A879E02D9DE4822A3493FC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fsysmon.soft32.com
Frame ID: 719C530AFD2272E3D59BCB19F64092DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Frame ID: 8DC8F696794A1CC5AECAB3D53FD15E73
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Frame ID: E07951E3E65EB4279980FEEECCDB0D68
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Frame ID: 5342BB7F96991D59426F4986D6F647A5
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Frame ID: 71777DC5C1FD3021B61631412B6A9099
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEB022F64BFA3620B5D309150BB7298B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Download Sysmon 13.33 Free

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

101
Requests

93 %
HTTPS

79 %
IPv6

16
Domains

22
Subdomains

20
IPs

3
Countries

1229 kB
Transfer

4539 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://connect.facebook.net/en_US/all.js?_=1713419153745 HTTP 302
  • https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js%3F_%3D1713419153745

101 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sysmon.soft32.com/old-version/
72 KB
21 KB
Document
General
Full URL
https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-88.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d262203d283af1ea69ddb395a969ae5121f3e28af18daa8d7cc79bbb839eccf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
20490
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 05:45:53 GMT
expires
Thu, 18 Apr 2024 07:45:53 GMT
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-id
B3bVf3NomDA1Q9_VFvI0iU_DcRWuzIRKy88mmPfcCIVYQZ_mkvx1Kw==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.css
d3gx3uz4yj2hnq.cloudfront.net/build/styles/
79 KB
21 KB
Stylesheet
General
Full URL
https://d3gx3uz4yj2hnq.cloudfront.net/build/styles/styles.css?v=1551443055
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-85.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
bf72bb2923d01765bb227f203fe55a18394cda7f2382e4d9bf588fd8095d4b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 02:06:06 GMT
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront), 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2, FRA60-P9
age
2345987
x-cache
Hit from cloudfront
content-length
20829
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 04 Mar 2019 18:29:55 GMT
server
nginx
etag
W/"5c7d6ea3-13dd3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
su6guqVSKOCx8W-1HYt-nYM8BppdZGHI6nXK4-KMDtpmv3vJcN0srw==
expires
Sat, 22 Mar 2025 02:06:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb8dc51c7346ec961f6c3d4b8c019114a799fe04a2673a2d13152f3f38388780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50678
x-xss-protection
0
server
cafe
etag
4800589266401067529
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 18 Apr 2024 05:45:53 GMT
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/80/792804/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/80/792804/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12adb76cc226ba0f612b9282c028f571f15f7b6db6d94b0182fea5a44cb4c710

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
CoYGHMA1iG_hmSXWlHgaMQMO0RxvJpdu
Date
Thu, 18 Apr 2024 05:45:55 GMT
Via
1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Apr 2020 12:20:12 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
ETag
"2f1663a5660f752fe4f1daf31d6a99dd"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1434
X-Amz-Cf-Id
tByqLH37GwH5hoKnu23ChE0EHWF6ydLlDZSYMPtTq0IvaWw7hr5U0g==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/8/76230/
989 B
1 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/8/76230/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dbba879684689e708a68f14cb732bb2bf1ae0a5cd3a3d31f64ff7d3d95e3e84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5d37qJzo_0daAs6D9BAyOVa48.9O63fL
Date
Thu, 18 Apr 2024 01:02:42 GMT
Via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
Last-Modified
Wed, 15 Dec 2010 14:42:25 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
16991
ETag
"11e7923b988082071f80f117de42e6ea"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
989
X-Amz-Cf-Id
G_6FZteGEYvkyT6JqCVuW1PHl-_pzvGRBfdLSf5DLFjnD-RrkbWHpg==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/41/403645/
506 B
1 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/41/403645/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5eeb329383b1c710082b413506505d1ccd3f128ed85bb734c05560ae37f780b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
v6VlCj_ChNmDK_J_6SdqYmbyEOP3qxpy
Date
Thu, 18 Apr 2024 01:32:26 GMT
Via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 Aug 2012 14:14:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
15208
ETag
"8f7c7997173a04e9c88a23d6ef220c57"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
506
X-Amz-Cf-Id
TJ5dYENA9sXXq9AIO9_V5sBIDsUjc6GJ2XwkLshZ6oy1jivTR5LSyA==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/36/359252/
2 KB
3 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/36/359252/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5446f20705d4b7711f81f7bd7a29491672185000c371e01c6dc0816d46e60eb7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ee90uX_fTcWqhlcqlMNR636Rn_Bd8HJA
Date
Thu, 18 Apr 2024 02:20:07 GMT
Via
1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
Last-Modified
Fri, 28 Jun 2013 07:28:39 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
12355
ETag
"742d6edec86c14f26c38cf16b71991ea"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2327
X-Amz-Cf-Id
FYzyws6fmgaTtaYy39JDUi5j_b_ee48twCeyRrL1nxf3E0ZcxfItFQ==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/19/187568/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/19/187568/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb24ad3c31b0b285f15e8e3a398b784374984fd3c36d7b288841aac2bd3bcfda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
UEjstCLUalG2nkrLuPuBJaTValFm2Urp
Date
Thu, 18 Apr 2024 04:46:22 GMT
Via
1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
Last-Modified
Thu, 16 Dec 2010 18:41:47 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
3572
ETag
"efae4a05bbfc23ccf3364309abd3f3ea"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1099
X-Amz-Cf-Id
THfQbxJST2L12ean6RsjhIQ8ivXQqtONSQ-1BA3ZY68OT93BL5cBGg==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/41/402435/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/41/402435/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216e52548f432cfb8705cb7db4d5d68c82425d321aa67e25b40d06a270f9ab6a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iI54wdbluRg77PX9hEJzhcjl5krPjqz8
Date
Wed, 17 Apr 2024 05:49:19 GMT
Via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
Last-Modified
Wed, 23 Jan 2013 13:02:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
86195
ETag
"392097730c886382af4098ff4705e04f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1385
X-Amz-Cf-Id
0B3se8oepYIoNUt7Dovi0SJQUcrKFaQo7Cr92na-zPh05cy9HXrq-w==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/37/361529/
5 KB
5 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/37/361529/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7dae3b272087bd56e8e6698b1cdb3d52b8d32dcd685318a29fb9c1a91ff45c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
et8sutxppwgpMGTBqgkVjS1Bmwsr9PyD
Date
Wed, 17 Apr 2024 06:19:24 GMT
Via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
Last-Modified
Fri, 05 Aug 2011 09:52:00 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
84390
ETag
"567c761aff0c217dc7c9ce116a01ae2a"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5072
X-Amz-Cf-Id
TPKFyogKGa1YYfGOEiqPWwlemax0pOynxQWG9YGBrJfxO9NTNLoudw==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/80/791406/
3 KB
4 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/80/791406/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f9b9ced7604315b858ccb74a9d8c18c26faa7a2d5757b0e791172ede4a0b298

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
YIJEIYqBIx3Z.1yLIdWDdHe9cgEaGhzg
Date
Wed, 17 Apr 2024 06:19:24 GMT
Via
1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
Last-Modified
Wed, 07 Mar 2018 13:58:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
84390
ETag
"490676fc16a6aaa67dc930f594429e15"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3056
X-Amz-Cf-Id
oR0UVOObLgatGqHQbJRzAPt04Z7k9BuKohyRhY73pmNrz5wjfp6tiQ==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/80/791411/
3 KB
4 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/80/791411/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ba84b2ec37218c494291fa243080b07b3aadf4281d9e30ce9c3a155f16b0404

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kMWGLj5FaQrrtoEhCdH0ssnkqtmMaCmy
Date
Thu, 18 Apr 2024 03:12:02 GMT
Via
1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
Last-Modified
Thu, 08 Mar 2018 07:27:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
9232
ETag
"c742c52f5a0a5b27ffa2e6077e340f2d"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3272
X-Amz-Cf-Id
rRqO_QdE6d1xNfKmVBwaXWFKFv2QmKFMFy6FBrwmd3nx_Dld92xFaw==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/80/794289/
2 KB
3 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/80/794289/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02caa70e886c79313f1e6d08059948128d40f0071e1f35d7b7f61ad1262ee761

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
_RJk0Y5iGp0_k691vsR17TeT82vYpP1J
Date
Thu, 18 Apr 2024 01:58:43 GMT
Via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Mar 2021 10:36:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
13642
ETag
"48daf6664c06c323e5b54b9bddc5d8ec"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2089
X-Amz-Cf-Id
rjwVHnrtSmHltaSgywjoe4v8pSX2r2X38Et0bbc5kKIS3r9nBmEydw==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/22/219807/
2 KB
3 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/22/219807/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f30ab41cf7aaad27141e20389308ada7eaa9dc39ea0e521ea52d7937016d77c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
i20vaRRhYosMV6krHl5XGzYM8dAwzhyd
Date
Wed, 17 Apr 2024 07:39:04 GMT
Via
1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
Last-Modified
Mon, 02 Feb 2015 13:06:30 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
79612
ETag
"b1a5b1633459d5cc9785f3642f0328be"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2130
X-Amz-Cf-Id
Lig2wARbv6LDTwTwPKaXyqDGkaymd3BXpSTZbMRAChrzMsNvobNGbQ==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/23/225370/
2 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/23/225370/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa87047ad48f80870f2970b4a0e87e5e176c245f9bea5991ebc3e50a4f414394

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jfd_nqTA4HuLo_NgI33XtMDXYU0CuTzN
Date
Wed, 17 Apr 2024 07:02:34 GMT
Via
1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
Last-Modified
Thu, 10 Feb 2011 11:40:05 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
85893
ETag
"b66b1a8b13054e91593c982a385e88d1"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1639
X-Amz-Cf-Id
2Iiv67Zz8qQOgip0rFAGhyiHocCDUN4sG8AIprxrzccBghirwRIMGw==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/41/400310/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/41/400310/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60f87d25b47e31e2475ed6344f2b2af842523a35d9974d286aea127becc55003

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9T3lPW4t.Id5qfuf_DeWXWRtQI4Tiv0w
Date
Thu, 18 Apr 2024 04:51:25 GMT
Via
1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
Last-Modified
Fri, 24 Feb 2012 14:15:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
3269
ETag
"97a89b8355b756deb2f57f3fdcf9108d"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
X-Amz-Cf-Id
MEJG_AXPHVEmXbWMX6tYjM8RQ5qAz73F0NlfK4x4V_hZCrJBgivMcw==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/79/784721/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/79/784721/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7eb0e4c54f2b9c628a59282eb3181cf59fe963d183685670ded5ff1a6417d97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dj_IK36LSYB_ldja2RTbUkRUHB3r57US
Date
Wed, 17 Apr 2024 20:43:41 GMT
Via
1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Sep 2016 09:51:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
32683
ETag
"eb94672ee3fd37a90b81e40d2e9d8cd5"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1126
X-Amz-Cf-Id
mvZCJz5YrM47dv8zlTrWL5kSAm-zPazgSG3DAcvuDpqH8QFX8souRQ==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/80/795304/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/80/795304/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9369ee8966aab97772270370a8659ec83b9ffab58db03095796a2fe7c2553239

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
3jxHA7YAjQTf.oMhWTvlFro5BRLS.JjZ
Date
Wed, 17 Apr 2024 05:49:19 GMT
Via
1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P9
Age
86195
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1217
Last-Modified
Wed, 18 Oct 2023 07:57:51 GMT
Server
AmazonS3
ETag
"3c38f876fbea1e1ac8ab1bee31ee689b"
Content-Type
image/png
Cache-Control
public
Accept-Ranges
bytes
X-Amz-Cf-Id
EnsRgSFijdpwl5Jd6n2rq8kZ2-7l3OX81mgCzbE9WzScJT0nswdduA==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/80/791633/
3 KB
3 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/80/791633/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f95f105fb31a29c60bad266cb1e5a89b6be3f71043ed729f0653774f2cee5c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FabUp4xizwaAr48q.0B.936g0PhvcBxv
Date
Thu, 18 Apr 2024 02:14:40 GMT
Via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
Last-Modified
Mon, 14 May 2018 07:00:50 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
12674
ETag
"99d4db314f1d2e2fbb65a2f4ece40bc7"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2908
X-Amz-Cf-Id
K99vyxUtvGw_I1fl6bpaCiZgq1DOcsVCbBNfysq33jUON48W7tK6UQ==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/41/402444/
1 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/41/402444/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f4bf5a900242efc520e83da9dd2327a71bee7ce782c1de66e8962dcb8744a0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
KOmbVDLM66z0dEUR.0f2UFshQFoGPPh3
Date
Thu, 18 Apr 2024 03:18:02 GMT
Via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
Last-Modified
Mon, 26 Oct 2015 07:19:10 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
8872
ETag
"8df8899f8f1fc6d202d6fde524d61c03"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1328
X-Amz-Cf-Id
NWj_S1y5GiK_E2QxpG8J5CyvVRdH8fh45avhvkMj3s6COTTbLUNODw==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/79/789120/
2 KB
2 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/79/789120/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de1698279e6f08b8695d64ae8ef0ab81ea8a029d65dad85ef9e9b426c52973d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
N90nFOhhdnUMVcbQY2v86IBrw_NNsEva
Date
Thu, 18 Apr 2024 05:44:26 GMT
Via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Sep 2016 12:45:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
8097
ETag
"3c3f239f4a9ccbc40a52709d0ec2be76"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1718
X-Amz-Cf-Id
cW2rmYb_ZwA6m2uTfnvLoEYpsO0qMSiucq34ActgW1ZZvPYJWtlXAg==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/41/406607/
3 KB
4 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/41/406607/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23988281e117ed15ba04dc2eaf8f266335bb8df61ea1c12adac6b11b06db7e2f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 03:02:33 GMT
x-amz-version-id
oWAmi8HT30I1Zsjm1d7.OaezGjykBv1H
Via
1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
Last-Modified
Fri, 21 Dec 2012 13:27:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
9801
ETag
"6dc333ea9e94bec36874944a5b76a97e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3069
X-Amz-Cf-Id
8LZVPblUm3NVj8egXrtq1antiEbR5q4nNQM582wGERY8m8CtUpZqKQ==
icon.png
d3fnqfpn2r2a3x.cloudfront.net/icons/22/219962/
3 KB
3 KB
Image
General
Full URL
https://d3fnqfpn2r2a3x.cloudfront.net/icons/22/219962/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.45.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-45-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0f54a4be576257721a2388a3678b709ca0833bb7ad7f3bb55653b2c7f052ff3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 04:14:25 GMT
x-amz-version-id
zul3vx2Or_Tq7rmAaWA5s_cxwyVIx3pW
Via
1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
Last-Modified
Wed, 13 Jun 2012 07:29:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
5489
ETag
"77860e40dd6cf1b9eb24e79592400543"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2596
X-Amz-Cf-Id
LmVkTCjm6wo08ssSDQFrlexACHrzh7mx7CqXDQW3XHz6syr27iOKMA==
scripts.js
d3gx3uz4yj2hnq.cloudfront.net/build/scripts/
163 KB
63 KB
Script
General
Full URL
https://d3gx3uz4yj2hnq.cloudfront.net/build/scripts/scripts.js?v=1551443055
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-85.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
fa3034ba4d18a5a8c426a014e09d0ea8cb17949ccc0bb6738d85ceb252b39a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 02:05:34 GMT
content-encoding
gzip
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront), 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2, FRA60-P9
age
2346019
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 04 Mar 2019 18:29:53 GMT
server
nginx
etag
W/"5c7d6ea1-28dfd"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
x-amz-cf-id
nTtL-pCbF8WT67bubOGJBhgKnNGfkv-m88sxyxl_mPJBAkE3SZgfuw==
expires
Sat, 22 Mar 2025 02:05:34 GMT
gpt.js
www.googletagservices.com/tag/js/
89 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdf3c3f22f6474f2ae8c8ad92a009008a58e785677d0d9f416a6556462d08b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29336
x-xss-protection
0
server
cafe
etag
815 / 19831 / m202404110101 / config-hash: 1671395371875264850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Apr 2024 05:45:53 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 05:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
391
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Apr 2024 07:39:22 GMT
sprite.png
d3gx3uz4yj2hnq.cloudfront.net/images/
55 KB
56 KB
Image
General
Full URL
https://d3gx3uz4yj2hnq.cloudfront.net/images/sprite.png
Requested by
Host: d3gx3uz4yj2hnq.cloudfront.net
URL: https://d3gx3uz4yj2hnq.cloudfront.net/build/styles/styles.css?v=1551443055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-85.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
f7b73a7c0753c8962985a9a445e227521d69b5f31612e2e94bb51b6bacb4881d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d3gx3uz4yj2hnq.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 02:07:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront), 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2, FRA60-P9
age
2345878
x-cache
Hit from cloudfront
content-length
56414
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 04 Dec 2017 12:58:32 GMT
server
nginx
etag
"5a254678-dc5e"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xwuJmZdKvXA5Y9Cp06Hdud0H88eHezJMxKraAJOgQqh60Dms1rmtCw==
expires
Sat, 22 Mar 2025 02:07:55 GMT
home.png
d3gx3uz4yj2hnq.cloudfront.net/images/
134 B
693 B
Image
General
Full URL
https://d3gx3uz4yj2hnq.cloudfront.net/images/home.png
Requested by
Host: d3gx3uz4yj2hnq.cloudfront.net
URL: https://d3gx3uz4yj2hnq.cloudfront.net/build/styles/styles.css?v=1551443055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-85.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
1af2bdaba9f7fe01962e7a42e6b7befa24f66f11568a239e005129f003b22ad1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d3gx3uz4yj2hnq.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 02:07:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront), 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2, FRA60-P9
age
2345878
x-cache
Hit from cloudfront
content-length
134
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 04 Dec 2017 12:58:32 GMT
server
nginx
etag
"5a254678-86"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OO4nIb0T2NVoKMyiX6Lv-6KHevioDhuMzGp4IONMlL5-DH7hnY6vAw==
expires
Sat, 22 Mar 2025 02:07:55 GMT
close.png
d3gx3uz4yj2hnq.cloudfront.net/images/
174 B
734 B
Image
General
Full URL
https://d3gx3uz4yj2hnq.cloudfront.net/images/close.png
Requested by
Host: d3gx3uz4yj2hnq.cloudfront.net
URL: https://d3gx3uz4yj2hnq.cloudfront.net/build/styles/styles.css?v=1551443055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-85.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
073552c85ec21bc1ecc4f4b662573f1a731af2106dc2d55de775bc78a6d6275e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d3gx3uz4yj2hnq.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 02:08:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront), 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2, FRA60-P9
age
2345868
x-cache
Hit from cloudfront
content-length
174
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 04 Dec 2017 12:58:32 GMT
server
nginx
etag
"5a254678-ae"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uULpXBnYkfaQlN28fkkU0RG44i2O2rTCkxq3nZQkQS2ITH1DvbD5vw==
expires
Sat, 22 Mar 2025 02:08:05 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 18 Apr 2024 06:01:17 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/
412 KB
140 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019512989564856&plah=sysmon.soft32.com&aplac=true&bust=31082835
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aba7c27792fbb52b7748455500e0eb179faab3d57b53ad4fd71a961704ce3cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142910
x-xss-protection
0
server
cafe
etag
17896033890928644399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Apr 2024 05:45:53 GMT
collect
www.google-analytics.com/j/
15 B
35 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=782279150&t=pageview&_s=1&dl=https%3A%2F%2Fsysmon.soft32.com%2Fold-version%2F&dp=%2Fwindows%2Fdrivers%2Fmonitors%2Fsysmon%2Fold-version%2F&ul=de-de&de=UTF-8&dt=Download%20Sysmon%2013.33%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAjAAAAACAAI~&jid=760205241&gjid=1403322751&cid=476883578.1713419154&tid=UA-110868-1&_gid=1171582238.1713419154&_slc=1&z=1325148202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
32971bec3ef2e7a830f7d5c4e9a0ab8b75c3ffd7161875480790f2b44b6eb170
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:45:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysmon.soft32.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-110868-1&cid=476883578.1713419154&jid=760205241&gjid=1403322751&_gid=1171582238.1713419154&_u=KGBAgAAjAAAAAGAAI~&z=1818033701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 18 Apr 2024 05:45:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysmon.soft32.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/
448 KB
140 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
44366
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143226
x-xss-protection
0
server
cafe
etag
18387702370034619198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Apr 2025 17:26:27 GMT
js
www.googletagmanager.com/gtag/
266 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E1KMLTR4GG&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
886dfed5ff0c12ec234362dcef32d33f1825643d20a2b56c94296e6f860810ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 05:45:53 GMT
ads
pagead2.googlesyndication.com/gampad/
203 KB
22 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3293956692020949&correlator=2654736658262465&eid=31082740%2C31082852&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1100449%2CSoft32_AtF_728x90%2CSoft32_AtF_300x250_first%2CSoft32_AtF_300x250_second%2CSoft32_Middle_468x60%2CSoft32_BtF_300x250%2CSoft32_BtF_728x90%2CSoft32_ATF_550x35_Win%2CSoft32_ATF_550x35_Win_(download)%2CSoft32_ATF_550x35_Mac%2CSoft32_ATF_550x35_Mac_(download)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=728x90%2C300x250%2C300x250%2C468x60%2C300x250%2C728x90%2C550x35%2C550x35%2C550x35%2C550x35&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1713419153932&lmt=1713419153&adxs=436%2C985%2C985%2C-9%2C985%2C436%2C-9%2C-9%2C-9%2C-9&adys=164%2C223%2C256%2C-9%2C641%2C698%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1%7C0%7C0%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fsysmon.soft32.com%2Fold-version%2F&vis=1&psz=970x14%7C300x14%7C300x14%7C0x-1%7C300x14%7C970x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=728x0%7C300x0%7C300x0%7C0x-1%7C300x0%7C728x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C4%2C4%2C2%2C4%2C4%2C2%2C2%2C2%2C2&ohw=728%2C300%2C300%2C0%2C300%2C728%2C0%2C0%2C0%2C0&dlt=1713419153677&idt=235&cust_params=category%3Ddrivers%26page%3Dprogram-old-version%26os%3Dwindows%26lang%3Den&adks=2171456778%2C760919417%2C2075450232%2C2548448088%2C956241135%2C3960560124%2C2397558405%2C2883774304%2C369583957%2C813786743&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44a187a33de87e5b0b57b0991cc5a6d9c896ee23649c612d6f70b40077058df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22705
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-2,-1,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-2,-1,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sysmon.soft32.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c6a97c3b64b319fe0a7e96b4032c71be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C43
0
0
Document
General
Full URL
https://c6a97c3b64b319fe0a7e96b4032c71be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sysmon.soft32.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Apr 2024 05:45:53 GMT
expires
Fri, 18 Apr 2025 05:45:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E1KMLTR4GG&gtm=45je44f0v9135218387za200&_p=1713419153857&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=476883578.1713419154&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsysmon.soft32.com%2Fold-version%2F&dp=%2Fwindows%2Fdrivers%2Fmonitors%2Fsysmon%2Fold-version%2F&dt=Download%20Sysmon%2013.33%20Free&sid=1713419153&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1481
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1KMLTR4GG&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:45:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysmon.soft32.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-7019512989564856
fundingchoicesmessages.google.com/i/
180 KB
60 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7019512989564856?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019512989564856&plah=sysmon.soft32.com&aplac=true&bust=31082835
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c41e19212003ad71c6ef6bfc7c618c0e8b610bfbaa27b22145639b275793a1c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Lwa2Cu6fjbu6b-bmUg3nyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-Lwa2Cu6fjbu6b-bmUg3nyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMGEMc8n86aAsRO6TNYg4DYp34GawwQt948xzoViE8uOM96EYiT_p1nLQJiIW6OSc-bNrIJNMz8KAsAyNwvSw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWiSsSdJxIkJe7c8CeF8y3XL7V-bh6DiJ_PfpbArsd-PT_uRWpXKBtITRdWfuQt8IRRMkRrV4JqjjcBrFDtVjZJv4oNfemyxBvp33ahINUzn1CINXLZ5AAGFiVrOK73MPJgSnI85A==
fundingchoicesmessages.google.com/f/
369 KB
59 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWiSsSdJxIkJe7c8CeF8y3XL7V-bh6DiJ_PfpbArsd-PT_uRWpXKBtITRdWfuQt8IRRMkRrV4JqjjcBrFDtVjZJv4oNfemyxBvp33ahINUzn1CINXLZ5AAGFiVrOK73MPJgSnI85A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzNDE5MTU0LDEwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zeXNtb24uc29mdDMyLmNvbS9vbGQtdmVyc2lvbi8iLG51bGwsW1s4LCJWS0R3REtkLVJ4TSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VKDwDKd-RxM.es5.O/am=wA/d=1/rs=AJlcJMyBb15_97HQuHKS9ub-XrVmJOeQ6w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85d994e65b8404fa0c2887904f6ee27b96e1af41b8ad46c7df45c55db3e8ac0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y_si-bY5_4VCymTCgKDg-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-y_si-bY5_4VCymTCgKDg-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhbo5Jz5s2sgl0LHwUCwDL0Cp0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
106 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VKDwDKd-RxM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy6fM69zXDSt1KBENM3RAYLVy8zAA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 05:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 05:45:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 05:45:54 GMT
yLBdmzr1zyc_F5CCcqv_j9qeKg_DOYKixlHounmXBhqX0SikatUfwo-anglWcW4A_Am7KtnaofYYcWnibhMYW9bWWxHjh415DP8FFvsttAyzVCZLX5lH=h60
lh3.googleusercontent.com/
6 KB
6 KB
Image
General
Full URL
https://lh3.googleusercontent.com/yLBdmzr1zyc_F5CCcqv_j9qeKg_DOYKixlHounmXBhqX0SikatUfwo-anglWcW4A_Am7KtnaofYYcWnibhMYW9bWWxHjh415DP8FFvsttAyzVCZLX5lH=h60
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
90398111962a3ff0a9655f7f331e3f738f659b81e3fdf7934a3f692a40463fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 04:23:41 GMT
x-content-type-options
nosniff
age
4933
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5792
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 19 Apr 2024 04:23:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 00:50:53 GMT
x-content-type-options
nosniff
age
190501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:12:04 GMT
x-content-type-options
nosniff
age
207230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 20:12:04 GMT
AGSKWxVKhZUFBaFR__Lx5h7f_60uTaVw1MU70xnaTNQ7YTdkDVkiBrn4QJxgRIzByL2r50aAPQrjjxTVWB1q-fKv9h9rjgytdRNAGwrJjQmbQuxI-6rGf6LnI6FSohdFjMS5koeB2bTLig==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVKhZUFBaFR__Lx5h7f_60uTaVw1MU70xnaTNQ7YTdkDVkiBrn4QJxgRIzByL2r50aAPQrjjxTVWB1q-fKv9h9rjgytdRNAGwrJjQmbQuxI-6rGf6LnI6FSohdFjMS5koeB2bTLig==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VKDwDKd-RxM.es5.O/am=wA/d=1/rs=AJlcJMyBb15_97HQuHKS9ub-XrVmJOeQ6w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XE28LoT78RSymA6yDfwtBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XE28LoT78RSymA6yDfwtBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1gDgFiIh2PS86aNbAILXn5uYwQAxDYMSw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sysmon.soft32.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.net/login/
Redirect Chain
  • https://connect.facebook.net/en_US/all.js?_=1713419153745
  • https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js%3F_%3D1713419153745
0
0

widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js?_=1713419153746
Requested by
Host: d3gx3uz4yj2hnq.cloudfront.net
URL: https://d3gx3uz4yj2hnq.cloudfront.net/build/scripts/scripts.js?v=1551443055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B85) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 05:45:54 GMT
Content-Encoding
gzip
Age
760
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6B85)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 719C
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fsysmon.soft32.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1713419153746
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sysmon.soft32.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2086946
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Apr 2024 05:45:54 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB9)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404082010000/ Frame 8DC8
196 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023058011e8e331be9ad8d8996b14272c53419d06832c2a949dea0c7d0d19a69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56203
x-xss-protection
0
server
sffe
etag
"32afbce03ae4017a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 8DC8
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
207f2640faccdaf0001e824759e8b4d6391fda50258f7ffe5444326d3578bee5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5205
x-xss-protection
0
server
sffe
etag
"c48c26e1520dd276"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 8DC8
95 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18404bc6978af036f98de33dda32e81bead4b2f9e8c2b34fd1797f49e8a8311
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29078
x-xss-protection
0
server
sffe
etag
"d7a2b80ed38122e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 8DC8
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86a9464ffbed70b90a8cacf7be2bfd26136c96f0e0d225a97e2a39c869848d7e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"d0a086fa3dc6fb81"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 8DC8
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275332b506e606e11f9cf0e1f58becb2cb6e40e3e950c81362d1f1dc4538aab5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12951
x-xss-protection
0
server
sffe
etag
"5b45b474ee120fe8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
truncated
/ Frame 8DC8
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57089a3e87d8762b68e23e8ae8b88dcfbda10362c712df1feb2d8c84461cc77a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
5324536507048099397
tpc.googlesyndication.com/simgad/ Frame 8DC8
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5324536507048099397?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklMslnByfzZ18OJXEUqlMwaKUF-Q
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca23172a3431c3f72882e1ae7534a4b481d0d85a5b6bce884bd9b921e6a697a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 16:10:48 GMT
x-content-type-options
nosniff
age
221706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5457
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 04:39:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Apr 2025 16:10:48 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8DC8
2 KB
2 KB
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:37:42 GMT
x-content-type-options
nosniff
server
cafe
age
36492
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 18 Apr 2024 19:37:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8DC8
295 B
319 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:34:57 GMT
x-content-type-options
nosniff
server
cafe
age
43857
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 18 Apr 2024 17:34:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404082010000/ Frame E079
196 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023058011e8e331be9ad8d8996b14272c53419d06832c2a949dea0c7d0d19a69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56203
x-xss-protection
0
server
sffe
etag
"32afbce03ae4017a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame E079
15 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
207f2640faccdaf0001e824759e8b4d6391fda50258f7ffe5444326d3578bee5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5205
x-xss-protection
0
server
sffe
etag
"c48c26e1520dd276"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame E079
95 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18404bc6978af036f98de33dda32e81bead4b2f9e8c2b34fd1797f49e8a8311
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29078
x-xss-protection
0
server
sffe
etag
"d7a2b80ed38122e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame E079
5 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86a9464ffbed70b90a8cacf7be2bfd26136c96f0e0d225a97e2a39c869848d7e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"d0a086fa3dc6fb81"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame E079
40 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275332b506e606e11f9cf0e1f58becb2cb6e40e3e950c81362d1f1dc4538aab5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12951
x-xss-protection
0
server
sffe
etag
"5b45b474ee120fe8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
css
fonts.googleapis.com/ Frame E079
4 KB
753 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 05:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 05:25:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 05:45:54 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame E079
2 KB
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:37:42 GMT
x-content-type-options
nosniff
server
cafe
age
36492
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 18 Apr 2024 19:37:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame E079
295 B
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:34:57 GMT
x-content-type-options
nosniff
server
cafe
age
43857
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 18 Apr 2024 17:34:57 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6858925932566846098/ Frame E079
6 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6858925932566846098/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28b3d54a8e12c4af1fb7d629f5ab1d7a694cb04f48d07d324c6901ff8a711530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 17 Apr 2025 01:37:51 GMT
date
Wed, 17 Apr 2024 01:37:51 GMT
x-content-type-options
nosniff
age
101283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6479
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 10:56:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame E079
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe4f93a1a0ea62a435a87d2e339c3715c0bb39e9222ddd27c57b9465e389fc7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404082010000/ Frame 5342
196 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023058011e8e331be9ad8d8996b14272c53419d06832c2a949dea0c7d0d19a69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56203
x-xss-protection
0
server
sffe
etag
"32afbce03ae4017a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 5342
15 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
207f2640faccdaf0001e824759e8b4d6391fda50258f7ffe5444326d3578bee5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5205
x-xss-protection
0
server
sffe
etag
"c48c26e1520dd276"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 5342
95 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18404bc6978af036f98de33dda32e81bead4b2f9e8c2b34fd1797f49e8a8311
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29078
x-xss-protection
0
server
sffe
etag
"d7a2b80ed38122e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 5342
5 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86a9464ffbed70b90a8cacf7be2bfd26136c96f0e0d225a97e2a39c869848d7e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"d0a086fa3dc6fb81"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 5342
40 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275332b506e606e11f9cf0e1f58becb2cb6e40e3e950c81362d1f1dc4538aab5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12951
x-xss-protection
0
server
sffe
etag
"5b45b474ee120fe8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
css
fonts.googleapis.com/ Frame 5342
4 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 05:25:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 05:45:54 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 5342
2 KB
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:37:42 GMT
x-content-type-options
nosniff
server
cafe
age
36492
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 18 Apr 2024 19:37:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 5342
295 B
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:34:57 GMT
x-content-type-options
nosniff
server
cafe
age
43857
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 18 Apr 2024 17:34:57 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6858925932566846098/ Frame 5342
6 KB
0
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6858925932566846098/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28b3d54a8e12c4af1fb7d629f5ab1d7a694cb04f48d07d324c6901ff8a711530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 17 Apr 2025 01:37:51 GMT
date
Wed, 17 Apr 2024 01:37:51 GMT
x-content-type-options
nosniff
age
101283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6479
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 10:56:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 5342
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60830b664d50b6aa19c609dee46da6f1b1defcd684be16d7cb35403e8ad760f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404082010000/ Frame 7177
196 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023058011e8e331be9ad8d8996b14272c53419d06832c2a949dea0c7d0d19a69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56203
x-xss-protection
0
server
sffe
etag
"32afbce03ae4017a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 7177
15 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
207f2640faccdaf0001e824759e8b4d6391fda50258f7ffe5444326d3578bee5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5205
x-xss-protection
0
server
sffe
etag
"c48c26e1520dd276"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 7177
95 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18404bc6978af036f98de33dda32e81bead4b2f9e8c2b34fd1797f49e8a8311
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29078
x-xss-protection
0
server
sffe
etag
"d7a2b80ed38122e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 7177
5 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86a9464ffbed70b90a8cacf7be2bfd26136c96f0e0d225a97e2a39c869848d7e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"d0a086fa3dc6fb81"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404082010000/v0/ Frame 7177
40 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404082010000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275332b506e606e11f9cf0e1f58becb2cb6e40e3e950c81362d1f1dc4538aab5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 21:10:42 GMT
age
203712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12951
x-xss-protection
0
server
sffe
etag
"5b45b474ee120fe8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Apr 2025 21:10:42 GMT
5324536507048099397
tpc.googlesyndication.com/simgad/ Frame 7177
5 KB
0
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5324536507048099397?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklMslnByfzZ18OJXEUqlMwaKUF-Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca23172a3431c3f72882e1ae7534a4b481d0d85a5b6bce884bd9b921e6a697a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 16:10:48 GMT
x-content-type-options
nosniff
age
221706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5457
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 04:39:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Apr 2025 16:10:48 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 7177
2 KB
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:37:42 GMT
x-content-type-options
nosniff
server
cafe
age
36492
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 18 Apr 2024 19:37:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 7177
295 B
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:34:57 GMT
x-content-type-options
nosniff
server
cafe
age
43857
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 18 Apr 2024 17:34:57 GMT
truncated
/ Frame 7177
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b5fbe5269f7e87d49ed306343bc0e5488708fbcd00da21ab205e9a33c0fe96d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E079
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 01:17:56 GMT
x-content-type-options
nosniff
age
188878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 01:17:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E079
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:10:19 GMT
x-content-type-options
nosniff
age
178535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 04:10:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5342
16 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 01:17:56 GMT
x-content-type-options
nosniff
age
188878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 01:17:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5342
15 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:10:19 GMT
x-content-type-options
nosniff
age
178535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 04:10:19 GMT
nr-rum-1.255.0.min.js
js-agent.newrelic.com/
50 KB
18 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-rum-1.255.0.min.js
Requested by
Host: sysmon.soft32.com
URL: https://sysmon.soft32.com/old-version/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfd81339c0e5d507cb8bb10ce63f26765ce1019178560eb0c713bae8995e78a3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Origin
https://sysmon.soft32.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SVk8HmqMO5mxlo_zOYJO5HBjeXvMuiuP
content-encoding
br
via
1.1 varnish
date
Thu, 18 Apr 2024 05:45:54 GMT
strict-transport-security
max-age=300
x-amz-request-id
1JEHKH4RBA4EZYRD
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17484
x-amz-id-2
XVe20Odpt2bft9qLUwQJmVDbb6opXKcK2hn2DHJ59mH9h0ud9+WG6Sonz0ySX9EnLlLnN/+FLVqb2p3obL4lbeCAjfBCQGf1
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Thu, 04 Apr 2024 14:39:28 GMT
server
AmazonS3
etag
"9c3be5f2438bf9b06574488a88edac62"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
813
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d80b6f248bd93ac8858b46d8a120bf00919006e15b027d13eded7a92eabdae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12228
x-xss-protection
0
favicon.png
drugnom0x8w61.cloudfront.net/organic/main/images/
2 KB
3 KB
Other
General
Full URL
https://drugnom0x8w61.cloudfront.net/organic/main/images/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-205.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ebbc2f05010e625f58d46f6a2ed2d672b24ff591b463cd0ceaa3124b8b48c89a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Jan 2024 01:16:53 GMT
Via
1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
8051341
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2168
Last-Modified
Thu, 10 Aug 2017 10:59:01 GMT
Server
nginx
ETag
"598c3c75-878"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
VU8utPhevMvIp6NHuv5mUT6h7tNRrDAi1L_FvkKSPLP-Ww4uWk4U9A==
Expires
Wed, 15 Jan 2025 01:16:53 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame 8DC8
0
0

adview
pagead2.googlesyndication.com/pagead/ Frame E079
0
0

adview
pagead2.googlesyndication.com/pagead/ Frame 5342
0
0

adview
pagead2.googlesyndication.com/pagead/ Frame 7177
0
0

b9d332c3e7
bam.nr-data.net/1/
0
0

sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 05:45:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEB0
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sysmon.soft32.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
5161
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Apr 2024 04:19:53 GMT
expires
Fri, 18 Apr 2025 04:19:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=782279150&t=event&_s=2&dl=https%3A%2F%2Fsysmon.soft32.com%2Fold-version%2F&ul=de-de&de=UTF-8&dt=Download%20Sysmon%2013.33%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=notdetected&_u=KGBAgAAjAAAAAGAAI~&jid=&gjid=&cid=476883578.1713419154&tid=UA-110868-1&_gid=1171582238.1713419154&z=1360546193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 22:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27251
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 8DC8
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscmNuqiw57noDJXQ8Of062o3quwVs4oi6bqJrh7nq7fbrKhagBsbDg-gqEY4O-wZaq2NRcQtaFR5s4eq6GoF2yA6mG-ePcGWnePQboHsZYIWIRqhKoL3LPL2GLBPST33-hHW058-lN_fNbpFxbKPHQf3E4xmZUIlAj7lwfzpA&sig=Cg0ArKJSzLqOuuoHKQkOEAE&id=ampim&o=436,153&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=170&tls=1170&g=100&h=100&tt=1170&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.60&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:45:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E079
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUf5WKAXFDvUvfP3-6zAWYIPkcH_p5hP5J3PAPB0rs99vB0iJDu2-MNZ5gwWVhPkfUv00Ol8wNo5zQynXo-Ax_tbctgeyBp1WWD1fCnZfZ8O1LY_Tlmk5rMV76GolphNmEs4xtiOSEINX0j_JEOyhQXMgkzQ_iIQ299i-O8jY&sig=Cg0ArKJSzFTjEP1wUkctEAE&id=ampim&o=985,291&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=158&tls=1158&g=99.88124966621399&h=99.88124966621399&tt=1158&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.60&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:45:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5342
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvExApgrOz_WOig5MHa0EK6i9gUBiw44ka3PAtFFJttz2FrP_2ILGoykXFRaXoqfq1FRdUzs8nfVsqOoZZdd-WXkgkJbbUx2Q_BJtFJfswwebJ9XCgyJVUFmDqS4x5pXJeZQwP1t4HeS7-q5aZpJCwRcfuLyEZek8L7f8qF60A&sig=Cg0ArKJSzGKTcSFmqtPhEAE&id=ampim&o=985,563&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=148&tls=1148&g=99.83749985694885&h=99.83749985694885&tt=1148&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.60&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sysmon.soft32.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:45:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.net
URL
https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js%3F_%3D1713419153745
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CfMkAkrMgZv4BmcuO7A_ovZvoBemq94t2xo6L_u4R_rj_8o0OEAEgsc7CH2CV4pCCoAegAeag-NACyAEC4AIAqAMByAMIqgSiAk_Q9JamUYiJhQ02o3fLkon_ECkdzlYLx9lc-GHoejDhidlpm01C3LApwBOUOKhANWBylFdv_GzjulRJpYebTidwC8COZ0EokA7P8UPwVds-SsHjmxtHGUt23Vz329h23YRmBzFOgZGXFhs_UelI28rd0BpZL360T5hJGTT5NJba3KRX2L4L4BDbQMJnD20DFqYTyspUq-IkFn-TuIPM40-mECIuHzPG9O3XBcpPi82JqOD1roKBkdKy3mjIfyOo0U6R3JQBivVsDZqZJVrNliR7VfRX9b16_uqoj8VPZm1ZsYc5AHjLXvbP1Gp2OC7-Vt1uGYz_3zNZ6525W8PdAvBRXaZGlAMRM7gL2X90CXBWIAwfaiooi5-5w0feFwAk_8sIwASxuuHfvgTgBAGIBe6f2atMkgUECAQYAZIFBAgFGASgBgKAB4Lfh68BqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQsMEH0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WOyhmOCHy4UDmgkzaHR0cHM6Ly9nZXRlYXN5cGRmLmNvbS9wZGYvbHA0P3R5cGU9dmlld3BkZiZsYW5nPWRlgAoDyAsB4g0TCOH8mOCHy4UDFZmlgwcd6N4GXdgTDNAVAYAXAbIXHgocCAASFHB1Yi03MDE5NTEyOTg5NTY0ODU2GPHPC7IYCRICsV8YAiIBAOgYAQ&sigh=rb5CzE3Vqas&uach_m=%5B%5D&ase=2&nis=5&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CVsULkrMgZv8BmcuO7A_ovZvoBcSbvIl3m8DMlbsSZBABILHOwh9gleKQgqAHoAGRqpurPcgBCeACAKgDAcgDCqoEwwJP0NumSp_POwPheMGP_wlGNsBNalHp6c_I2-H7Cz-XLb3_G-b7sKsYWS8LDynKPUSTtbYfuS09feB4H7XzdFFdKeMWJYRN-wVvfn4K7uBl6MrvEguOOAN946OFcC2aDF3AlpntoLy3Ih9cj7IrmZsls9ayi3aXapLVYgadsMjR04PjQoBd2uw4P2tiio1Sfcp7NL7ETOY-CTROPa2CTk9pzoOkF_tNt-NQkkiqrfVm2yVBI8Iq7eKpaB2EfKxeQbnFYgD8dbSJ4veXEjIUEtTpzpaO4O1QuZ49G4-b74J_CGvP83Qgz_P9UJdzH_ychqRO1YORURzk8rcbimZCdDsi87aiP-BV5B_MLCra-CAA6VWVwfCGtJmMZovfGXj8sM9GurK5zrgnOv7nu495VJgZi9EXbhRM9lnucBQvePOkaWclF8AEj9_gjNME4AQBiAX9gZX3TpIFBAgEGAGSBQQIBRgEoAYugAeR4uuKGKgH2baxAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEELX8F9IIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOljsoZjgh8uFA5oJjgFodHRwczovL21hbnVhbHpwZGYuY29tL21hbnVhbHpQZGYuaHRtbD9jYW1wYWlnbl9pZD0yMTE4Nzg3MDk3MyZhZGdyb3VwX2lkPTE1OTc0NTg0NzE4MyZwbGFjZW1lbnRfaWQ9c3lzbW9uLnNvZnQzMi5jb20mY3JlYXRpdmVfaWQ9Njk3MDU3MjM1NDM1gAoDyAsB4g0TCOL8mOCHy4UDFZmlgwcd6N4GXdgTCtAVAYAXAbIXHgocCAASFHB1Yi03MDE5NTEyOTg5NTY0ODU2GPHPC7IYCRICsV8YLiIBAOgYAQ&sigh=iF77WCh2hso&uach_m=%5B%5D&ase=2&nis=5&template_id=5000&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CcnrukrMgZoACmcuO7A_ovZvoBcSbvIl3m8DMlbsSZBABILHOwh9gleKQgqAHoAGRqpurPcgBCeACAKgDAcgDCqoExAJP0KpqcRLzsDcT7yHWJa45AXy4NUcrk4x3Aw41Y8eMnwioD9XMIV1pQKiMT4DHtaGcxmbe_5n_-uBJKd1BA7Czs9BezDMb-Q5QA4aU5fZ4IUN5gVZmwqWEm5Rv6LIblLnQgE1Khp45tKTuuEVW28VsBqK_SDe7VUvv59UL0yLq6z2b3Ba_kmXx2FexszODmSlHkgeoy7qzHIhu9rSlkFRFTYgWGhxD1Y8rm7NT7GuosN5izIGKwbuHOy5j92vH14m0bOxG5F3UUqV1WkirtU7ZC6f_JhyMSVvY0Uhiuy48-flquN5g-iz7xojYLokhNNJD3IMwaSKvdqt5idz4VEcFH2CbtC97gBJHJAXmzg6_Zg01ae4DReGXiUEWkPpMlCeF17gtCsnelVcD_Dkpubn8vyH0AY268Y_ea21MeFf42dGLlYbABI_f4IzTBOAEAYgF_YGV906SBQQIBBgBkgUECAUYBKAGLoAHkeLrihioB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBBCUtBrSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpY7KGY4IfLhQOaCY4BaHR0cHM6Ly9tYW51YWx6cGRmLmNvbS9tYW51YWx6UGRmLmh0bWw_Y2FtcGFpZ25faWQ9MjExODc4NzA5NzMmYWRncm91cF9pZD0xNTk3NDU4NDcxODMmcGxhY2VtZW50X2lkPXN5c21vbi5zb2Z0MzIuY29tJmNyZWF0aXZlX2lkPTY5NzA1NzIzNTQzNYAKA8gLAeINEwjj_Jjgh8uFAxWZpYMHHejeBl3YEwrQFQGAFwGyFx4KHAgAEhRwdWItNzAxOTUxMjk4OTU2NDg1NhjxzwuyGAkSArFfGC4iAQDoGAE&sigh=poR0kM1KGH4&uach_m=%5B%5D&ase=2&nis=5&template_id=5000&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CkOIIkrMgZoMCmcuO7A_ovZvoBemq94t2xo6L_u4R_rj_8o0OEAEgsc7CH2CV4pCCoAegAeag-NACyAEC4AIAqAMByAMIqgSlAk_QKhQo64hw4AlBtvOWYnZhnUKYVswJ7itgfGSV0ia_C2jsKdC93hcPWkyPZu1UaPqUdiPMKUQ-OYGzRRK8o_H2JgRqwrWCHs3cJSABgJ5Wje9Hq7aGg0i_d8UUA0TTFXqsLcMzoiD0rwCHtkvXyBVpg7yqIaODPjbRHJloTqRr7Hq6IwUfA9wpjU3lkPTY9yzp_wW5z6k1HDHrJGNqtEcUNW7VJ-e_Md4U9EbW75lnoEKZec2QCvBbcdv937TKHpaJn51nOUBQdXhDO-A16l2DjdULEeE7FbBzu6n11n0JGRPJD9ZysLiak0-C--6dRKVE0jwnbHKtGd2M8stXBiciaX7sT_ol07jdXnfn5XsCmC-cr7Zrs7624fGWfH7DdPs2XGj2wASxuuHfvgTgBAGIBe6f2atMkgUECAQYAZIFBAgFGASgBgKAB4Lfh68BqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQh7oB0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WOyhmOCHy4UDmgkzaHR0cHM6Ly9nZXRlYXN5cGRmLmNvbS9wZGYvbHA0P3R5cGU9dmlld3BkZiZsYW5nPWRlgAoDyAsB4g0TCOb8mOCHy4UDFZmlgwcd6N4GXdgTDNAVAYAXAbIXHgocCAASFHB1Yi03MDE5NTEyOTg5NTY0ODU2GPHPC7IYCRICsV8YAiIBAOgYAQ&sigh=qY2Qxc9A0Ek&uach_m=%5B%5D&ase=2&nis=5&cbvp=2
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/b9d332c3e7?a=15894712&v=1.255.0&to=MVZWNUsDVhJXWk0MCwgcdxRKFlcMGUlLCgMUUllOVg5cTEBcSxYNCV0bCFcGXRk%3D&rst=2115&ck=0&s=180a8b9af8204df9&ref=https://sysmon.soft32.com/old-version/&hr=0&ap=835&be=1179&fe=897&dc=104&at=HRFVQwMZRRw%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1713419152494,%22n%22:0,%22f%22:0,%22dn%22:40,%22dne%22:40,%22c%22:40,%22s%22:46,%22ce%22:58,%22rq%22:58,%22rp%22:1179,%22rpe%22:1181,%22di%22:1263,%22ds%22:1263,%22de%22:1283,%22dc%22:2075,%22l%22:2075,%22le%22:2076%7D,%22navigation%22:%7B%7D%7D&fp=1252&fcp=1252
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404110101&jk=3293956692020949&bg=!7e6l7qHNAAacqq62vKo7ADQBe5WfOLzizo6qBNVynytb1qP7EU9O2yNkafDuesQgrA8gyNAkRzlOfid0aVV7gnrax5NsAgAAACNSAAAAAWgBB34ANYq6o6Q47QPAELUwDwz7Bq2pzX2O9pYeKZA8d103SXTLRjCyW60r7mUKlhmwiE1jWguKCUTLmQLmt550ML8wtruNPj1C5cRZsr471GCnHD1EehFE9UV1yiHWPEc5kI94NNxWPwNogpVPPddWPwxINSlgfwzogboRtjbnxzC_3tQqbg3I18BNOmr_dycaAlrFUZglTQNqEmBs7QdVucuZWp0i88EDtaKYxsGIjRKJ7XB3HZfM6mcmBeE8e6HQ0UmXNFREkCGgs4liDa3HMVnd_P6hxqkbgEULSJ2FhBqge9wgcBtxXhdkXyy_ZnDfAubqQBxDfAti5S9lYRZpqsOzP77ZybUlSdWVOyNtm6bjE0Bpo9d5eKVbsDV5XGnlw3TYQFL7zu5nFm4u3giQ0uMpKlblEclWMSlB1VtXv_7v0nAZj2kNmilgR_zf7tGfVpe2SGP33T7fGLlaXu-cFNqoXWlDM_ZV8oaO4veFByTkRyhSz-8qWEdmFEsAuj6KVNX7DNanLCzUD5NDmMfM9necJPOZ_1FqaVrd8nsAWYYjOC-Q5X-F7H_OwS_gPz12e8PeOawwB7UV1DvlcdwKS0Zp9tA3QAUbksGIlIke3A6jLMlH1Of0imJbnaBuqScV-p5kHFB9pH6dm8wpOCvwRYEVwAZWqLFhgxu5C4VvGgOFeida6agAZJez4eQ2JTBvp89OGLoy5tkXOomKEPRJCiI8jTYwx-bsB8Vy9kxIZCWN0jVZxADVSSYb0yKd6FE99Xjor4L9Ao6ndwv3fHl5ArrT_1sAw9T66v-2Gj6rmF9zVUVGVQLFb2f_jrZGbCtTALvdvS66__6g9KV4SBXxNOpnzJMXrxQ3wjn19EgTwsJnwDSEWdgEtsTYOnCOTRtMe_Ovc2RB8k-4uHdQLX7M0jjXlMYCiTbPykFFjoCoxLrYvBmqFAzeSceKyKln5KXMh2D675Is_HOz4TklJ0_uBeg1RYn4Wmsw9s6hwMDzZ3V3XKXBJROmWeMB_odqVPgoILvye2RtFZDEXsIsG5sRu2qde4RvvW7omlJXGup2pebBGw

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| NREUM object| webpackChunk:NRBA-1.255.0.PROD object| newrelic string| envCheck object| googletag number| width string| GoogleAnalyticsObject function| ga object| adsbygoogle boolean| ie6 string| assets string| currentOS object| platformList object| currentPlatforms function| modal function| iframe_resize function| modal_resize function| modal_close function| notification function| confirmation function| error function| hint function| cookie function| scrollable function| init_search function| reset_ignore function| measure number| timeout undefined| active_tab undefined| initial_index object| autocomplete_request boolean| ignore undefined| offset number| document_height number| main_top number| main_bottom number| window_height object| panel_height object| elements function| $ function| jQuery function| my_callback222 function| FuckAdBlock object| fuckAdBlock boolean| ready object| notifyBarNS number| asTime function| adBlockDetected function| adBlockNotDetected function| checkAgain object| jQuery111001404467375972378 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| dataLayer object| google_tag_manager function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmRiMjg4MzAxYTNmMGRiNGxvYWRlcl9qcw== string| NmRiMjg4MzAxYTNmMGRiNGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| __twttrll object| twttr object| __twttr object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.soft32.com/ Name: user_session
Value: b0069eff0d2a8820b9083d812e305605ba524169
.soft32.com/ Name: _ga
Value: GA1.2.476883578.1713419154
.soft32.com/ Name: _gid
Value: GA1.2.1171582238.1713419154
.soft32.com/ Name: _gat
Value: 1
.soft32.com/ Name: __eoi
Value: ID=3108e460cf9e499c:T=1713419153:RT=1713419153:S=AA-AfjafLUKSmn9jvMphQzYAp1PB
.soft32.com/ Name: _ga_E1KMLTR4GG
Value: GS1.2.1713419153.1.0.1713419154.0.0.0

4 Console Messages

Source Level URL
Text
security warning URL: https://sysmon.soft32.com/old-version/(Line 132)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
network error URL: https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js%3F_%3D1713419153745
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://sysmon.soft32.com/old-version/
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/b9d332c3e7?a=15894712&v=1.255.0&to=MVZWNUsDVhJXWk0MCwgcdxRKFlcMGUlLCgMUUllOVg5cTEBcSxYNCV0bCFcGXRk%3D&rst=2115&ck=0&s=180a8b9af8204df9&ref=https://sysmon.soft32.com/old-version/&hr=0&ap=835&be=1179&fe=897&dc=104&at=HRFVQwMZRRw%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1713419152494,%22n%22:0,%22f%22:0,%22dn%22:40,%22dne%22:40,%22c%22:40,%22s%22:46,%22ce%22:58,%22rq%22:58,%22rp%22:1179,%22rpe%22:1181,%22di%22:1263,%22ds%22:1263,%22de%22:1283,%22dc%22:2075,%22l%22:2075,%22le%22:2076%7D,%22navigation%22:%7B%7D%7D&fp=1252&fcp=1252' from origin 'https://sysmon.soft32.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/b9d332c3e7?a=15894712&v=1.255.0&to=MVZWNUsDVhJXWk0MCwgcdxRKFlcMGUlLCgMUUllOVg5cTEBcSxYNCV0bCFcGXRk%3D&rst=2115&ck=0&s=180a8b9af8204df9&ref=https://sysmon.soft32.com/old-version/&hr=0&ap=835&be=1179&fe=897&dc=104&at=HRFVQwMZRRw%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1713419152494,%22n%22:0,%22f%22:0,%22dn%22:40,%22dne%22:40,%22c%22:40,%22s%22:46,%22ce%22:58,%22rq%22:58,%22rp%22:1179,%22rpe%22:1181,%22di%22:1263,%22ds%22:1263,%22de%22:1283,%22dc%22:2075,%22l%22:2075,%22le%22:2076%7D,%22navigation%22:%7B%7D%7D&fp=1252&fcp=1252
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
c6a97c3b64b319fe0a7e96b4032c71be.safeframe.googlesyndication.com
cdn.ampproject.org
d3fnqfpn2r2a3x.cloudfront.net
d3gx3uz4yj2hnq.cloudfront.net
drugnom0x8w61.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
js-agent.newrelic.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
platform.twitter.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sysmon.soft32.com
tpc.googlesyndication.com
www.facebook.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
bam.nr-data.net
pagead2.googlesyndication.com
www.facebook.net
13.33.158.85
18.245.45.8
18.245.62.205
18.66.122.88
2001:4860:4802:34::36
2602:816:5001::39
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9d
023058011e8e331be9ad8d8996b14272c53419d06832c2a949dea0c7d0d19a69
02caa70e886c79313f1e6d08059948128d40f0071e1f35d7b7f61ad1262ee761
073552c85ec21bc1ecc4f4b662573f1a731af2106dc2d55de775bc78a6d6275e
0f9b9ced7604315b858ccb74a9d8c18c26faa7a2d5757b0e791172ede4a0b298
12adb76cc226ba0f612b9282c028f571f15f7b6db6d94b0182fea5a44cb4c710
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1af2bdaba9f7fe01962e7a42e6b7befa24f66f11568a239e005129f003b22ad1
1b5fbe5269f7e87d49ed306343bc0e5488708fbcd00da21ab205e9a33c0fe96d
207f2640faccdaf0001e824759e8b4d6391fda50258f7ffe5444326d3578bee5
216e52548f432cfb8705cb7db4d5d68c82425d321aa67e25b40d06a270f9ab6a
23988281e117ed15ba04dc2eaf8f266335bb8df61ea1c12adac6b11b06db7e2f
275332b506e606e11f9cf0e1f58becb2cb6e40e3e950c81362d1f1dc4538aab5
28b3d54a8e12c4af1fb7d629f5ab1d7a694cb04f48d07d324c6901ff8a711530
2ba84b2ec37218c494291fa243080b07b3aadf4281d9e30ce9c3a155f16b0404
32971bec3ef2e7a830f7d5c4e9a0ab8b75c3ffd7161875480790f2b44b6eb170
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d80b6f248bd93ac8858b46d8a120bf00919006e15b027d13eded7a92eabdae6
44a187a33de87e5b0b57b0991cc5a6d9c896ee23649c612d6f70b40077058df4
4dbba879684689e708a68f14cb732bb2bf1ae0a5cd3a3d31f64ff7d3d95e3e84
4fe4f93a1a0ea62a435a87d2e339c3715c0bb39e9222ddd27c57b9465e389fc7
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
5446f20705d4b7711f81f7bd7a29491672185000c371e01c6dc0816d46e60eb7
57089a3e87d8762b68e23e8ae8b88dcfbda10362c712df1feb2d8c84461cc77a
5f95f105fb31a29c60bad266cb1e5a89b6be3f71043ed729f0653774f2cee5c7
60830b664d50b6aa19c609dee46da6f1b1defcd684be16d7cb35403e8ad760f2
60f87d25b47e31e2475ed6344f2b2af842523a35d9974d286aea127becc55003
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d994e65b8404fa0c2887904f6ee27b96e1af41b8ad46c7df45c55db3e8ac0c
86a9464ffbed70b90a8cacf7be2bfd26136c96f0e0d225a97e2a39c869848d7e
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
886dfed5ff0c12ec234362dcef32d33f1825643d20a2b56c94296e6f860810ab
90398111962a3ff0a9655f7f331e3f738f659b81e3fdf7934a3f692a40463fd4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9369ee8966aab97772270370a8659ec83b9ffab58db03095796a2fe7c2553239
a18404bc6978af036f98de33dda32e81bead4b2f9e8c2b34fd1797f49e8a8311
a7dae3b272087bd56e8e6698b1cdb3d52b8d32dcd685318a29fb9c1a91ff45c5
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
aba7c27792fbb52b7748455500e0eb179faab3d57b53ad4fd71a961704ce3cc2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bf72bb2923d01765bb227f203fe55a18394cda7f2382e4d9bf588fd8095d4b3f
bfd81339c0e5d507cb8bb10ce63f26765ce1019178560eb0c713bae8995e78a3
c41e19212003ad71c6ef6bfc7c618c0e8b610bfbaa27b22145639b275793a1c0
ca23172a3431c3f72882e1ae7534a4b481d0d85a5b6bce884bd9b921e6a697a7
cdf3c3f22f6474f2ae8c8ad92a009008a58e785677d0d9f416a6556462d08b45
d262203d283af1ea69ddb395a969ae5121f3e28af18daa8d7cc79bbb839eccf5
de1698279e6f08b8695d64ae8ef0ab81ea8a029d65dad85ef9e9b426c52973d1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb24ad3c31b0b285f15e8e3a398b784374984fd3c36d7b288841aac2bd3bcfda
eb8dc51c7346ec961f6c3d4b8c019114a799fe04a2673a2d13152f3f38388780
ebbc2f05010e625f58d46f6a2ed2d672b24ff591b463cd0ceaa3124b8b48c89a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f54a4be576257721a2388a3678b709ca0833bb7ad7f3bb55653b2c7f052ff3
f30ab41cf7aaad27141e20389308ada7eaa9dc39ea0e521ea52d7937016d77c6
f5eeb329383b1c710082b413506505d1ccd3f128ed85bb734c05560ae37f780b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b73a7c0753c8962985a9a445e227521d69b5f31612e2e94bb51b6bacb4881d
f7eb0e4c54f2b9c628a59282eb3181cf59fe963d183685670ded5ff1a6417d97
f9f4bf5a900242efc520e83da9dd2327a71bee7ce782c1de66e8962dcb8744a0
fa3034ba4d18a5a8c426a014e09d0ea8cb17949ccc0bb6738d85ceb252b39a07
fa87047ad48f80870f2970b4a0e87e5e176c245f9bea5991ebc3e50a4f414394