ja.nex-software.com Open in urlscan Pro
2606:4700:3034::ac43:cc49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.nex-software.com/what-is-wavessvc64-exe
Submission Tags: falconsandbox
Submission: On June 13 via api (June 13th 2021, 11:58:06 am UTC) from US

Summary HTTP 92 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 22 domains to perform 92 HTTP transactions. The main IP is 2606:4700:3034::ac43:cc49, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.nex-software.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2021. Valid for: a year.

This is the only time ja.nex-software.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3034::ac43:cc49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:21f... 2600:9000:21f3:4600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:3c00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3032::6815:4aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2600:9000:206... 2600:9000:206e:6200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2600:9000:206... 2600:9000:206e:6000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.223.238.47 3.223.238.47	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:211... 2600:9000:211a:b600:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1 5	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
92	35

21 2606:4700:3034::ac43:cc49 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:4600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:3c00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:4aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

nex-software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:6200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:6000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.238.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-238-47.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:211a:b600:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	nex-software.com ja.nex-software.com nex-software.com pic.nex-software.com	927 KB
16	googlesyndication.com pagead2.googlesyndication.com 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com tpc.googlesyndication.com	121 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	160 KB
9	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com l.sharethis.com	38 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90002.redintelligence.net	10 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	zx-adnet.com cdn.zx-adnet.com	20 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.com adservice.google.com www.google.com	1 KB
2	consensu.org stat.optad360.mgr.consensu.org c.sharethis.mgr.consensu.org	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	optad360.io get.optad360.io	484 KB
1	contentspread.net cdn.contentspread.net	46 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	google.be adservice.google.be	853 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	nawpush.com na.nawpush.com	355 B
1	cstwpush.com cst.cstwpush.com	60 KB
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz	20 KB
92	22

	Domain	Requested by
14	pic.nex-software.com	ja.nex-software.com
12	nex-software.com	ja.nex-software.com nex-software.com
9	pagead2.googlesyndication.com	cst.wpu.sh 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
8	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
6	tpc.googlesyndication.com	201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
5	hal90002.redintelligence.net	1 redirects 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com hal90002.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	platform-cdn.sharethis.com	ja.nex-software.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com ja.nex-software.com
3	cdn.zx-adnet.com	ja.nex-software.com cdn.zx-adnet.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
2	counter.yadro.ru	1 redirects ja.nex-software.com
2	get.optad360.io	ja.nex-software.com get.optad360.io
1	www.google.com	tpc.googlesyndication.com
1	cdn.contentspread.net	hal90002.redintelligence.net
1	ajax.googleapis.com	hal90002.redintelligence.net
1	hal9000.redintelligence.net	201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
1	201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	l.sharethis.com	platform-api.sharethis.com
1	cdn.jsdelivr.net	get.optad360.io
1	count-server.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	js.wpushsdk.com	cst.wpu.sh
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	na.nawpush.com	cst.wpu.sh
1	platform-api.sharethis.com	ja.nex-software.com
1	cst.cstwpush.com	ja.nex-software.com
1	cst.wpu.sh	1 redirects
1	load5.biz	ja.nex-software.com
1	ja.nex-software.com
92	35

This site contains links to these domains. Also see Links.

Domain
nex-software.com
de.nex-software.com
it.nex-software.com
fr.nex-software.com
ro.nex-software.com
pt.nex-software.com
sv.nex-software.com
no.nex-software.com
nl.nex-software.com
da.nex-software.com
bg.nex-software.com
lt.nex-software.com
lv.nex-software.com
pl.nex-software.com
et.nex-software.com
fi.nex-software.com
hu.nex-software.com
sk.nex-software.com
sl.nex-software.com
uk.nex-software.com
ru.nex-software.com
hr.nex-software.com
cs.nex-software.com
vi.nex-software.com
tr.nex-software.com
th.nex-software.com
id.nex-software.com
hi.nex-software.com
sr.nex-software.com
ms.nex-software.com
ko.nex-software.com
el.nex-software.com
ar.nex-software.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-11` - `2022-05-10`	a year	crt.sh
load4.biz R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
covid19-dashboard.ivod.at GTS CA 1D4	`2021-05-17` - `2021-08-15`	3 months	crt.sh
cstwpush.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
na.nawpush.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
stat.optad360.mgr.consensu.org R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
js.wpushsdk.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.google.be GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ja.nex-software.com/what-is-wavessvc64-exe
Frame ID: 6B98D75AE5AE11761EE36EC8751E7EF8
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 33DC50713F4033305AC24F3B39B74E71
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 61407B4FF1B62EBA2E433D3111BDBC91
Requests: 1 HTTP requests in this frame

Frame: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E7518A517F9E740FB359FD5E09531C71
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY7YaXVzAB&v=APEucNWPLT2m_bqPeyeiTd-zPsc2AzGmjDVQgOmgjQ3ZjJ8qLNxgWBxE0bUXyz5O5VASK2y_G0WfCLjFb933nhp5JOYEls04HUWFycGsLB1GkLI9_23d4Q64d5zGnOZfxg2aJE4dQ-wLJ5usWV_AQIX9xBkbXzZ-oJA9Ysou_0a39-4fdiWutjQ9A18-32RFf-w9Sla1bA8TXVdMMAnISgdlMOXlzBaNIg
Frame ID: 1DFF1D8B4FF7239EB0C4AAD5B9A63B78
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7DD064745DBE0489FEF3DB5B25CF229
Requests: 3 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
Frame ID: 8F350300313EB1A747C34458895E9419
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: FB1B7A0E3091D47FA7175A11CD0CFFD0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 73E69EDC68B0F74A5EB232566CB7AACF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

92
Requests

100 %
HTTPS

51 %
IPv6

22
Domains

35
Subdomains

35
IPs

4
Countries

1992 kB
Transfer

3310 kB
Size

5
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://nex-software.com/download/reimage
Title: Windowsのエラーと最適化システムのパフォーマンスを修正するにはここをクリック

Search URL Search Domain Scan URL

URL: https://nex-software.com/que-es-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://de.nex-software.com/was-ist-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://it.nex-software.com/cos39e-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://fr.nex-software.com/qu39est-ce-que-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://ro.nex-software.com/ce-este-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://pt.nex-software.com/o-que-e-o-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://sv.nex-software.com/vad-ar-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://no.nex-software.com/hva-er-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://nl.nex-software.com/wat-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://da.nex-software.com/hvad-er-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://bg.nex-software.com/kakvo-e-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://lt.nex-software.com/kas-yra-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://lv.nex-software.com/kas-ir-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://pl.nex-software.com/co-jest-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://et.nex-software.com/mis-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://fi.nex-software.com/mika-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://hu.nex-software.com/mi-az-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://sk.nex-software.com/co-je-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://sl.nex-software.com/kaj-je-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://uk.nex-software.com/sho-take-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://ru.nex-software.com/chto-takoe-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://hr.nex-software.com/sto-je-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://cs.nex-software.com/co-je-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://vi.nex-software.com/wavessvc64exe-la-gi

Search URL Search Domain Scan URL

URL: https://tr.nex-software.com/wavessvc64exe-nedir

Search URL Search Domain Scan URL

URL: https://th.nex-software.com/what-is-wavessvc64-exe

Search URL Search Domain Scan URL

URL: https://id.nex-software.com/apa-itu-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://hi.nex-software.com/what-is-wavessvc64-exe

Search URL Search Domain Scan URL

URL: https://sr.nex-software.com/shta-je-vavessvc64eke

Search URL Search Domain Scan URL

URL: https://ms.nex-software.com/apa-itu-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://ko.nex-software.com/what-is-wavessvc64-exe

Search URL Search Domain Scan URL

URL: https://el.nex-software.com/ti-einai-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://ar.nex-software.com/ma-ho-wavessvc64exe

Search URL Search Domain Scan URL

URL: https://hi.nex-software.com/
Title: ja.nex-software.com - 2021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 36

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-wavessvc64-exe;0.49417054092935553 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-wavessvc64-exe;0.49417054092935553

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1&C=1

Request Chain 70

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMXyuScIMomwix0em1yKogAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKIAxbtUZTWIG87PiYQ_9cw&google_cver=1

Request Chain 72

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1OTA0MjUxNDA0NzM1ODE0Mg%3D%3D

Request Chain 78

https://hal90002.redintelligence.net/request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCX_SufLFYIHpCs6t3gPOwISICLv6hIpX5Nvo2OQJ8C4QASCqgMMiYLn4x4DcAcgBCakCfsYep6lQtD6oAwGqBNABT9CvWyXHxoUDvaRuoqJgoaF7xv2bjdG5QgGoXhNB2jpffL1XdRx5cJr9OefjG5yMGXvHU_HfuskoqQkyCbGg1FOQy2asw2bOlSGHgpl-6zVB9u4LFs4v3wwHZfvCfTOK8mATivp-lN_mNW6Y0CL1te4Zgu8ZBZVVee2A50d_DYuqRXFH8QWlto0MtEnZdnrPjB2lLOupcFoGVYQhXpqply3-JHSXYPBr8nEbu6XRpWRsjuXkV5q9UguE_9l8L98V0c2pRhWfRLVxrXFw6_DN68AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A%26sig%3DAOD64_2FAtTj449mYJ-4qx6cokbtgjOZlA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bh1FLzDrJrAWUSXCpcpmPRu_T824rINKkQnOrpQYocweaoUTDtWayJn47xH07iW3NzqiNKIFu53PdMp0GZ13Szt5MfqSHeqQzUTuimePlR7NaVuxfxVtlxW-9Jez7_exAzqJrOxwRzT85swmZSppk0uzSTpQ%26cry%3D1%26dbm_d%3DAKAmf-BEkUHRqTw9mQqSzdQSR0joi9sVGsSwZ6HMlwiLLJ9CbD2flqHfnw-oSbAeidNU-NdtAKmujh-0caMXaI3rS0ioDYELkgALy6jK3UBqGGmaxsmMd7M-xdz0V9Q-VVHU_-0ydGi6rxGe8dR6aM-sxS1AHru1LH4PCC9r9m5B-nJ9-MlXwv1kGRhRJ7OHabDOOLXHHaqOSW7ANDL5AukP1GouMtOBGsm1qrkjyjJbJu7VfAJO26_Di0uwXzBn00wPJ0vDd4nIxxxVaNcbHh3c2k-B1V_9jXJNrQoBLBYpfQk3-NHu9hRCpVntb02oX5ocvJl3YaPDmpR-c6uH8dCpbxWtKC-IY5wyMsSVKf1xdfDSrblpLHw0ntcHDGD305uAX_OSnZG6Lu6KiTFNNhQ8xcsBzwPlieRsxkogrrCxrtAqmMfb3CElzCRhcsagu-em4F_vFfHMXzXyX2TPzIetfZlay0dl5wKbU0l3o9C0Ov321a4T5WM%26adurl%3D&documentReferer=https%3A%2F%2Fja.nex-software.com%2F&ancestorOrigins=https%3A%2F%2Fja.nex-software.com&random=1255822362951&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCX_SufLFYIHpCs6t3gPOwISICLv6hIpX5Nvo2OQJ8C4QASCqgMMiYLn4x4DcAcgBCakCfsYep6lQtD6oAwGqBNABT9CvWyXHxoUDvaRuoqJgoaF7xv2bjdG5QgGoXhNB2jpffL1XdRx5cJr9OefjG5yMGXvHU_HfuskoqQkyCbGg1FOQy2asw2bOlSGHgpl-6zVB9u4LFs4v3wwHZfvCfTOK8mATivp-lN_mNW6Y0CL1te4Zgu8ZBZVVee2A50d_DYuqRXFH8QWlto0MtEnZdnrPjB2lLOupcFoGVYQhXpqply3-JHSXYPBr8nEbu6XRpWRsjuXkV5q9UguE_9l8L98V0c2pRhWfRLVxrXFw6_DN68AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A%26sig%3DAOD64_2FAtTj449mYJ-4qx6cokbtgjOZlA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bh1FLzDrJrAWUSXCpcpmPRu_T824rINKkQnOrpQYocweaoUTDtWayJn47xH07iW3NzqiNKIFu53PdMp0GZ13Szt5MfqSHeqQzUTuimePlR7NaVuxfxVtlxW-9Jez7_exAzqJrOxwRzT85swmZSppk0uzSTpQ%26cry%3D1%26dbm_d%3DAKAmf-BEkUHRqTw9mQqSzdQSR0joi9sVGsSwZ6HMlwiLLJ9CbD2flqHfnw-oSbAeidNU-NdtAKmujh-0caMXaI3rS0ioDYELkgALy6jK3UBqGGmaxsmMd7M-xdz0V9Q-VVHU_-0ydGi6rxGe8dR6aM-sxS1AHru1LH4PCC9r9m5B-nJ9-MlXwv1kGRhRJ7OHabDOOLXHHaqOSW7ANDL5AukP1GouMtOBGsm1qrkjyjJbJu7VfAJO26_Di0uwXzBn00wPJ0vDd4nIxxxVaNcbHh3c2k-B1V_9jXJNrQoBLBYpfQk3-NHu9hRCpVntb02oX5ocvJl3YaPDmpR-c6uH8dCpbxWtKC-IY5wyMsSVKf1xdfDSrblpLHw0ntcHDGD305uAX_OSnZG6Lu6KiTFNNhQ8xcsBzwPlieRsxkogrrCxrtAqmMfb3CElzCRhcsagu-em4F_vFfHMXzXyX2TPzIetfZlay0dl5wKbU0l3o9C0Ov321a4T5WM%26adurl%3D&documentReferer=https%3A%2F%2Fja.nex-software.com%2F&ancestorOrigins=https%3A%2F%2Fja.nex-software.com&random=1255822362951&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

92 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request what-is-wavessvc64-exe Show response
ja.nex-software.com/ 36 KB
7 KB 850ms
813ms Document
text/html 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610d4b9fa9dc2330eb8b14ae4572dff5056c08f01f323e840df87dadf0377195

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ja.nex-software.com
:scheme: https
:path: /what-is-wavessvc64-exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0aa6d534f50000178a2f380000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QuXQ%2BvnEbO9mA5w%2BtKpZM%2FnB4wD%2BneroOt0mJ5i9Jy8NqX2JmI1kgIGgl2itrvL47a4VdycdNbGPam%2FN5rgxL16c8w5k9rmC1dM8tYCLMNKg%2BtUGFKFeTAAnpTSmg1ewzti5yVgx13ge1v8ZAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65eb249b2864178a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 20 KB
20 KB 71ms
21ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

a7b8645dd7896edf51a260d71c0d23650b19547c3a9fd993a0a22e59b57c1d12

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 11:57:43 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 css.css
nex-software.com/template/css/ 6 KB
857 B 31ms
22ms Stylesheet
text/css 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/css.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d538350000178a3610d000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"180a-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C0G8I07KxFqv5OSCqj99N%2BaIIoop9Qhk1qdYV4jsQigul99RfzPmqb6cS0TvOQVBHUosGrSSh7nmcftQgD2pBSCZ5SETrov1z%2BciZetwhNIt70RPeeVqGX26bl%2BwDQTzBFmtzHSyxjXbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a04bd2178a-FRA

GET
H2 200 bootstrap.min.css
nex-software.com/template/css/ 132 KB
18 KB 34ms
25ms Stylesheet
text/css 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/bootstrap.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d538360000178ac0b7a000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211f6-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F8kM%2BvIFdNe05EZOxAmeKcfG3j%2Brb9cPMK5IILMHcT35qW5NcNP1gjMTfftHgTMhL%2BGmZc5aYGtHr%2BV0qctFADaHWB4umrXWZ999rXh2AWD8GLu7mEicLIR1%2FUr8xmVwGLtTTHy%2FegsRvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a04bd8178a-FRA

GET
H2 200 jquery.bxslider.css
nex-software.com/template/css/ 3 KB
1 KB 30ms
21ms Stylesheet
text/css 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/jquery.bxslider.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d538310000178ac489f000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dfd-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x3mxGY4bCJmvWr6HQUuvpIqHk%2BoSJC%2BBmNH0cRH3DuWQnlaj6qlfpbPdIV1nyVuthlzRInziB9XuXd9eyAtU7gNoObK28SiFlIRzX5qHfQgH5bfzzOOZ0e2aTwUT7MQgrScfBEhSKiXwLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a04bc5178a-FRA

GET
H2 200 style.min.css
nex-software.com/template/css/ 30 KB
5 KB 48ms
39ms Stylesheet
text/css 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/style.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d538370000178ac9050000000001
last-modified: Thu, 25 Feb 2021 19:47:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7999-5bc2e6d21c340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Xcz4u6by1pWQlCcEP3ImADjSHluDQK%2BIpBLWdhWfLazT%2FWKXAyvvPjpS0PNv2fLxAxLcrN5Lm8Op493Aw7w%2FM%2Feg6Gekx%2BzG7kVSVeqCYeYJLor%2Blzk6KtQeSGD81%2Bv5mz1mL9jfTXdFQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a04bd9178a-FRA

GET
H2 200 lang.min.css
nex-software.com/template/css/ 30 KB
20 KB 30ms
22ms Stylesheet
text/css 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/lang.min.css

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d538330000178af9378000000001
last-modified: Mon, 24 Feb 2020 17:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"76b8-59f556d479e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9pDDN5233GrHe%2FhT0S%2Far5lrKHnLg1Tu6VlXCcofs7PBSHG%2BSSlBhOWlNaXPx4xcNKMdwkcXqfyYeQrZ7%2BCmfB8943m94vD5vZPCIcrbhMSqAmatLOwMGUoCPaqOhDLCeVEhmVOtDfTPgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a04bcc178a-FRA

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 63ms
20ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 03 Jun 2021 14:06:51 GMT
x-timer: S1623585464.410990,VS0,VE1
etag: "e7092a49da41c66a6052dee2ef78d95b28e7c6b43d1cf74ea2c023b98a214134-br"
x-served-by: cache-ams21048-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sun, 13 Jun 2021 11:57:44 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19568
x-cache-hits: 1

GET
H/1.1

200
OK

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

59 KB
60 KB

86ms
20ms

Script
text/plain

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:44 GMT
Connection: Keep-Alive
Last-Modified: Tue, 25 May 2021 14:27:38 GMT
x-amz-meta-s3cmd-attrs: atime:1621952841/ctime:1621952841/gid:0/gname:root/md5:f7f10698b0e6bb748101b0917e29d311/mode:33188/mtime:1621952770/uid:0/uname:root
x-amz-request-id: tx00000000000005af4d273-0060c5f074-fc22bc6-fra1a
etag: "f7f10698b0e6bb748101b0917e29d311"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1623585464.dop053.fr8.t,1623585464.cds260.fr8.shn,1623585464.cds260.fr8.c
Content-Type: text/plain
Cache-Control: max-age=3020
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60434

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Sun, 13 Jun 2021 11:57:44 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/ 271 KB
73 KB 86ms
51ms Script
application/javascript 2600:9000:21f3:4600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 08:39:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"17e80f6c6feec0780f80abd32f10552b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: l2hC2HqgjjV7Ni3C-Sl6m6OBt8ZT97XrOf-7YnfotqFVMb_rE-z5TQ==

GET
H2 200 what-is-wavessvc64-exe.jpg
pic.nex-software.com/img/file-info/106/ 196 KB
197 KB 46ms
30ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/106/what-is-wavessvc64-exe.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a2fe50e4a9eaf5e6c2a75a2dd7f7a5f3166c389a4af6f456db9d9b1f4d3933

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4904
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 201127
cf-request-id: 0aa6d5383c0000178af6351000000001
last-modified: Sun, 14 Jul 2019 08:06:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "311a7-58d9f9d6c7300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8fhYjvcHRadnVEe7txFfQys570XA4Fryc%2Bc9xjbSB0m8Csg4wEicZWV7%2B%2FPi3tnjdRfUn4dFOu6VV6IgCjil7aU8oVUzH1nr%2FNQQsrkdrnqlxlNyOcrdbE%2FZO1TyHnEjteIKVzc5hqjza59ysiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a05bf2178a-FRA

GET
H2 200 what-is-ns-exe-min.jpg
pic.nex-software.com/img/process-information/671/ 67 KB
68 KB 736ms
720ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/671/what-is-ns-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a3f199f4d57adf540f3caad5165a22bd92b56a9d985721de3a59846614f438

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 68698
cf-request-id: 0aa6d5383c0000178a29bb5000000001
last-modified: Sun, 09 Feb 2020 22:10:58 GMT
server: cloudflare
etag: "10c5a-59e2be5b24080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UMD0A%2FerIatRNcoUnyMFTivXJiKU6hSep0y1nQJoMcejGmvI0k4DU64ePNanYNpr2E%2B2XIdQkupZfQCx%2Bo3evehLV7%2FZQXISfsnHcFMw32LF1XKqx1qvCrYfINbMjlVTuP6511vOkflZGDoSC9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a05bf4178a-FRA

GET
H2 200 what-is-setup-exe-min.jpg
pic.nex-software.com/img/file-info/813/ 41 KB
42 KB 737ms
722ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/813/what-is-setup-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd85ee9077bdcbc835d827537efadb347cb873934f274d3b95f36c7ae2989468

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42096
cf-request-id: 0aa6d5383e0000178a0f870000000001
last-modified: Sun, 14 Jul 2019 08:06:24 GMT
server: cloudflare
etag: "a470-58d9f9e9da000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zxIzDRIGHGRYe%2BM9bCVMDvF47AG4%2FgDAxSf0FEyVmHmnOJXZYm%2BdZgZKHatjozAh1%2BHLde3V9H2pEBytA34wyF%2BSLr9AfnYUonSSizc4ovNPFRvSgbeTWtHBENcXFUNA0tLk%2Fy9d4AXFEIiChwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a05bf1178a-FRA

GET
H2 200 what-is-safeboot-min.jpg
pic.nex-software.com/img/process-information/3938/ 124 KB
125 KB 40ms
25ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3938/what-is-safeboot-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0750391c557feb6f16c8113b9381205fdcd141c915db6ad76808cc0a928be611

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3003
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 126794
cf-request-id: 0aa6d5383b0000178a1531a000000001
last-modified: Sun, 09 Feb 2020 22:10:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1ef4a-59e2be2f45900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E6We8v5xYlCXLmvTojUdN3AjOnkc0YN8Op%2F7dUbUyvj1KWXTIrStwT4V8%2FbLf0rbOw2UnseCcbJts6BWYakfGRhFaDrJKo0Q0ZwDmHHV%2B95HBSWZdqOWFzzS1KNiYvCdk1g7BQ2WIZ9aKURyVEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a05bee178a-FRA

GET
H2 200 what-is-netbt-min.jpg
pic.nex-software.com/img/process-information/1004/ 14 KB
14 KB 724ms
709ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/1004/what-is-netbt-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5217d8064ec55e4b2f46f22b527e479cd512561fe625e89eb6b3f256f702a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13845
cf-request-id: 0aa6d5383d0000178ac3094000000001
last-modified: Sun, 09 Feb 2020 22:11:06 GMT
server: cloudflare
etag: "3615-59e2be62c5280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NXg0shq4wDbZ7NumP7CHmY78t%2FB44GsQTDR4y%2FqvZAFJ25PKxnguFgdE8HBGkmdZSHdF%2B5PiwJyshPj4UZ21JxOVdU%2BHuCZ7cGjP58RBeIogdS4%2FvsbJ4gxn%2F9a1l2Mz7OJqijHkqKE9OwNtPaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a05bf5178a-FRA

GET
H2 200 how-remove-hdvid-codec-malware-min.jpg
pic.nex-software.com/img/process-information/358/ 34 KB
35 KB 45ms
30ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/358/how-remove-hdvid-codec-malware-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033cb2f3c4fa161065f877fdfa081ab5a47aa613594a66972e18ede937f78db2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2314
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35211
cf-request-id: 0aa6d5383d0000178ad4127000000001
last-modified: Sun, 09 Feb 2020 22:14:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "898b-59e2bf1427500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C5acXiv1x63ygrlAdVWelvjO%2FZciNkChwqGEgEBp8%2BOU237TquydCRKZ%2Fw0CJ8tbcLp7VIthgSQawx0YQmjFD0Dyh9qDBzHOdlpa8YkS4rYm%2B%2B751KFJccA8J1ETsuTEU9WjeaWQ98MnYyvuJbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a05bf7178a-FRA

GET
H3-29 200 what-is-pstart-exe-min.jpg
pic.nex-software.com/img/process-information/3961/ 30 KB
31 KB 42ms
29ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3961/what-is-pstart-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28431d6eb9ee90253524fb33ee132bca0a9094d8c182601580a767b295040863

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6349
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30940
cf-request-id: 0aa6d5386400002484ee35d000000001
last-modified: Sun, 09 Feb 2020 22:10:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "78dc-59e2be4070180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hqT96YW9uLh%2BbfHv7BVYnHclB3L%2BYz1eFCvqM8m5Z5cA4iUPTHiDotefDiViRnvX3fuRmZcsYLXqTOdLS6saau0sbw0N0mPIwsuLXHUTNp2n0FVykSMLRmkfbG%2BJH2c3jS4Erw3UjxxMzp1EVWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a09ae42484-FRA

GET
H3-29 200 what-is-gta5-exe-min.jpg
pic.nex-software.com/img/process-information/232/ 77 KB
78 KB 720ms
707ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/232/what-is-gta5-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e14158e849b095f12e03ac2d32ec8ab978aeff9a2b384c90df0989086dc657

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78992
cf-request-id: 0aa6d53866000024842b279000000001
last-modified: Sun, 09 Feb 2020 22:12:10 GMT
server: cloudflare
etag: "13490-59e2be9fce280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IUFcqySkxejnoOrqThoOmlnxiy3A9odNSoHmot0yFx7rJoyggpOf1u54xhYteX6GuHU6QNOT43Zm3W%2FIA0PMzCyHRc5AlyK6hwE304VAf0Q99Weu1YURZBQl1MLNUTDltcnSQDYd8KNnClMBErE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aaec2484-FRA

GET
H3-29 200 what-is-taskhostex-exe-min.jpg
pic.nex-software.com/img/file-info/888/ 44 KB
45 KB 48ms
35ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/file-info/888/what-is-taskhostex-exe-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d988376a24fdfb69c0cdb6657d9a2d9305e788462647487db53aa6f010daacd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4329
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45296
cf-request-id: 0aa6d53866000024841b945000000001
last-modified: Sun, 14 Jul 2019 08:06:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b0f0-58d9f9e050980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wfvZCJZ0oNThy4vFRcfj5XpGk7pbHDMaeZS%2BNSYX9d5Xr9tysC3H517kI6JhsKB0gkN%2B%2BgMRA1fpSsUVR6LdeZHave8BBLURdzBiNfG2sYipILsBgx%2FPYnD0Z5yt%2FJ9uTk4DAPQ4bF5zzl%2Bh7m8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aaed2484-FRA

GET
H3-29 200 what-is-asusgpufanserviceex-min.jpg
pic.nex-software.com/img/process-information/2156/ 27 KB
27 KB 807ms
794ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2156/what-is-asusgpufanserviceex-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf40171905e3190681ade0a153afc5bab9cda9174458be68706f9c2baa4128d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27399
cf-request-id: 0aa6d538650000248406314000000001
last-modified: Sun, 09 Feb 2020 22:13:36 GMT
server: cloudflare
etag: "6b07-59e2bef1d2400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0Adl%2BG%2FJAI%2FBFfh1yzLd9215Zx7jYT345RvMKVs7KBfRI%2B4%2B%2Fm%2FgLGQFtldHGF91S3%2Bu8D0P8hFf9ZMR9ioKD8amVd5UAZZPMcGIE9MiXxqx9iABSI6yNcnm8sEkbBgkY6uLEzcANIb8oYjcUAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aaeb2484-FRA

GET
H3-29 200 what-is-syntp-min.jpg
pic.nex-software.com/img/process-information/58/ 24 KB
25 KB 878ms
865ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/58/what-is-syntp-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a615300af511c774e001ce30a08870997b05e0223ad548a57fe399e7986d2f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24843
cf-request-id: 0aa6d5386600002484d20a4000000001
last-modified: Sun, 09 Feb 2020 22:09:42 GMT
server: cloudflare
etag: "610b-59e2be12a9580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MdxGDG4QMYJEzjwQntjxPbwVgjFonbRXAXTCBtUiETRIM27JNFqXOWfxDBXt5bCbS8URySPCaB0uWJ5YuEHpOaNTu%2Fz8Zbb8MGqfAnDG0hdnPlshU5jom%2BRvAFf5JJcCeNvgvPNIlCzwUbiHJ9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aaf02484-FRA

GET
H3-29 200 what-is-control-center-min.jpg
pic.nex-software.com/img/process-information/2512/ 20 KB
20 KB 868ms
855ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2512/what-is-control-center-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a962ce1a5acdd95a60f51c49e490cea7a63c473f397b2937e581b787fd77fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20061
cf-request-id: 0aa6d538640000248437ae5000000001
last-modified: Sun, 09 Feb 2020 22:13:04 GMT
server: cloudflare
etag: "4e5d-59e2bed34dc00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DGxVtB7sqFevHEtT0rFXb7OsdsQAAugPW5ZQ%2BdcKz7QWnIVZSU3Zrj44TBCqKOpvKrjg%2BX2WpkiEn1EnefcmN415DZ7NpJUN4asX9Xzjg5p7nGSQwgM8cZ9wIR6WY4liUOSOzUpcChhkXfECBXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aae72484-FRA

GET
H3-29 200 how-remove-loader-virus-min.jpg
pic.nex-software.com/img/process-information/3230/ 40 KB
40 KB 693ms
680ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/3230/how-remove-loader-virus-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea11ab133411b88d7c25d1e84788361dbe4bc32cf22dd85ccd29c25acb53803e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40772
cf-request-id: 0aa6d538650000248434bc4000000001
last-modified: Sun, 09 Feb 2020 22:14:10 GMT
server: cloudflare
etag: "9f44-59e2bf123f080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XURbhGdNmHOK2I929DWhs7R6kfNMUtxPCrjkCyGNmkYzJShKnkq9ejrkFCdmka4L71gfGGXoKZpoaJIUicF1g%2FgKeoa%2BcPrqJUF%2FFVl5fuio6FKW6AEOBJuAHSD1rd0byKqHxyeCr%2BOAyD4rhuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aae92484-FRA

GET
H3-29 200 what-is-dragon_updater-min.jpg
pic.nex-software.com/img/process-information/2310/ 32 KB
33 KB 1152ms
1139ms Image
image/jpeg 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.nex-software.com/img/process-information/2310/what-is-dragon_updater-min.jpg

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba667d2adba3d0cfb0d465e9ae9fde4fd3e27006b3a78cd0529a2b4fb2b1a174

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 33034
cf-request-id: 0aa6d5386d0000248426945000000001
last-modified: Sun, 09 Feb 2020 22:12:42 GMT
server: cloudflare
etag: "810a-59e2bebe52a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xuGVUYLcpD8SeIrhmXAjaQqDwigJFu7imTAW78jsf32ztnhwoIM%2FX3T5hssQwEQWCojlKE%2FZ6tEwH81JckqCrdx39Fj%2F8wKvbTQx%2Fc2ERbCX5%2B2bvlqy38DtcW0WABtzFPSEUjOZ0BapVITqP3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a0aafa2484-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 66ms
23ms Script
text/javascript 2600:9000:211a:3c00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:3c00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 398f847e21cc0c2fb2ed6decf4edffe1d89d68426a1866562e880a121c75828c

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:52:23 GMT
content-encoding: gzip
age: 321
etag: W/"1940d-jurO6jbG/VtZxO6Zt5jjbv50Xac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 b0311c7e530c126dd286898583b59e4c.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: voNNZK6MQwQV0VqJSLPxi0Hy87vJ9zxYO5ibIoUxZzIPLR0XihcdIQ==

GET
H2 200 jquery-3.1.1.min.js Show response
nex-software.com/template/js/ 85 KB
29 KB 40ms
32ms Script
application/javascript 2606:4700:3034::ac43:cc49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery-3.1.1.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cc49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 110
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d538370000178aee8ba000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"152b5-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KdtKDHzK45N2AkOHHvVf7PNDUxPHPh2RgXUHpMXc6OKFxk%2Btky0%2Bh5PupHofeJJ9Oci3GTsMHgIzJsKUvEAMwiO2LhuoRbrHYxS2bgKhCjPdedv%2B%2FKlcjrHgs1tfitaMkasyxW%2F0hnU2uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a04bdd178a-FRA

GET
H3-29 200 jquery.slicknav.min.js Show response
nex-software.com/template/js/ 8 KB
3 KB 48ms
22ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.slicknav.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 110
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d5386000001f410f2a9000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"20df-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Mk%2BVMbhuvzs8kg1ndrjdWtRpwXCMB9rR5BFmgXFx09JnTbjfx6C2ezBJhS8t8T5MLqrq2ppS6MZazExyh3%2Bx486Nz3WBQQ6GswrXT0sxUG%2B66RUg%2BEzcwwvCpnNJ0subnHuMv8FEbd2b2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a09ea21f41-FRA

GET
H3-29 200 jquery.bxslider.min.js Show response
nex-software.com/template/js/ 23 KB
6 KB 62ms
37ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/jquery.bxslider.min.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 216
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d5386100001f410dbd0000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bf7-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KcM2Egwalgqu8EOFwBK7bGHXA3MNEeYlOLeyZSd8PW7hs6lxGUCOxCEtdjMcpzGw%2B3BKAeSMCs7paJgR%2BClagBjmCNXSlS2ONuBDqKfsxucusxs5XwW8DCwhFjy%2Fro0lV%2BgTx030Sp%2FoNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a09ea51f41-FRA

GET
H3-29 200 script.js Show response
nex-software.com/template/js/ 2 KB
1 KB 47ms
21ms Script
application/javascript 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/js/script.js

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 110
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d5386100001f41dc9ce000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63c-581b2cc948300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tHx7Kb6tFxoCdBgRj06Ryp7WwnZ%2BZeCKbRVkuGwizE6ngyMrlbBYjhDJd5nR0wEyFR6dwd843R%2FayX4nW9sSNDjzmu5%2Frfp71YEnpNIeKYWPmfNBuec31r9k4Z9KwnP4MPbeeAhT2KVljw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 65eb24a09ea81f41-FRA

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
234 B 19ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 03 Jun 2021 14:06:51 GMT
x-timer: S1623585464.446633,VS0,VE0
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-ams21048-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sun, 13 Jun 2021 11:57:44 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 3

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 74 B
388 B 188ms
187ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.nex-software.com/what-is-wavessvc64-exe
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 85
x-served-by: cache-ams21048-AMS
server: Google Frontend
x-timer: S1623585464.467753,VS0,VE168
etag: W/"4a-U3myf635cTml8/jliRIqPS6GEqY"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: ad484e966e7f22fc5ffc20f90398c244
cache-control: max-age=3600,public
function-execution-id: ay4hotu344lo
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: BE
x-cache-hits: 0

GET
H2 200 1350 Show response
na.nawpush.com/tags/ 240 B
355 B 58ms
19ms XHR
application/json 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1350
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 11:57:44 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

409c54d3a3df39cf77ae958e2a9a6edea2bd35b4184b42a07177c18593deffdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48396
x-xss-protection: 0
server: cafe
etag: 8245617347522642849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 11:57:44 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
nex-software.com/template/css/ 18 KB
19 KB 1145ms
1133ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18728
cf-request-id: 0aa6d5390a00004ec1a60dd000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4928-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dyFAlB4rS0A%2BA8%2FxR0tv3G%2B7aCKCUX5txMtHEIndNKXIp41A7ZyOMVFmRL1LrWfOKOJHIPQuLhR3aXvnh3T1HxlkA%2B0OPgCgAXwNANrHWDMj6u8dbV3TYpM6hErDs%2BfeDIfEQcLaaOjETw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a1ab144ec1-FRA

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
nex-software.com/template/css/ 18 KB
19 KB 1335ms
1323ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18684
cf-request-id: 0aa6d5390a00004ec1e336e000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "48fc-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=estH%2FzPCciXT79tce8FTqwFw%2Fgp4%2FZMSYAa%2FwRKB4NiSCczokeNi4ZffvQLLFxlGXqI%2FU5O51RGuVCoTnqaJe7t91fFcH1PVM0FlMFGkxwyGtECUXcw7ngwTpM8Kk9oq5JtfHASvPAE4rA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a1ab124ec1-FRA

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
nex-software.com/template/css/ 19 KB
19 KB 1280ms
1269ms Font
application/octet-stream 2606:4700:3032::6815:4aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nex-software.com/template/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: nex-software.com
URL: https://nex-software.com/template/css/css.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://ja.nex-software.com
Referer: https://nex-software.com/template/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18956
cf-request-id: 0aa6d5390900004ec1af2c5000000001
last-modified: Tue, 12 Feb 2019 13:57:00 GMT
server: cloudflare
etag: "4a0c-581b2cc948300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PCCw44Cbo11Drq32UCWj2ToENEdAznyGmtQhpiV872ohj%2FJhL2WVCZyZYMRf2WffM%2BORYOWW9ZJKk8%2BNfrHGtXkiOHjiLevpMndfkaWNIZZ2UZYA8yllFmQPqmlKK8LhbbA6ae93w22oVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65eb24a1ab114ec1-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-wavessvc64-exe;0.49417054092935553
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-wavessvc64-exe;0.49417054092935553

43 B
528 B

54ms
54ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-wavessvc64-exe;0.49417054092935553

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.nex-software.com/what-is-wavessvc64-exe;0.49417054092935553
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 12 Jun 2020 21:00:00 GMT

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
777 B 64ms
21ms Script
text/javascript 2600:9000:206e:6200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:6200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:11 GMT
via: 1.1 ccc2e147947b6e1dcaa206a56faa4bb5.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
age: 88
etag: "8f8c95d8315dedb8a7c82f24235b706f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 434
x-amz-cf-id: O9dJ5Arq6H0iXBpyRjB8RlgYRiHUEAc9S-uJWD_ICYP3dubAyvcMBA==

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 89ms
25ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 50976d2189954f806e80703a0ba8aa340d2612ae6195e255c21f3de40a1586a8

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 11:57:44 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 84ms
30ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

002ef11f416faee7c93715fede619178796f73517f0622039e459957fe216fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "901 / 634 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Sun, 13 Jun 2021 11:57:44 GMT

GET
H2 200 prebid4.19.0.js Show response
get.optad360.io/sf/ 410 KB
411 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:4600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.19.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1a65995e-7e07-43bd-8be2-2ee136ae3c03/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:04:22 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Thu, 17 Dec 2020 09:52:06 GMT
server: AmazonS3
age: 71603
etag: "08b0612ac0c68ebf519b28323f4e2aa2"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 420147
x-amz-cf-id: 4JNs8c-qFXvlvM6WkHzgd0ayvE6qEspmdW2dwCg6XGNttuEbeCqB1g==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 33DC 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 08:20:10 GMT
expires: Sun, 27 Jun 2021 08:20:10 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 13054
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 58ms
18ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 13 Jun 2021 12:57:44 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 6140 2 KB
1 KB 63ms
20ms Document
text/html 2600:9000:206e:6000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:6000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Sun, 13 Jun 2021 11:25:19 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19e8b9893b6330d5d62599a448aea7db.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: ABJ99w7k0jqAo5nFrZAxHHfR_dxHC7XZPY5PWaw45m91s4p1Zaf9FQ==
age: 1945

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 181 B
427 B 416ms
113ms Script
text/javascript 3.223.238.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.238.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-238-47.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8c3e21a148232f359cb00a34ceaf73b90aab27efa5bdf9037c1fb2b8c4cfa2bf

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:45 GMT
Cache-Control: public, max-age=900
ETag: c493271fd8e8540d8609c63937f57539
Connection: keep-alive
X-Powered-By: Express
Content-Length: 181
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
678 B 70ms
20ms Image
image/svg+xml 2600:9000:211a:b600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 May 2021 17:58:44 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2570340
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 301
x-amz-cf-id: 3xiDxhJgvdDcoBzjLTsxx4wCFEK5cf-WrLctywRt_nd4K5GEpgnjwQ==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 70ms
20ms Image
image/svg+xml 2600:9000:211a:b600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 May 2021 09:16:00 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2256105
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 731
x-amz-cf-id: UQlYDkSipCcWj3_gaSx_BB42yuxOvFmhvNxJUQ7GFTgrXkiPJVug1Q==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 70ms
21ms Image
image/svg+xml 2600:9000:211a:b600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 May 2021 16:02:42 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2318103
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 771
x-amz-cf-id: RoiIzc4TQG2hNkkDCjYB9bpVSd_lY7CLHCWetRdu9G6llcU477JvZA==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
721 B 70ms
21ms Image
image/svg+xml 2600:9000:211a:b600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Jun 2021 00:33:37 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 213848
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 343
x-amz-cf-id: lXqCkrzeS6JkNf0Vxl2H63wdsMDNLD8FIm6dHT6dhCT72Nfto402iQ==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
890 B 42ms
21ms Image
image/svg+xml 2600:9000:211a:b600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 15 May 2021 08:11:18 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2519186
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 514
x-amz-cf-id: UvIB9a5tWhfynM20GV4-bMJ_hdHCo1FQ6cMdkXsrSHWvNaufe3E_fQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 28ms
12ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210613

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

514ea21b6bb4184375ed0fb7c1694c4778f4f9da5dd7d8982cd8fba5fd5b4d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Jun 2021 11:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32186
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa6d53a650000536466b17000000001
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"69b-fqDMX8On+wfYNW7X+eLdPc0YfLg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 65eb24a3dbe95364-FRA

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 60ms
30ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Sun, 13 Jun 2021 11:57:45 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
341 B 96ms
24ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=ja.nex-software.com&location=%2Fwhat-is-wavessvc64-exe&product=unknown&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=WavesSvc64.exe%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&bsamesite=true&consent_cookie_duration=158&consent_duration=158&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Windows%E3%81%AE%E3%82%BF%E3%82%B9%E3%82%AF%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B8%E3%83%A3%E3%81%A7WavesSvc64.exe%E3%83%97%E3%83%AD%E3%82%BB%E3%82%B9%20Waves%20MaxxAudio%20Service%20Application%E3%81%A8%E3%81%97%E3%81%A6%E7%9F%A5%E3%82%89%E3%82%8C%E3%82%8B%E3%83%97%E3%83%AD%E3%82%BB%E3%82%B9%E3%81%AF%E3%80%81Waves%20Audio%E8%A3%BD%E3%82%BD%E3%83%95%E3%83%88%E3%82%A6%E3%82%A7%E3%82%A2Maxx%20Audio%20Installer%E3%81%BE%E3%81%9F%E3%81%AFRealtek%20High%20Definition%20Audio%20Driver%E3%81%AB%E5%B1%9E%E3%81%97%E3%81%BE%E3%81%99%E3%80%82%20%E8%A8%98%E8%BF%B0%EF%BC%9A%20WavesSvc64.exe%E3%81%AF%E3%80%81Windows%E3%81%AB%E5%BF%85%E8%A6%81%E4%B8%8D%E5%8F%AF%E6%AC%A0%E3%81%A7%E3%81%AF%E3%81%AA%E3%81%84%E3%81%9F%E3%82%81%E3%80%81%E5%A4%9A%E3%81%8F%E3%81%AE%E5%A0%B4%E5%90%88%E5%95%8F%E9%A1%8C%E3%82%92%E5%BC%95%E3%81%8D%E8%B5%B7%E3%81%93%E3%81%99%E5%8F%AF%E8%83%BD%E6%80%A7%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%80%82%20WavesSvc64.exe%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%81%AF%E3%80%81%20%22C%EF%BC%9A%C2%A5Program%20Files%22%E3%81%AE%E3%82%B5%E3%83%96%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%83%BC%EF%BC%88%E9%80%9A%E5%B8%B8%20C%EF%BC%9A%5C%20Program%20Files%20%5C%20Waves%20%5C%20MaxxAudio%20%5C%20%E3%81%BE%E3%81%9F%E3%81%AF%20C%EF%BC%9A%5C%20Program%20Files%20%5C%20Realtek%20%5C%20Audio%20%5C%20HDA%20%5C%20%EF%BC%89%E3%81%AB%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%80%82%20Windows%2010%2F8%2F7%20%2F%20XP
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:45 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ja.nex-software.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.nex-software.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 258ms
257ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=538063754866595&correlator=1230228584341536&output=ldjh&impl=fif&eid=31061161%2C31061289%2C31061151%2C31061180%2C31060839&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210613&iu_parts=121764058%2Cnex-software.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623585465&dt=1623585465112&dlt=1623585464355&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=533696614&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=974966726.1623585465&ga_sid=1623585465&ga_hid=580024472&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

558bea0e82404ccd892d1c5a3c570097aea177fcad52a3baa291fdc558eac201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8291
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
267 B 1683ms
1683ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=538063754866595&correlator=1230228584341536&output=ldjh&impl=fif&eid=31061161%2C31061289%2C31061151%2C31061180%2C31060839&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210613&iu_parts=121764058%2Cnex-software.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1623585465&dt=1623585465117&dlt=1623585464355&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=416&adks=778277951&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=974966726.1623585465&ga_sid=1623585465&ga_hid=580024472&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2631a24d069fc1bfe67f2bd3a20d2531c16af360f3292bec732cefd0a6de1256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
271 B 996ms
995ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=538063754866595&correlator=1230228584341536&output=ldjh&impl=fif&eid=31061161%2C31061289%2C31061151%2C31061180%2C31060839&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210613&iu_parts=121764058%2Cnex-software.com_am_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x100%7C750x200%7C750x300%7C300x250%7C336x280%7C360x300%7C580x400&cookie_enabled=1&bc=31&abxe=1&lmt=1623585465&dt=1623585465121&dlt=1623585464355&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=365&adys=1058&adks=2382583207&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=750x0&ga_vid=974966726.1623585465&ga_sid=1623585465&ga_hid=580024472&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

6d06ff949a6378a93b398d1dac4e92afe74664d3f854f34793a803a40a1c6380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
267 B 671ms
669ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=538063754866595&correlator=1230228584341536&output=ldjh&impl=fif&eid=31061161%2C31061289%2C31061151%2C31061180%2C31060839&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210613&iu_parts=121764058%2Cnex-software.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623585465&dt=1623585465124&dlt=1623585464355&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=214&adks=2693367184&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=974966726.1623585465&ga_sid=1623585465&ga_hid=580024472&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

65e55ffe99ebe968313a3c477cc170813b80cd5e4455bd4ca3acbe86cb784521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
269 B 1364ms
1363ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=538063754866595&correlator=1230228584341536&output=ldjh&impl=fif&eid=31061161%2C31061289%2C31061151%2C31061180%2C31060839&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210613&iu_parts=121764058%2Cnex-software.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1623585465&dt=1623585465128&dlt=1623585464355&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=1132&adks=2637338307&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=974966726.1623585465&ga_sid=1623585465&ga_hid=580024472&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

06056b1c7299235b32b445d94a735f3622d13b981525ad32cbce4403afc8b02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
266 B 486ms
486ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=538063754866595&correlator=1230228584341536&output=ldjh&impl=fif&eid=31061161%2C31061289%2C31061151%2C31061180%2C31060839&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210613&iu_parts=121764058%2Cnex-software.com_adi_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1623585465&dt=1623585465130&dlt=1623585464355&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=1123&adys=266&adks=3323681140&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.nex-software.com%2Fwhat-is-wavessvc64-exe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=974966726.1623585465&ga_sid=1623585465&ga_hid=580024472&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

19db5df5a802a9aaca3fa9e43753e74435d57fb5074512511dabff5afb096728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.nex-software.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E751 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 13 Jun 2021 11:57:45 GMT
expires: Mon, 13 Jun 2022 11:57:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Sun, 13 Jun 2021 11:57:45 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1DFF 624 B
300 B 31ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY7YaXVzAB&v=APEucNWPLT2m_bqPeyeiTd-zPsc2AzGmjDVQgOmgjQ3ZjJ8qLNxgWBxE0bUXyz5O5VASK2y_G0WfCLjFb933nhp5JOYEls04HUWFycGsLB1GkLI9_23d4Q64d5zGnOZfxg2aJE4dQ-wLJ5usWV_AQIX9xBkbXzZ-oJA9Ysou_0a39-4fdiWutjQ9A18-32RFf-w9Sla1bA8TXVdMMAnISgdlMOXlzBaNIg

Requested by

Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY7YaXVzAB&v=APEucNWPLT2m_bqPeyeiTd-zPsc2AzGmjDVQgOmgjQ3ZjJ8qLNxgWBxE0bUXyz5O5VASK2y_G0WfCLjFb933nhp5JOYEls04HUWFycGsLB1GkLI9_23d4Q64d5zGnOZfxg2aJE4dQ-wLJ5usWV_AQIX9xBkbXzZ-oJA9Ysou_0a39-4fdiWutjQ9A18-32RFf-w9Sla1bA8TXVdMMAnISgdlMOXlzBaNIg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 13 Jun 2021 11:57:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmEUrDJCQisPnBtRc3uesR46KiCjfxUGzPobKm_P7qkiRSInz6NONsKCa5o; expires=Fri, 08-Jul-2022 11:57:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 11:57:45 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E751 24 KB
12 KB 48ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cnft-Ogf6S0j2Ug7_2qXtdbEXbji4yLn9MazggG3CxyKmaxhaO0gkPsVyPC7EXyyA95NbwrdGwKbLAVYNkJ6-vjguybtlMRhafiGisGWaOiVK7EDXDbUC-xecjIk-4rlPbzhw5mLP-nAzuRup229DsqBww_A&cry=1&dbm_d=AKAmf-CKjnd-Px82PcGlO-F2m3X-5vb5L1mc_0TilD4qAVPngIQzAjjBQVLCpdYPxIF-GvU9vHN-9TNNy527eU3wA0tPAazblVS3nvmE_Bm0fGV3tk3GKsSX3qMwcsKrntD5BK70U4UfuJgY6TAekGb9I5fDtN9dPxdBtTSa3n-88Rfd0bjqrIaw5reVJAg9wYiwJAUDXshs35l9YMox2-1vggl4Q_dtcqBs49VQR5qbfT9Gll5WlsnSqe2l7OoJcuBiLdPUbUyZfs5rov87gWmGnrO0HtgZr_ucyDjsu41mGgzmnZMBjNteumClejpzoQnQWnc42f8WG1cVWINPZVQoPkUnfkO3YFwPLxTsOD1UiKDRx6qzo8Z92_JOmGsy-hxtiGG-iHGkebWPpxNa9qZtfthBhe9AM9Je6K18KellzN5Ml7les0tPdv33Kee703pV6jiVgGLGvDDM30ZHLfX_UH38lXjWpdVMSK282PlvYB4RhtgvxXrMio3ajUC-Eahf0Zcs5Hbt-5B_Zhr2Iq0MeZL8kcSSH1ttdiwppx0alCYusZPgj542YBVjfzb3e_-Uljfp_gT8_tf_gLEgPxMYXyrd33UuldzMbqnUdFqjqa28mtpPb9JoPmspYPN45eHMjpRTFqoNSyKnxH9ahHM0Tsgn-oj97SrkIJ7_3KcfVqHKM5E8WfjBWxwy16HTG3SZ9-tlNB_uijR-aiOKmhvUaQ38wJYohvq_tXeHfUsbLL2gLCA4LLPcu-rOSXoLl6jJzsOoB1Db74jiA-truOwEjZcuWI8OYhbh4R2bcDICpRRFS7pg2ct2zh3uHr0BWePb4DuhX62MrYtcTnGLq4HnFXka1tDUh_qjwdM1PC0w3nHn5mZ78Va0vNB9JwFmo5mi90taN8EcYhbwQZ5xmdSToKFhEMXoNuu35weqpP5Mkwfu-ESsmJXXIj_MAdjEfiSDhQDg8u98hBkwlvzPzaSa11QTjXlSKLKBvXastUYMi_vlcUGaGN3exp4UBeofO_VH25IMlDdhlTFpTyIACOhFQq9Ns-Wetjr-WnAgLUvv5klCcx5lhoI0msMwyyRPj_TTJaHYm6IdmNtapuBC5IrKsaOiP7MCv7Yko7tbh5IE_c3O9dCGD57fVFr0XdzUUejTGxQTUSIjBVYqy_2Ouvx_xLukfvmF1081Gn7uyF9zUkv6kVxPAT9J2XnHh-mbeeytvUH7ERzyBezo-R0iVmfMaitCCaAQcUx3L80MvW_xeAbCmMxOIQF-6_7LEbO1ZK0icDtms28U52-zlFVGAzhYlGqwnaVR0HTX4QwXc9C1RP1VZ6UoYYP1-cqDGXuhJ9VL70bnWnCDhOlQdyAmAEWVHAaALMiGPrtgcxTvqJvlP4jXA9Orp7JptEP4nlE-cbtqtYRzNLSjnHtbBV8fafh8XbJT4yuUHjO-_tKZ9JGX3OQ-IHyQeYBskqmlUJvMsb9m-ezb6FkT2QdUMRv7AzZRU4Viao1vn3uoiLnKJL-0xvJn9OuTbv04P-LOuFTGinzf1HUxd0Xhw1UudcoSrCU5IPXTwqFm16Nw_t7a5sBu0CNvz9Yeufq4b-YypVIS1hDN9X22i543nO20b0clya-QcyPpbeUNs9Cpx31VJPX1h4SPdPrbnUfCis30d3Up_udNlVOcbomOZLRatoaQ272nyV06FgmksIVzqG8-97aQosNJBJ2N2R6LxjmVHG0eobioqnYItfKAxFLr7O1ekwQXVZQhm-1VU6NxWxmRx0qk4lFF5gFb6RGegF_uC3j-4RLM1ANiPIY-0T6EB2qLblJoVxYSOYgXkzc3WNFybvPdLv7-pbg_1eC2KWhhZJnqtHcMUXcF0gkWGqwlc1OpTuD3A-L_MFmrarhEmi-J5l8CvjqMB7aogp8AQhtJGIcGUb1AycjgaNa5vK61i3LSUG6X05pYWMDcP4PP58FdeyrRyhKVysdTRUaXhoNCkuswZSz1fGfAnpMS93pr0qpdN5ebKrFwU5FFFjXGPzvRq6u7gSlr3vNTq1PtFRXNeaHdy_rRHRb_fC1C1qlBa-KByibvVdEgu98avGhMdkYk9ocSXUleO7cNDs8FIGAJIJ2fQwwo5TchrpCuYKL8wPtY0h9xPifBEkfBPsU4_z4MOUY54Q8qtHh9PZd2lGd4OZdvQrRaJB8M3jpKneo7WkS8jFx_q2zJqtBSbS0UE5oCg7VqwrZJvPmvmqDbQsJ0sVQ1q_NsgSaLUfweZrKfi0f4ovtKK5HyYDEtX_RqHxFZNqnsjB66mkUaC5Ig-ezNVGFwJ8WOxyAkus4O8BGTBvc_Kk8GSa7Hs3TtGBxA5EThOdRA89o5Sc5_VCODhCnG2-UO1a45jqEDeSfnhu9ZUbJ2mGLhkf8CAOxGVIe1e8xmBcmpqIknglv0Xed_DJzXajdaECzhan-nuiPcKawSvtylcJe3n8wVWaAuLqLR_O-DoLQCcnk3nS3BeiieJkCsf6zwBxlnhJG4Pkp6GBX5FmjDiRNdpGPUBnhgfsM72Zn5ZQHcrL6sC6V552MdsGn6EYZPIMybD5K8l8uyQ4ONTEQXSqcgGvTtTCt4Qh2tY7OBdUvIbCFigPK7zy-Y_JKpqMF-BZa7Lhe9hPJ2iMsqLoh8kCyzYl0s9GOQPOT3w43nBewU_iabHNX3Fxp4t0lG_Yd9RmNnseL38qua3BbYbTDxad5p8H6dGlXUDRxX6V8vGwyidhCnEdCQLSToJ2gaq2ZGMEdfFTuKsbDsk1BFwXb7s0kgJVBCmuEOORIUEg_RmRyIztsGMAxpPgP4liLg6xZkbQaX-se58grfqQK20b3zw-mCIzW8Tvq77W_RHL3_W7zH_k5zR683iAf0zNHdiFFv4Mty39HQBZoKaCyF8tJYQx4n_Vj_y_q4TxV1_HpPgpL4ypP48NonJ_JiA3XK7UZmkHF5a86Mguei1QHt58-zS0U4EthrkPiFEcUJbL2MA7Z0R9-ld9LZt2gCbWnnm8OqYp1z7KYP92e82u4JzVP-Zf_17e3lu0gV7egboMp1h5T6pnV_ya1Pw4Fvxkbk1ds3o6u8fzUh3DQ-SIDgmD1Go_vqgVf1W-99i8UeMu_wDZomhAYmCKM_G4C5zFvCI6fTmg4sZRSIxPUu-fca2oXcjQkL8vKNSHXbEXbHCKbd5KAazOmmW0eqgLRQAtfeK7imHn2NOsJQCnwlMKVIg_GqXu406MnfMr-AG50tNz7_EF39svdFRCHvQT4EsX9mzjabgYoHIiCEAa4IcDaEA2pFI-EbXmxtx5vzafoVttNGK96v_QtyvEA4obDD6QI9TeWfZ0SkBvcNLsY3LkgnzEG7eI84wnQW2RhV-Fdlz-pk9PDGBSGORYolaFg&cid=CAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Requested by

Host: ja.nex-software.com
URL: https://ja.nex-software.com/what-is-wavessvc64-exe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e296fa1c9e5b83da14963dc22b622a1a567b6a3cc2431290997a82983591387e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E751 42 B
63 B 53ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPbxwHjEahB6nSyI6X6ApW3riQGOX8o8AHRF1iLtZFLBx6yAaS8JxI1YohRXbWZnp72Jhhu4EaQcOtffindmU8VYwPYsYu56iRc8E6o0Zj2TYghws

Requested by

Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame E751 2 KB
1 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 11:51:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E751 122 KB
37 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 11:57:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame E751 13 KB
6 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 11:56:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1DFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1&C=1

43 B
1014 B

46ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY7YaXVzAB&v=APEucNWPLT2m_bqPeyeiTd-zPsc2AzGmjDVQgOmgjQ3ZjJ8qLNxgWBxE0bUXyz5O5VASK2y_G0WfCLjFb933nhp5JOYEls04HUWFycGsLB1GkLI9_23d4Q64d5zGnOZfxg2aJE4dQ-wLJ5usWV_AQIX9xBkbXzZ-oJA9Ysou_0a39-4fdiWutjQ9A18-32RFf-w9Sla1bA8TXVdMMAnISgdlMOXlzBaNIg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 13 Jun 2021 11:57:45 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 13 Jun 2021 11:57:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1DFF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMXyuScIMomwix0em1yKogAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY7YaXVzAB&v=APEucNWPLT2m_bqPeyeiTd-zPsc2AzGmjDVQgOmgjQ3ZjJ8qLNxgWBxE0bUXyz5O5VASK2y_G0WfCLjFb933nhp5JOYEls04HUWFycGsLB1GkLI9_23d4Q64d5zGnOZfxg2aJE4dQ-wLJ5usWV_AQIX9xBkbXzZ-oJA9Ysou_0a39-4fdiWutjQ9A18-32RFf-w9Sla1bA8TXVdMMAnISgdlMOXlzBaNIg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 13 Jun 2021 11:57:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJIYghyjqGAUnp_X43lo9-M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1DFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKIAxbtUZTWIG87PiYQ_9cw&google_cver=1

43 B
1023 B

176ms
154ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKIAxbtUZTWIG87PiYQ_9cw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY7YaXVzAB&v=APEucNWPLT2m_bqPeyeiTd-zPsc2AzGmjDVQgOmgjQ3ZjJ8qLNxgWBxE0bUXyz5O5VASK2y_G0WfCLjFb933nhp5JOYEls04HUWFycGsLB1GkLI9_23d4Q64d5zGnOZfxg2aJE4dQ-wLJ5usWV_AQIX9xBkbXzZ-oJA9Ysou_0a39-4fdiWutjQ9A18-32RFf-w9Sla1bA8TXVdMMAnISgdlMOXlzBaNIg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
X-Proxy-Origin: 82.102.19.204; 82.102.19.204; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.253:80
AN-X-Request-Uuid: 1227ae0b-a2cf-48c1-a33a-5505d19a49b6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKIAxbtUZTWIG87PiYQ_9cw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1DFF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1OTA0MjUxNDA0NzM1ODE0Mg%3D%3D

170 B
188 B

41ms
40ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1OTA0MjUxNDA0NzM1ODE0Mg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
X-Proxy-Origin: 82.102.19.204; 82.102.19.204; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.139:80
AN-X-Request-Uuid: 490863fe-13d2-44fd-83ce-81cc5393c738
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1OTA0MjUxNDA0NzM1ODE0Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame E751 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cnft-Ogf6S0j2Ug7_2qXtdbEXbji4yLn9MazggG3CxyKmaxhaO0gkPsVyPC7EXyyA95NbwrdGwKbLAVYNkJ6-vjguybtlMRhafiGisGWaOiVK7EDXDbUC-xecjIk-4rlPbzhw5mLP-nAzuRup229DsqBww_A&cry=1&dbm_d=AKAmf-CKjnd-Px82PcGlO-F2m3X-5vb5L1mc_0TilD4qAVPngIQzAjjBQVLCpdYPxIF-GvU9vHN-9TNNy527eU3wA0tPAazblVS3nvmE_Bm0fGV3tk3GKsSX3qMwcsKrntD5BK70U4UfuJgY6TAekGb9I5fDtN9dPxdBtTSa3n-88Rfd0bjqrIaw5reVJAg9wYiwJAUDXshs35l9YMox2-1vggl4Q_dtcqBs49VQR5qbfT9Gll5WlsnSqe2l7OoJcuBiLdPUbUyZfs5rov87gWmGnrO0HtgZr_ucyDjsu41mGgzmnZMBjNteumClejpzoQnQWnc42f8WG1cVWINPZVQoPkUnfkO3YFwPLxTsOD1UiKDRx6qzo8Z92_JOmGsy-hxtiGG-iHGkebWPpxNa9qZtfthBhe9AM9Je6K18KellzN5Ml7les0tPdv33Kee703pV6jiVgGLGvDDM30ZHLfX_UH38lXjWpdVMSK282PlvYB4RhtgvxXrMio3ajUC-Eahf0Zcs5Hbt-5B_Zhr2Iq0MeZL8kcSSH1ttdiwppx0alCYusZPgj542YBVjfzb3e_-Uljfp_gT8_tf_gLEgPxMYXyrd33UuldzMbqnUdFqjqa28mtpPb9JoPmspYPN45eHMjpRTFqoNSyKnxH9ahHM0Tsgn-oj97SrkIJ7_3KcfVqHKM5E8WfjBWxwy16HTG3SZ9-tlNB_uijR-aiOKmhvUaQ38wJYohvq_tXeHfUsbLL2gLCA4LLPcu-rOSXoLl6jJzsOoB1Db74jiA-truOwEjZcuWI8OYhbh4R2bcDICpRRFS7pg2ct2zh3uHr0BWePb4DuhX62MrYtcTnGLq4HnFXka1tDUh_qjwdM1PC0w3nHn5mZ78Va0vNB9JwFmo5mi90taN8EcYhbwQZ5xmdSToKFhEMXoNuu35weqpP5Mkwfu-ESsmJXXIj_MAdjEfiSDhQDg8u98hBkwlvzPzaSa11QTjXlSKLKBvXastUYMi_vlcUGaGN3exp4UBeofO_VH25IMlDdhlTFpTyIACOhFQq9Ns-Wetjr-WnAgLUvv5klCcx5lhoI0msMwyyRPj_TTJaHYm6IdmNtapuBC5IrKsaOiP7MCv7Yko7tbh5IE_c3O9dCGD57fVFr0XdzUUejTGxQTUSIjBVYqy_2Ouvx_xLukfvmF1081Gn7uyF9zUkv6kVxPAT9J2XnHh-mbeeytvUH7ERzyBezo-R0iVmfMaitCCaAQcUx3L80MvW_xeAbCmMxOIQF-6_7LEbO1ZK0icDtms28U52-zlFVGAzhYlGqwnaVR0HTX4QwXc9C1RP1VZ6UoYYP1-cqDGXuhJ9VL70bnWnCDhOlQdyAmAEWVHAaALMiGPrtgcxTvqJvlP4jXA9Orp7JptEP4nlE-cbtqtYRzNLSjnHtbBV8fafh8XbJT4yuUHjO-_tKZ9JGX3OQ-IHyQeYBskqmlUJvMsb9m-ezb6FkT2QdUMRv7AzZRU4Viao1vn3uoiLnKJL-0xvJn9OuTbv04P-LOuFTGinzf1HUxd0Xhw1UudcoSrCU5IPXTwqFm16Nw_t7a5sBu0CNvz9Yeufq4b-YypVIS1hDN9X22i543nO20b0clya-QcyPpbeUNs9Cpx31VJPX1h4SPdPrbnUfCis30d3Up_udNlVOcbomOZLRatoaQ272nyV06FgmksIVzqG8-97aQosNJBJ2N2R6LxjmVHG0eobioqnYItfKAxFLr7O1ekwQXVZQhm-1VU6NxWxmRx0qk4lFF5gFb6RGegF_uC3j-4RLM1ANiPIY-0T6EB2qLblJoVxYSOYgXkzc3WNFybvPdLv7-pbg_1eC2KWhhZJnqtHcMUXcF0gkWGqwlc1OpTuD3A-L_MFmrarhEmi-J5l8CvjqMB7aogp8AQhtJGIcGUb1AycjgaNa5vK61i3LSUG6X05pYWMDcP4PP58FdeyrRyhKVysdTRUaXhoNCkuswZSz1fGfAnpMS93pr0qpdN5ebKrFwU5FFFjXGPzvRq6u7gSlr3vNTq1PtFRXNeaHdy_rRHRb_fC1C1qlBa-KByibvVdEgu98avGhMdkYk9ocSXUleO7cNDs8FIGAJIJ2fQwwo5TchrpCuYKL8wPtY0h9xPifBEkfBPsU4_z4MOUY54Q8qtHh9PZd2lGd4OZdvQrRaJB8M3jpKneo7WkS8jFx_q2zJqtBSbS0UE5oCg7VqwrZJvPmvmqDbQsJ0sVQ1q_NsgSaLUfweZrKfi0f4ovtKK5HyYDEtX_RqHxFZNqnsjB66mkUaC5Ig-ezNVGFwJ8WOxyAkus4O8BGTBvc_Kk8GSa7Hs3TtGBxA5EThOdRA89o5Sc5_VCODhCnG2-UO1a45jqEDeSfnhu9ZUbJ2mGLhkf8CAOxGVIe1e8xmBcmpqIknglv0Xed_DJzXajdaECzhan-nuiPcKawSvtylcJe3n8wVWaAuLqLR_O-DoLQCcnk3nS3BeiieJkCsf6zwBxlnhJG4Pkp6GBX5FmjDiRNdpGPUBnhgfsM72Zn5ZQHcrL6sC6V552MdsGn6EYZPIMybD5K8l8uyQ4ONTEQXSqcgGvTtTCt4Qh2tY7OBdUvIbCFigPK7zy-Y_JKpqMF-BZa7Lhe9hPJ2iMsqLoh8kCyzYl0s9GOQPOT3w43nBewU_iabHNX3Fxp4t0lG_Yd9RmNnseL38qua3BbYbTDxad5p8H6dGlXUDRxX6V8vGwyidhCnEdCQLSToJ2gaq2ZGMEdfFTuKsbDsk1BFwXb7s0kgJVBCmuEOORIUEg_RmRyIztsGMAxpPgP4liLg6xZkbQaX-se58grfqQK20b3zw-mCIzW8Tvq77W_RHL3_W7zH_k5zR683iAf0zNHdiFFv4Mty39HQBZoKaCyF8tJYQx4n_Vj_y_q4TxV1_HpPgpL4ypP48NonJ_JiA3XK7UZmkHF5a86Mguei1QHt58-zS0U4EthrkPiFEcUJbL2MA7Z0R9-ld9LZt2gCbWnnm8OqYp1z7KYP92e82u4JzVP-Zf_17e3lu0gV7egboMp1h5T6pnV_ya1Pw4Fvxkbk1ds3o6u8fzUh3DQ-SIDgmD1Go_vqgVf1W-99i8UeMu_wDZomhAYmCKM_G4C5zFvCI6fTmg4sZRSIxPUu-fca2oXcjQkL8vKNSHXbEXbHCKbd5KAazOmmW0eqgLRQAtfeK7imHn2NOsJQCnwlMKVIg_GqXu406MnfMr-AG50tNz7_EF39svdFRCHvQT4EsX9mzjabgYoHIiCEAa4IcDaEA2pFI-EbXmxtx5vzafoVttNGK96v_QtyvEA4obDD6QI9TeWfZ0SkBvcNLsY3LkgnzEG7eI84wnQW2RhV-Fdlz-pk9PDGBSGORYolaFg&cid=CAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A&rfl=1%2Chttps%253A%252F%252Fja.nex-software.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 18280575870105241958
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 11:56:54 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E751 41 KB
15 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H/1.1 200
OK w8ju5rdnx3wa Show response
hal9000.redintelligence.net/zone/ Frame E751 11 KB
4 KB 87ms
30ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/w8ju5rdnx3wa?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCX_SufLFYIHpCs6t3gPOwISICLv6hIpX5Nvo2OQJ8C4QASCqgMMiYLn4x4DcAcgBCakCfsYep6lQtD6oAwGqBNABT9CvWyXHxoUDvaRuoqJgoaF7xv2bjdG5QgGoXhNB2jpffL1XdRx5cJr9OefjG5yMGXvHU_HfuskoqQkyCbGg1FOQy2asw2bOlSGHgpl-6zVB9u4LFs4v3wwHZfvCfTOK8mATivp-lN_mNW6Y0CL1te4Zgu8ZBZVVee2A50d_DYuqRXFH8QWlto0MtEnZdnrPjB2lLOupcFoGVYQhXpqply3-JHSXYPBr8nEbu6XRpWRsjuXkV5q9UguE_9l8L98V0c2pRhWfRLVxrXFw6_DN68AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A%26sig%3DAOD64_2FAtTj449mYJ-4qx6cokbtgjOZlA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bh1FLzDrJrAWUSXCpcpmPRu_T824rINKkQnOrpQYocweaoUTDtWayJn47xH07iW3NzqiNKIFu53PdMp0GZ13Szt5MfqSHeqQzUTuimePlR7NaVuxfxVtlxW-9Jez7_exAzqJrOxwRzT85swmZSppk0uzSTpQ%26cry%3D1%26dbm_d%3DAKAmf-BEkUHRqTw9mQqSzdQSR0joi9sVGsSwZ6HMlwiLLJ9CbD2flqHfnw-oSbAeidNU-NdtAKmujh-0caMXaI3rS0ioDYELkgALy6jK3UBqGGmaxsmMd7M-xdz0V9Q-VVHU_-0ydGi6rxGe8dR6aM-sxS1AHru1LH4PCC9r9m5B-nJ9-MlXwv1kGRhRJ7OHabDOOLXHHaqOSW7ANDL5AukP1GouMtOBGsm1qrkjyjJbJu7VfAJO26_Di0uwXzBn00wPJ0vDd4nIxxxVaNcbHh3c2k-B1V_9jXJNrQoBLBYpfQk3-NHu9hRCpVntb02oX5ocvJl3YaPDmpR-c6uH8dCpbxWtKC-IY5wyMsSVKf1xdfDSrblpLHw0ntcHDGD305uAX_OSnZG6Lu6KiTFNNhQ8xcsBzwPlieRsxkogrrCxrtAqmMfb3CElzCRhcsagu-em4F_vFfHMXzXyX2TPzIetfZlay0dl5wKbU0l3o9C0Ov321a4T5WM%26adurl%3D
Requested by: Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 761ebfd54d8d9c9038840963225a0faae9512d2bf4188c88d90fd43367c1bde8

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3940
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A7DD 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 104210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame A7DD 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 15:35:02 GMT

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame E751
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
936 B

144ms
89ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCX_SufLFYIHpCs6t3gPOwISICLv6hIpX5Nvo2OQJ8C4QASCqgMMiYLn4x4DcAcgBCakCfsYep6lQtD6oAwGqBNABT9CvWyXHxoUDvaRuoqJgoaF7xv2bjdG5QgGoXhNB2jpffL1XdRx5cJr9OefjG5yMGXvHU_HfuskoqQkyCbGg1FOQy2asw2bOlSGHgpl-6zVB9u4LFs4v3wwHZfvCfTOK8mATivp-lN_mNW6Y0CL1te4Zgu8ZBZVVee2A50d_DYuqRXFH8QWlto0MtEnZdnrPjB2lLOupcFoGVYQhXpqply3-JHSXYPBr8nEbu6XRpWRsjuXkV5q9UguE_9l8L98V0c2pRhWfRLVxrXFw6_DN68AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A%26sig%3DAOD64_2FAtTj449mYJ-4qx6cokbtgjOZlA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bh1FLzDrJrAWUSXCpcpmPRu_T824rINKkQnOrpQYocweaoUTDtWayJn47xH07iW3NzqiNKIFu53PdMp0GZ13Szt5MfqSHeqQzUTuimePlR7NaVuxfxVtlxW-9Jez7_exAzqJrOxwRzT85swmZSppk0uzSTpQ%26cry%3D1%26dbm_d%3DAKAmf-BEkUHRqTw9mQqSzdQSR0joi9sVGsSwZ6HMlwiLLJ9CbD2flqHfnw-oSbAeidNU-NdtAKmujh-0caMXaI3rS0ioDYELkgALy6jK3UBqGGmaxsmMd7M-xdz0V9Q-VVHU_-0ydGi6rxGe8dR6aM-sxS1AHru1LH4PCC9r9m5B-nJ9-MlXwv1kGRhRJ7OHabDOOLXHHaqOSW7ANDL5AukP1GouMtOBGsm1qrkjyjJbJu7VfAJO26_Di0uwXzBn00wPJ0vDd4nIxxxVaNcbHh3c2k-B1V_9jXJNrQoBLBYpfQk3-NHu9hRCpVntb02oX5ocvJl3YaPDmpR-c6uH8dCpbxWtKC-IY5wyMsSVKf1xdfDSrblpLHw0ntcHDGD305uAX_OSnZG6Lu6KiTFNNhQ8xcsBzwPlieRsxkogrrCxrtAqmMfb3CElzCRhcsagu-em4F_vFfHMXzXyX2TPzIetfZlay0dl5wKbU0l3o9C0Ov321a4T5WM%26adurl%3D&documentReferer=https%3A%2F%2Fja.nex-software.com%2F&ancestorOrigins=https%3A%2F%2Fja.nex-software.com&random=1255822362951&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 5c4eccabb61cbe32bd784eaf35010f44fdbe60caa9bfac3c5df28c613ca9f15e

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 12247300064628100628854011624002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Sun, 13 Jun 2021 12:57:45 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 11:57:45 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCX_SufLFYIHpCs6t3gPOwISICLv6hIpX5Nvo2OQJ8C4QASCqgMMiYLn4x4DcAcgBCakCfsYep6lQtD6oAwGqBNABT9CvWyXHxoUDvaRuoqJgoaF7xv2bjdG5QgGoXhNB2jpffL1XdRx5cJr9OefjG5yMGXvHU_HfuskoqQkyCbGg1FOQy2asw2bOlSGHgpl-6zVB9u4LFs4v3wwHZfvCfTOK8mATivp-lN_mNW6Y0CL1te4Zgu8ZBZVVee2A50d_DYuqRXFH8QWlto0MtEnZdnrPjB2lLOupcFoGVYQhXpqply3-JHSXYPBr8nEbu6XRpWRsjuXkV5q9UguE_9l8L98V0c2pRhWfRLVxrXFw6_DN68AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A%26sig%3DAOD64_2FAtTj449mYJ-4qx6cokbtgjOZlA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bh1FLzDrJrAWUSXCpcpmPRu_T824rINKkQnOrpQYocweaoUTDtWayJn47xH07iW3NzqiNKIFu53PdMp0GZ13Szt5MfqSHeqQzUTuimePlR7NaVuxfxVtlxW-9Jez7_exAzqJrOxwRzT85swmZSppk0uzSTpQ%26cry%3D1%26dbm_d%3DAKAmf-BEkUHRqTw9mQqSzdQSR0joi9sVGsSwZ6HMlwiLLJ9CbD2flqHfnw-oSbAeidNU-NdtAKmujh-0caMXaI3rS0ioDYELkgALy6jK3UBqGGmaxsmMd7M-xdz0V9Q-VVHU_-0ydGi6rxGe8dR6aM-sxS1AHru1LH4PCC9r9m5B-nJ9-MlXwv1kGRhRJ7OHabDOOLXHHaqOSW7ANDL5AukP1GouMtOBGsm1qrkjyjJbJu7VfAJO26_Di0uwXzBn00wPJ0vDd4nIxxxVaNcbHh3c2k-B1V_9jXJNrQoBLBYpfQk3-NHu9hRCpVntb02oX5ocvJl3YaPDmpR-c6uH8dCpbxWtKC-IY5wyMsSVKf1xdfDSrblpLHw0ntcHDGD305uAX_OSnZG6Lu6KiTFNNhQ8xcsBzwPlieRsxkogrrCxrtAqmMfb3CElzCRhcsagu-em4F_vFfHMXzXyX2TPzIetfZlay0dl5wKbU0l3o9C0Ov321a4T5WM%26adurl%3D&documentReferer=https%3A%2F%2Fja.nex-software.com%2F&ancestorOrigins=https%3A%2F%2Fja.nex-software.com&random=1255822362951&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 13 Jun 2021 12:57:45 +0200

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7DD 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvzGMufLFYOi_HoGl3wPH9oSgDQAAAAA4AeAEAg&bg=!enmleT3NAAY6sG-_OrA7ACkAdvg8Wo8IqtorkGvGqnxkgg8ZUaBmKhCeKUFTP5CjzW5QMd_6oVzg9wIAAABdUgAAAApoAQeZAsVYbiE6kXgfh_ewCWE89yVOaXbHEXq2lgdXnejNu5x92PRCVN9awjAeawOuzeSTFmxL2gSJncw9RmIttZBMNG9C2HylCgCNlVtTduUl9iRojWIOt1ZnAMUTDrBgzxEFmiiGuThBPtQ5UM4DEy4IaFSQHJsn_0F4LXZyD5V0GpqzXrk7_WFCYM6_xObmh5kiKWq4b7v3HSoRy3vx4rJH3BZKUkKHXQBKltDUPRj2couK-wVolnSFongVtakFMrgcIPzYZaUAzhoEy3_Fu5Ts_-RnKSRzSEnFsOtw9XeZQoKJtfrULwr48HI7iyj0bzPhieBXiUK74IkWVuCQDqIAJ0RjB38elP--PF73I0pHOdd7RP-H5aTqsrH271tFldndCr44R4dsJj7oCdSXqazv-liPbapZNLCXny8M2Mv0DKhryBwel5oQ5P8Lyd0CYY2LO5KVDqn546_kkAECjitf5_CzMtfgkKVrx966pbeAxSe8WZ1rLF5VmJPBoReSdZ-enqlHAOkEG71uLL5guDAyx-tf8lANVwFpa4us9CzFvJn8uvxxaSEn4Vlh1T0ypi-8ueV99OFXsGhofed9YVAgbliTZb9SdQraXPkYxGzz-7YGe8vn4lj9vgv1cnKMwSAywcRHKUOze8G2XnBwxvvEupdMxkJag8bQRjpOsN6FKtsHY45ILWfZZlAhYcrI0dGZmfOIOz7JPBjCkUpxCSc04thpBfuxQ3lgdS56Lm1YSg56yK-2ink4dvc3bjygQ-SoE5i-iu5Sk803WDgRmqp1JMRmAFczm55FBDaygN5BpAy6d0aAkAWNELoxCi1zNt9MZPB-M70Fh5jcSg2nDRf7qiOI_e79fdQHJ7zMblGgyEWUS6HcRv7_aBZh2l020Eu_FDZR_pEFV933wtDWWuPPyRvd6ZCt7zzwWBoMYCL9XOyv_RhYAkZ4

Requested by

Host: 201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
URL: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame 8F35 7 KB
3 KB 84ms
29ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=w8ju5rdnx3wa&nw=20&renderingType=javascript&namespace=9a626c08f0&subid=&uid=dff9096d26d019cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCX_SufLFYIHpCs6t3gPOwISICLv6hIpX5Nvo2OQJ8C4QASCqgMMiYLn4x4DcAcgBCakCfsYep6lQtD6oAwGqBNABT9CvWyXHxoUDvaRuoqJgoaF7xv2bjdG5QgGoXhNB2jpffL1XdRx5cJr9OefjG5yMGXvHU_HfuskoqQkyCbGg1FOQy2asw2bOlSGHgpl-6zVB9u4LFs4v3wwHZfvCfTOK8mATivp-lN_mNW6Y0CL1te4Zgu8ZBZVVee2A50d_DYuqRXFH8QWlto0MtEnZdnrPjB2lLOupcFoGVYQhXpqply3-JHSXYPBr8nEbu6XRpWRsjuXkV5q9UguE_9l8L98V0c2pRhWfRLVxrXFw6_DN68AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A%26sig%3DAOD64_2FAtTj449mYJ-4qx6cokbtgjOZlA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bh1FLzDrJrAWUSXCpcpmPRu_T824rINKkQnOrpQYocweaoUTDtWayJn47xH07iW3NzqiNKIFu53PdMp0GZ13Szt5MfqSHeqQzUTuimePlR7NaVuxfxVtlxW-9Jez7_exAzqJrOxwRzT85swmZSppk0uzSTpQ%26cry%3D1%26dbm_d%3DAKAmf-BEkUHRqTw9mQqSzdQSR0joi9sVGsSwZ6HMlwiLLJ9CbD2flqHfnw-oSbAeidNU-NdtAKmujh-0caMXaI3rS0ioDYELkgALy6jK3UBqGGmaxsmMd7M-xdz0V9Q-VVHU_-0ydGi6rxGe8dR6aM-sxS1AHru1LH4PCC9r9m5B-nJ9-MlXwv1kGRhRJ7OHabDOOLXHHaqOSW7ANDL5AukP1GouMtOBGsm1qrkjyjJbJu7VfAJO26_Di0uwXzBn00wPJ0vDd4nIxxxVaNcbHh3c2k-B1V_9jXJNrQoBLBYpfQk3-NHu9hRCpVntb02oX5ocvJl3YaPDmpR-c6uH8dCpbxWtKC-IY5wyMsSVKf1xdfDSrblpLHw0ntcHDGD305uAX_OSnZG6Lu6KiTFNNhQ8xcsBzwPlieRsxkogrrCxrtAqmMfb3CElzCRhcsagu-em4F_vFfHMXzXyX2TPzIetfZlay0dl5wKbU0l3o9C0Ov321a4T5WM%26adurl%3D&documentReferer=https%3A%2F%2Fja.nex-software.com%2F&ancestorOrigins=https%3A%2F%2Fja.nex-software.com&random=1255822362951&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: f4f27cf3c2f12dd922e6d62c1e87501b4aa1a8163d2648a90b37dd0b0a8606b6

Request headers

Host: hal90002.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=3388dea6cb3090ac
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/

Response headers

Date: Sun, 13 Jun 2021 11:57:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 13 Jun 2021 12:57:46 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2271
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame E751 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42fe4f3a7d6b168143d829a260b5f878b754d66f117e2dcde747e61ef7cf77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 8F35 89 KB
32 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 17:06:36 GMT

GET
H/1.1 200
OK FR-970x90.jpg
cdn.contentspread.net/24i/advertiser/35094/creativesup/ Frame 8F35 46 KB
46 KB 130ms
41ms Image
image/jpeg 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/35094/creativesup/FR-970x90.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: c7789cf2012c3edbe7c6faf2a65cd16b98c25912b73951e280e98ad11d9e6afb

Request headers

Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:46 GMT
Last-Modified: Thu, 13 Apr 2017 08:10:43 GMT
Server: nginx
ETag: "58ef3283-b838"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 47160

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 8F35 0
150 B 84ms
28ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=12247300064628100628854011624002&a=8721bdad&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:46 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8F35 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 31ms
17ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf84757df28d6838d576d15b813017dd6788fd5d09d42ae94ba6ffc2587afd4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 11:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8405
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 13 Jun 2021 11:57:46 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame FB1B 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 09:59:43 GMT
expires: Mon, 13 Jun 2022 09:59:43 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 73E6 783 B
808 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c92ab4f0b91f0959582b5e5b389086ba2b739c2952bada88a07680cb651d310

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lc1tlfKorF0rXYeBSNacYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.nex-software.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.nex-software.com/

Response headers

expires: Sun, 13 Jun 2021 11:57:46 GMT
date: Sun, 13 Jun 2021 11:57:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Lc1tlfKorF0rXYeBSNacYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame FB1B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 15:35:02 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=538063754866595&bg=!2dql2p7NAAY6sG-_OrA7ACkAdvg8WjuJ6_PIPl0PfbHeiIAIIVrfpSmPFMttHMpwcWnT_lc4p5kJSwIAAABSUgAAAApoAQcKAC3gcI7gZXmz7r0zTwnoTUXesXgUQsUyBnzs5mpdkTsRgDpKMvBV75Ow07V_x5eZAnTYDMmyNP-xEyn-uZ_JDpVlpFGfDDCzP2TGUPPJ7QPFMz6fIYMTO2gjpxlq_UFtoZo-ZQ7mcA5vLMEacRTuW-0AibwmL6z8pEw-jcii_rq7V9btzX1jfZ1B0OicH7dnmkwAN1MYEbAc91c9ZaGn7nxTEa0LBDkkn-jugp3ByLKjzlYk1UrvEmtYFQflLsRl82GyhmXPiEgXrZ2RX-wAUWsBg-4Q98buzzzOvLl74InAj8s-ifGXcD4TdIGs1l4bMXxPzCWo5rXzpLp6kCbVGaCaFmjXMAqIjBIW7ho9o4Ly2k3A3sCWghpbSF5ayuAcuhGwPaywbqWtJ4lHsFohZ-5Dop3GBRnJM1IstTjUYmpl42imUSY_XFKpzU05uSbo-9Wp-o5wHE0qH9T5THQFWH--EBtlwuX1khEKKKILvpKVNsmJVDALRxfOe6G3DdL2S1DI1N3xevouu7ycIjxWVZwCB8uKqeCvn4m-oA9_osfj3KpzZQo_jt_1qxgyoTkDmaTnc7kw-6lW-v4EkdmjZNqkt_AiT6rsgdoFpVTARNmgTZ89mc6CGwAoPbjeXJzfYA_QJVRAVRhT32amqU8Bm87ylNrYcN6luWqU9gFNnB4Z5t2WHlPt2vgNhI8tA4J07_0I01vr7Xjjl_o-Ro-eY-kqazLApd4ceT1BVaezTu_elr3mpjHC4kcl2gQdP5lj4LRyWkwXrsCEUVFG4bAX0ttV_8-AfeT7I0Nd3OiX8OB_kNxJNTWgCc743DexrSAcQ05ilZUOpR3fsKrXoGMlWUWYcITVAqkhYNJIb2cw5XHG4tTyG0z-VGmiC2n-rwEDPzykD-gC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.nex-software.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E751 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuNRpEzSCmKdLkJ7r84hW-JubshSITGPnoJT1MxB5omIW4vSUNCmautOaAqh1J1kqqCo7jW19924J61GitdqOCk0T1sQ7uutbatwKt5TNXYh62&sai=AMfl-YQay1NA2KD7mC5M5YWfYF4xvpd00hqZmbsB019YveUpKk54HpdI-azV-oiQxxoHMzSimp0NU2yjKgXIfzFEYVv5X8v2ljKJF36t3dtBV3WAGOO6mxG-G2vRCz-jcNVE&sig=Cg0ArKJSzP_3U7sYAI8nEAE&cid=CAASFeRo9pmTnFM8581AWkoSr_vzHtUi3A&id=lidar2&mcvt=1000&p=1110,315,1204,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=533696614&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623585465406&dlt=60&rpt=59&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 11:57:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 8F35 0
150 B 84ms
28ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=12247300064628100628854011624002&a=8721bdad&vb=v
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90002.redintelligence.net/request_content.php?s=12247300064628100628854011624002&a=83c80875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:57:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 21:09:21	Name: 8lcfmzhxc8d6_uid Value: 3388dea6cb3090ac
.doubleclick.net/	1970-01-19 18:59:46	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 04:21:21	Name: IDE Value: AHWqTUlOgZc_m_tnelHHEeSkTM6SczDhSEFEvUTCrUT9xjwHdUE2FCHJrbw0HBArg2A
.nex-software.com/	1970-01-20 04:21:21	Name: __gads Value: ID=ede5f86a9394ba2c-22f6bfb05ec80040:T=1623585465:S=ALNI_MZWA2hNaEGkmzcSt7tGVwFQIzCjHQ
ja.nex-software.com/	1969-12-31 23:59:59	Name: st_shares_https://ja.nex-software.com/what-is-wavessvc64-exe Value: [object Object]

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load5.biz/?pu=mztdqolemm5ha3ddf4ztooju(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	log	URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js(Line 2) Message: zxnt->domain abuse ->no ads
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.4
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.wpu.sh/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

201f2b57401ff51f1e7b9564b989cc0d.safeframe.googlesyndication.com
adservice.google.be
adservice.google.com
ajax.googleapis.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.contentspread.net
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
count-server.sharethis.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
dsum-sec.casalemedia.com
get.optad360.io
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90002.redintelligence.net
ib.adnxs.com
ja.nex-software.com
js.wpushsdk.com
l.sharethis.com
load5.biz
na.nawpush.com
nex-software.com
pagead2.googlesyndication.com
pic.nex-software.com
platform-api.sharethis.com
platform-cdn.sharethis.com
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
151.101.65.195
172.217.23.98
18.196.233.38
18.198.109.212
185.177.94.108
2.18.234.21
205.185.216.10
213.174.135.24
213.174.135.25
216.58.212.130
2600:9000:206e:6000:c:a9b7:ddc0:93a1
2600:9000:206e:6200:c:abe:f440:93a1
2600:9000:211a:3c00:1c:8a07:5e80:93a1
2600:9000:211a:b600:1d:85c3:6640:93a1
2600:9000:21f3:4600:11:a4de:2580:93a1
2606:4700:3032::6815:4aa6
2606:4700:3034::ac43:cc49
2606:4700::6810:5914
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
3.223.238.47
37.252.172.45
46.4.10.47
46.4.91.20
78.46.90.238
88.212.201.210
88.99.65.215
002ef11f416faee7c93715fede619178796f73517f0622039e459957fe216fad
033cb2f3c4fa161065f877fdfa081ab5a47aa613594a66972e18ede937f78db2
06056b1c7299235b32b445d94a735f3622d13b981525ad32cbce4403afc8b02b
0750391c557feb6f16c8113b9381205fdcd141c915db6ad76808cc0a928be611
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
19db5df5a802a9aaca3fa9e43753e74435d57fb5074512511dabff5afb096728
1d988376a24fdfb69c0cdb6657d9a2d9305e788462647487db53aa6f010daacd
1f42fe4f3a7d6b168143d829a260b5f878b754d66f117e2dcde747e61ef7cf77
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
2631a24d069fc1bfe67f2bd3a20d2531c16af360f3292bec732cefd0a6de1256
28431d6eb9ee90253524fb33ee132bca0a9094d8c182601580a767b295040863
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
398f847e21cc0c2fb2ed6decf4edffe1d89d68426a1866562e880a121c75828c
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
409c54d3a3df39cf77ae958e2a9a6edea2bd35b4184b42a07177c18593deffdb
43677abbcc50b9f3d621c9134d28237cfa6d66c61bf970cdfcf2a3ec31928ed2
4a615300af511c774e001ce30a08870997b05e0223ad548a57fe399e7986d2f8
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c92ab4f0b91f0959582b5e5b389086ba2b739c2952bada88a07680cb651d310
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50976d2189954f806e80703a0ba8aa340d2612ae6195e255c21f3de40a1586a8
514ea21b6bb4184375ed0fb7c1694c4778f4f9da5dd7d8982cd8fba5fd5b4d0e
558bea0e82404ccd892d1c5a3c570097aea177fcad52a3baa291fdc558eac201
56b14b6ad7538ba37b7398ef0cfc7bcbf42fd723a943e72ab746a42dc15fb91f
5c4eccabb61cbe32bd784eaf35010f44fdbe60caa9bfac3c5df28c613ca9f15e
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
610d4b9fa9dc2330eb8b14ae4572dff5056c08f01f323e840df87dadf0377195
65e55ffe99ebe968313a3c477cc170813b80cd5e4455bd4ca3acbe86cb784521
6d06ff949a6378a93b398d1dac4e92afe74664d3f854f34793a803a40a1c6380
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74a962ce1a5acdd95a60f51c49e490cea7a63c473f397b2937e581b787fd77fe
761ebfd54d8d9c9038840963225a0faae9512d2bf4188c88d90fd43367c1bde8
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
77a3f199f4d57adf540f3caad5165a22bd92b56a9d985721de3a59846614f438
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
84e14158e849b095f12e03ac2d32ec8ab978aeff9a2b384c90df0989086dc657
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8c3e21a148232f359cb00a34ceaf73b90aab27efa5bdf9037c1fb2b8c4cfa2bf
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
900e0d4503dfe926c2d74a1944f4e383d9d7573ecfcccba2dbb377f3be116a10
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b8645dd7896edf51a260d71c0d23650b19547c3a9fd993a0a22e59b57c1d12
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af371cb0526d291c2821ffb5a63fb1c3969c3ebb22781c08032226c75ea2ab40
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba667d2adba3d0cfb0d465e9ae9fde4fd3e27006b3a78cd0529a2b4fb2b1a174
bd85ee9077bdcbc835d827537efadb347cb873934f274d3b95f36c7ae2989468
bf40171905e3190681ade0a153afc5bab9cda9174458be68706f9c2baa4128d3
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c5a2fe50e4a9eaf5e6c2a75a2dd7f7a5f3166c389a4af6f456db9d9b1f4d3933
c7789cf2012c3edbe7c6faf2a65cd16b98c25912b73951e280e98ad11d9e6afb
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
cf84757df28d6838d576d15b813017dd6788fd5d09d42ae94ba6ffc2587afd4e
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d66e8fa87723046272ec70096a2089355c29474796663f65f2fdf9a27a1d4bc6
dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e296fa1c9e5b83da14963dc22b622a1a567b6a3cc2431290997a82983591387e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503441024b68c5ac145c5580cd7b4c1dcd9dd71eb9814b5292ca1bc719af273
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ea11ab133411b88d7c25d1e84788361dbe4bc32cf22dd85ccd29c25acb53803e
ede999c022b04dae8bed4c7898eb9c23794c70cbd07d4569dd72e43e195c66ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f4f27cf3c2f12dd922e6d62c1e87501b4aa1a8163d2648a90b37dd0b0a8606b6
f7697cdbdb20e0d5d8fd4ef811c57418dcdcace4012fa556ca66c41f8d2be01c
fe5217d8064ec55e4b2f46f22b527e479cd512561fe625e89eb6b3f256f702a0
ff0ae836e78e254c691d18c04b2068e14419275cb170cd7c09587f1795114fcc

ja.nex-software.com Open in urlscan Pro 2606:4700:3034::ac43:cc49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

92 Requests

100 %HTTPS

51 %IPv6

22 Domains

35 Subdomains

35 IPs

4 Countries

1992 kBTransfer

3310 kBSize

5 Cookies

35 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.nex-software.com Open in urlscan Pro
2606:4700:3034::ac43:cc49 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

100 %
HTTPS

51 %
IPv6

22
Domains

35
Subdomains

35
IPs

4
Countries

1992 kB
Transfer

3310 kB
Size

5
Cookies

92 HTTP transactions
3 data transactions