exee.app Open in urlscan Pro
2606:4700:3036::ac43:9799 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://exe.io/SamaraOliveira
Effective URL:
https://exee.app/SamaraOliveira
Submission: On December 01 via manual (December 1st 2022, 3:46:42 pm UTC) from BG — Scanned from DE

Summary HTTP 150 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 50 domains to perform 150 HTTP transactions. The main IP is 2606:4700:3036::ac43:9799, located in United States and belongs to CLOUDFLARENET, US. The main domain is exee.app. The Cisco Umbrella rank of the primary domain is 439653.
TLS certificate: Issued by E1 on November 23rd 2022. Valid for: 3 months.

This is the only time exee.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:367	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:9799	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	172.255.6.139 172.255.6.139	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:e0:... 2606:4700:e0::ac40:6903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.172.27 172.64.172.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.236.24 52.222.236.24	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	104.21.24.51 104.21.24.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
9	2606:4700:e0:... 2606:4700:e0::ac40:6803	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:215... 2600:9000:2156:ba00:10:8cf5:4f00:21	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.172.90.251 185.172.90.251	49981 (WORLDSTREAM) (WORLDSTREAM)
2 9	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
15	15.235.42.79 15.235.42.79	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	88.221.168.189 88.221.168.189	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2607:ae80:128... 2607:ae80:128:1::48	26558 (FREEWHEEL) (FREEWHEEL)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b002:d133:9dc2:a783:2cd2	16509 (AMAZON-02) (AMAZON-02)
2 2	52.31.218.182 52.31.218.182	16509 (AMAZON-02) (AMAZON-02)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.81 185.15.245.81	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	63.32.97.75 63.32.97.75	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.204.17 35.157.204.17	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.229.209.150 54.229.209.150	16509 (AMAZON-02) (AMAZON-02)
1	162.55.236.225 162.55.236.225	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.229.38.178 3.229.38.178	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.30.224.62 52.30.224.62	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.29.215.78 52.29.215.78	16509 (AMAZON-02) (AMAZON-02)
150	45

1 2606:4700:20::681a:367 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:9799 (United States)

ASN13335 (CLOUDFLARENET, US)

exee.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.139 (Netherlands)

ASN7979 (SERVERS-COM, US)

fn.deulspoorn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

fightingcowardlycoffin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e0::ac40:6903 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.172.27 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.236.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-24.fra56.r.cloudfront.net

terialnevitiesini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.24.51 (None, )

ASN13335 (CLOUDFLARENET, US)

labortiontrifee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:e0::ac40:6803 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:ba00:10:8cf5:4f00:21 (United States)

ASN16509 (AMAZON-02, US)

d3t87ooo0697p8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.251 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 15.235.42.79 (Canada)

ASN16276 (OVH, FR)
PTR: ns5011080.ip-15-235-42.net

h5.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:128:1::48 (United States)

ASN26558 (FREEWHEEL, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:d133:9dc2:a783:2cd2 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.218.182 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-218-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Rogeno, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.97.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-97-75.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.204.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-204-17.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.209.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-209-150.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.38.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-38-178.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.224.62 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-224-62.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.215.78 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-215-78.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 21156 analytics.vdo.ai — Cisco Umbrella Rank: 20633 targeting.vdo.ai — Cisco Umbrella Rank: 23235 h5.vdo.ai — Cisco Umbrella Rank: 26146	3 MB
22	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
16	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2662 mwzeom.zeotap.com — Cisco Umbrella Rank: 2291	5 KB
12	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 76 adservice.google.com — Cisco Umbrella Rank: 70	3 KB
11	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 204 acdn.adnxs.com — Cisco Umbrella Rank: 606	40 KB
8	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 436 cm.g.doubleclick.net — Cisco Umbrella Rank: 194	2 KB
5	terialnevitiesini.com terialnevitiesini.com	6 KB
4	labortiontrifee.com labortiontrifee.com	1 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 23440	202 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 536 usermatch.krxd.net — Cisco Umbrella Rank: 1240	942 B
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 402	932 B
3	cloudfront.net d3t87ooo0697p8.cloudfront.net	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	128 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 imasdk.googleapis.com — Cisco Umbrella Rank: 437	347 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 274	1 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 874	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 547	855 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 804 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25183	682 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 190	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1331	751 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7217	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	54 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	exee.app exee.app — Cisco Umbrella Rank: 439653	208 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 292	214 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 16565	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 475	145 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 882	769 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1809	361 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 873	356 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 423	533 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 853	264 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 22117	84 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1387	596 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 121327	659 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7284	324 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 658	166 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 9905	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 645	165 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 307	265 B
1	adform.net dmp.adform.net — Cisco Umbrella Rank: 3654	331 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	2 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 53205	461 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 78377	6 KB
1	fightingcowardlycoffin.com fightingcowardlycoffin.com — Cisco Umbrella Rank: 674344
1	deulspoorn.com fn.deulspoorn.com — Cisco Umbrella Rank: 668513	1 KB
1	exe.io 1 redirects exe.io — Cisco Umbrella Rank: 252072	666 B
150	50

	Domain	Requested by
22	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com exee.app
15	h5.vdo.ai	exee.app a.vdo.ai
13	mwzeom.zeotap.com	spl.zeotap.com
9	ib.adnxs.com	2 redirects a.vdo.ai acdn.adnxs.com spl.zeotap.com
8	adservice.google.com	imasdk.googleapis.com
8	analytics.vdo.ai	a.vdo.ai
7	pubads.g.doubleclick.net	imasdk.googleapis.com
5	terialnevitiesini.com	exee.app
5	a.vdo.ai	exee.app a.vdo.ai
4	accounts.google.com	2 redirects exee.app
4	labortiontrifee.com	exee.app
4	pogothere.xyz	exee.app
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	spl.zeotap.com	a.vdo.ai spl.zeotap.com
3	d3t87ooo0697p8.cloudfront.net	terialnevitiesini.com
3	www.googletagmanager.com	exee.app a.vdo.ai www.googletagmanager.com
2	x.bidswitch.net	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	acdn.adnxs.com	a.vdo.ai
2	pbjs.e-planning.net	1 redirects exee.app
2	www.youtube.com	a.vdo.ai www.youtube.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	exee.app	exee.app
1	pixel.rubiconproject.com	spl.zeotap.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	spl.zeotap.com
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	image6.pubmatic.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	match.adsrvr.org	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	cm.g.doubleclick.net	spl.zeotap.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.jsdelivr.net	a.vdo.ai
1	targeting.vdo.ai	a.vdo.ai
1	datatechone.com	cdntechone.com
1	www.facebook.com	exee.app
1	cdntechone.com	exee.app
1	fightingcowardlycoffin.com	exee.app
1	fn.deulspoorn.com	exee.app
1	fonts.googleapis.com	exee.app
1	exe.io	1 redirects
150	60

This site contains links to these domains. Also see Links.

Domain
vdo.ai

Subject Issuer	Validity	Valid
*.exee.app E1	`2022-11-23` - `2023-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
fn.deulspoorn.com R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
fightingcowardlycoffin.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cdntechone.com E1	`2022-11-23` - `2023-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.pogothere.xyz E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
terialnevitiesini.com Amazon RSA 2048 M01	`2022-11-23` - `2023-12-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.labortiontrifee.com E1	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-09` - `2022-12-08`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2022-08-19` - `2023-09-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
dmp.theadex.com R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://exee.app/SamaraOliveira
Frame ID: 2331A43BEEE07C1E789A7C317EFE16ED
Requests: 89 HTTP requests in this frame

Frame: https://terialnevitiesini.com/WktEMFY7KSddaTt2JhYjKCd5FWQcbnZ2Mmk/fAc5NSR0Bm9tO3weNTYkMVQwKCQqRHg0LjAVZBwcFl1nMAQRaTobLHVWMw4CAXIhCG52cjIcchNzZRAsBkgUDQAAagcQDQF4Fz1zM2YXNT8Mcz5pEgB5Dhg8FgIPGw4HZi8cfBdHDAIBHEQ1CB0jWRwcCRx4LBN5BVcxHwAtdRQZegVYHwggD2M7GzEAdmMPABBHEx56EV4Pa3ModBEyeRd2ExApLnUTHh10QBsIfgNzZQMkA2UPFi8qVDIOGihaMglyA3NlAzMGcWYKKCl+MxMZPAAyMh0SdAFjIRwBexQSCloPGAkvBDwQCh17Ag0FdHtnAwAnZz4/HRZIZj4gEXkDDgI2cQMDBwZnGDwedWUgFhosdxVpEixzFxgYD2dvEx4VWzoWI3x9ABkFLmgvDwIgXmMeHjxULD4dLFEQaQ13YxAfAQpjNRYKL0MgA3p8XBISHTxhZxsbHXQYCx4jFjwpJCpAax0jBXQ0CSYIWycRBQ
Frame ID: EC3B7D4BC2DDF955A7B5175CF8ABA118
Requests: 2 HTTP requests in this frame

Frame: https://terialnevitiesini.com/bGVWaGINBzUFXQ1YNE4XHglrTVAqQGQuBl8Rbl8NAwpmXltbFW5GAQAKIwwEHgo4HEwCACJNUCoPNFhXOig6LS8lMSI9AAQWOCUzVRUAWwYEJmQ+KCYmDAwyFFwsJxU1AR4pLAc2LwsTKyQPKi8UMzkhNwtUAwZXFj08KSAnMjE9LC0gIgkjIlYSAQ1fIWQ+KCMMAAwtACw/JQ5YUBQBCRU3PA8BDSYUPAAtLD4kUx9cFxFbGyQUDAM1IgMwO11cOyEOH0BkLiEVID85Oj4BMAIWKwEQWUdeJwwpKElXEDBQGAg1IDAIAz8iADxUOl4BLSACOwwUCQUFBg4/ZUUjLTwHXEdeJxw+VlwiFRtROzExCgNeAWYyJBRQMx8kAjY4EA4rDzkgLQYNMwwkXCs1KSAEJC8LR14nAFswCAM8IjohAgcABC4BPDAbXFwHLFYvLmUpIypUY01QLgcEEAo9PSIFIF4NFA01PT0PWVpVKxA5FSQ2Mh8jLgE3DjUlBg8EDgMsF1EFSg8lBwwcWDhcLh8oZxEUKTMFWwAW
Frame ID: B4F8C68EC38961D228B45D1E63C951F8
Requests: 2 HTTP requests in this frame

Frame: https://terialnevitiesini.com/VE9QeE41LTMVcTVyMl47JiNtXXwSamI+Kmc7aE8hOyBgTndjP2hWLTggJRwoJiA+DGA6KiRdfBIZNS0YICoGKS8fKB0eLyN/IzsbBjwEIBQyG2IuKBg3ZC8BMyNkOw0VOh4PFwEbAgsBMhwJLR4HP2MrOWQ6GCAmMBcqHxcfOCA9LTw4IjwlBiMIAR8eCGIUAA03NyEvBh4hPjYVexYrHB0cKDIDNX5hGxQ/IyQ/JhV5GCshNQw+PgIwHh02LQE7YSALOHkDLwwxAGM+AjAdPykBP3YoKws7GAgwKjAOBzIANgo4NBQWKGEwHAE3FBEPBAo6SAANCX1Aa2YJCS0+LR5gCCcMBzQcGwB3AjUfFRkzLT0THBUMJRIcJz8GHAkcHB87LB4AByUdFgAjBxwJPg0uPAUxCzwDFRMmZRkGHCUCfBIdGhN+CBsiLCwKEyVmCxJAfxc2KDEdLAUdHCIkFwpIdz4IFSoiciUjFyAkcjUhNBoMKUwBI3cbFScHfQ
Frame ID: 5C15B498A6EA885D53259EA946BDE4DE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html
Frame ID: C5D1C07F8D311CFE3424A95CE7F12D7B
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A7CD2082A00BDB2CBA2815753E1C0FFD
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 96B41FEB1E3913DBA410616B2F8108EA
Requests: 3 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&cmp=0
Frame ID: 4035AC3D87369CA2E444AD86851091D7
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Page URL History Show full URLs

https://exe.io/SamaraOliveira HTTP 302
https://exee.app/SamaraOliveira Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

150
Requests

85 %
HTTPS

38 %
IPv6

50
Domains

60
Subdomains

45
IPs

9
Countries

3939 kB
Transfer

7033 kB
Size

38
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vdo.ai/contact?utm_medium=video&utm_term=exee.app&utm_source=vdoai_logo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://exe.io/SamaraOliveira HTTP 302
https://exee.app/SamaraOliveira Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S16914024%3A1669909597867957&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtnxzRvmVZJSFECn_UsF4l9eeznYnd2ZnRgmd9HE4Y_HP7w59ljexZP5ByPe4stN5tmnWvRLw

Request Chain 21

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S2131170938%3A1669909597881245&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsntElPF6bdtrx-jjSOb2ZqvF88FbS6rGTe3G9DdSzw00ZTIDlLa9b3iDjACfXtwou8Mdjwwg

Request Chain 49

https://pbjs.e-planning.net/pbjs/1/30135/1/exee.app/ROS?rnd=0.021393174366816092&e=728x90_0%3A728x90%2C320x50%2C300x50&ur=https%3A%2F%2Fexee.app%2FSamaraOliveira&pbv=6.24.1&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fexee.app%2FSamaraOliveira HTTP 302
https://pbjs.e-planning.net/hb/1/30135/1/exee.app/ROS?ct=1&r=pbjs&rnd=0.021393174366816092&e=728x90_0%3A728x90%2C320x50%2C300x50&ur=https%3A%2F%2Fexee.app%2FSamaraOliveira&pbv=6.24.1&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fexee.app%2FSamaraOliveira

Request Chain 101

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 102

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 105

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f73aec1c-4683-4f04-a6f1-9d4852c9c49e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 111

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=a7f4806f-d358-4996-a0f0-d0e073fe10a2&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 112

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=08725328554265342050819685915059699476&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 114

https://bn01.er.bemail.it/zeotap.php?_bid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022120116-63412-0.494079001669909601-41af95897bf044fd0836ba2dc7506625&zdid=533&env=mWeb

Request Chain 115

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7172207123590412443&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 117

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=286c1199-cce5-4f79-410b-5dfc6db2e9d4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=286c1199-cce5-4f79-410b-5dfc6db2e9d4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361&bounce=1&random=1549723024 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=gVmx5h7vvFmqbeFLHgW.TO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 120

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-AB4cMblE2ookR3_TCxEkjCkLnRvfE1qHOw--~A&zpartnerid=570&env=mWeb

Request Chain 121

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vfrjlNdCh463cWR2Cd0%2BXVve%2Ftx%2Bfp%2FM%2BS41iYitP1U%3D

Request Chain 125

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361&_test=Y4jMYQAAtffWFwAZ HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4jMYQAAtffWFwAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&_test=Y4jMYQAAtffWFwAZ

Request Chain 126

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7cb96388-cc62-4800-9dc7-97f3578f2c4e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 127

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 128

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&dcc=t

Request Chain 130

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Request Chain 132

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=0ed36fba-617d-45f9-bab3-204372f0c6aa&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

150 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request SamaraOliveira Show response
exee.app/
Redirect Chain

https://exe.io/SamaraOliveira
https://exee.app/SamaraOliveira

636 KB
165 KB

151ms
80ms

Document
text/html

2606:4700:3036::ac43:9799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exee.app/SamaraOliveira

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:9799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa24a9751c9d0739ddf643e38256dc39d51e581cabeb98b4f6347f0bef1b649a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 772cf4e8996c161f-DUS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 15:46:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6X2M0v6L%2Bk1SJrm8o5EGQEGnFVhKWNkU3WRSf9DHpRBeuiWKfyV5A5lxfENJnzNIqPuxP1CohZJ98gDqtuwzMiww1zWkYVYM5Ep3PL4XTDM276MwXnQpQIdENh%2BMEfCY8RED1p52kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 772cf4e799189205-FRA
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 15:46:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://exee.app/SamaraOliveira
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa7ipuvdElAIloU2p33Yk67aVf5Yedtnj9jBTKS7NoaU3ATXp%2Fsr8J4gU%2BnjB3nExfbO6rh0MscFDIMN17NAWP4%2B%2F6kEB%2FY5hJncIuI5nTXvP%2B63a5Ic1UrNvsYLrfjc6WFz%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 48ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97d876b0796d55e1a4d9dec67f958fd62674617e5417b92e4584c0397974e9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 15:24:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Dec 2022 15:46:37 GMT

GET
H2 200 continue.css
exee.app/css/ 207 KB
43 KB 28ms
25ms Stylesheet
text/css 2606:4700:3036::ac43:9799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exee.app/css/continue.css

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:9799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d981763db933058f1b28639140a9d1a682e613f1ccc56ffe830da094132bb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/SamaraOliveira
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1296207
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 17:25:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeA2UP5SvtMgBKYbBpigMyHceVQWujfHsrnwyKoup5R5lz9bnhmuwp8KPG659kkvcS672PM%2F%2BJ2FRgpyEPRgMEB2ozdnVB%2B1NFx3wdhxxXDOG4CvMcOTDdss5VLqaPhJWBFmZF1tDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 772cf4e94b4e161f-DUS
expires: Fri, 16 Dec 2022 15:43:10 GMT

GET
H/1.1 200
OK 29529 Show response
fn.deulspoorn.com/1clkn/ 6 B
1 KB 108ms
23ms Script
application/javascript 172.255.6.139
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://fn.deulspoorn.com/1clkn/29529

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.139 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 15:46:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 403
Forbidden f585f65c6c65123b95dd09be324de3bb.js
fightingcowardlycoffin.com/f5/85/f6/ 0
0 288ms
96ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fightingcowardlycoffin.com/f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 15:46:37 GMT
Server: nginx/1.17.9
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c36925dbbfe2e79338f67182ff5dfaa03530de1f754a6713e2cbbe08e4b8712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43539
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Dec 2022 15:46:37 GMT

GET
H2 200 stattag.js Show response
cdntechone.com/ 13 KB
6 KB 61ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b9e2b7f5c251c5b5490e5e8adbda9acdf687b74eb8d5a8d8f2ee1a0104bae3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3210
etag: W/"637e3737-3284"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w489fgpEPtZqH%2BzLLCIhmss0xK57Pr8Z2U9uyET4Yunv5ahHPVLtz%2BnDZToYWMXXFt%2F2QPLyip8xwD8S%2F%2FGBIqR5siC4BCYpB8%2Fh%2BsOFc66G140JUL17vKeVeJFOqI3dOGxCROiMYHeoLpasPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 772cf4e9ecc31629-DUS
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-exee-app/ 17 KB
5 KB 77ms
31ms Script
text/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-exee-app/vdo.ai.js
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813f3e262112289463813b904306788f2198b08df54837dcab7bc8f38e199403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590
x-cache: HIT
vdo-server: Tag2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Dec 2022 15:36:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5tMZovaTQr4OOJo8pvzHlpxafVeK4Col6yMBaozVNM4lHCAx2hmogPI0rSl6wiP2E3iewL8leAul5v46so0pC3ZRXDajfXkddMa%2B4Xg2rb5eT%2B4tYY74lLKrmVarLZdBYyg8w5F6A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1112069 1718872
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 772cf4ea0c47ca85-HAM

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 55ms
25ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Dec 2022 15:14:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exee.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3kFXgVeVy7zrFqflPr6NDg%2F7Y4SA2L8R0M3sDV%2B%2BVJKvz4kyJ2HQERlooeFZ7%2FV48qTM3G2P9bYMiPoy6T7O5MvpZ8Rlj52MFFg3TrEOOvav46df7L3jQYcgd9ePAqq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 772cf4ea0e2a9076-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
369 B 144ms
114ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d4ef4bfc63c81803a97e3e44485df869e00932b094849f9e927db9323740c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNbZ1LKaJF5uDFEkTcprkABTdviajjJQVcvWQ9eYmJd7MDLyaJRtT96YgMgH4NABC616aakMvwkcMghaiCSPVuhJBW8tfTcOTn%2BzONYa67hX4m2pl%2FRTt%2Fshgeay%2FGON"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exee.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 772cf4ea0e2d9076-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
terialnevitiesini.com/ 0
486 B 123ms
99ms XHR
text/plain 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://terialnevitiesini.com/utx?cb=9zaQQtIRFAJm&top=exee.app&tid=822524
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:37 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exee.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: TrXa1u6uzcLzh83DgY77rHCpMGj8drVNdpV0ijSjk0QLLO_n8xQ56Q==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 248173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:50:24 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v34/ 17 KB
18 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:56:33 GMT
x-content-type-options: nosniff
age: 247804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17820
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:56:33 GMT

GET
H2 200 HRZIZj4gEXkDDgI2cQMDBwZnGDwedWUgFhosdxVpEixzFxgYD2dvEx4VWzoWI3x9ABkFLmgvDwIgXmMeHjxULD4dLFEQaQ13YxAfAQpjNRYKL0MgA3p8XBISHTxhZxsbHXQYCx4jFjwpJCpAax0jBXQ0CSYIWycRBQ Show response
terialnevitiesini.com/WktEMFY7KSddaTt2JhYjKCd5FWQcbnZ2Mmk/fAc5NSR0Bm9tO3weNTYkMVQwKCQqRHg0LjAVZBwcFl1nMAQRaTobLHVWMw4CAXIhCG52cjIcchNzZRAsBkgUDQAAagcQDQF4Fz1zM2YXNT8Mcz5pEgB5Dhg8FgIPGw4HZi8cfBdHDAI... Frame EC3B 3 KB
2 KB 102ms
102ms Document
text/html 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://terialnevitiesini.com/WktEMFY7KSddaTt2JhYjKCd5FWQcbnZ2Mmk/fAc5NSR0Bm9tO3weNTYkMVQwKCQqRHg0LjAVZBwcFl1nMAQRaTobLHVWMw4CAXIhCG52cjIcchNzZRAsBkgUDQAAagcQDQF4Fz1zM2YXNT8Mcz5pEgB5Dhg8FgIPGw4HZi8cfBdHDAIBHEQ1CB0jWRwcCRx4LBN5BVcxHwAtdRQZegVYHwggD2M7GzEAdmMPABBHEx56EV4Pa3ModBEyeRd2ExApLnUTHh10QBsIfgNzZQMkA2UPFi8qVDIOGihaMglyA3NlAzMGcWYKKCl+MxMZPAAyMh0SdAFjIRwBexQSCloPGAkvBDwQCh17Ag0FdHtnAwAnZz4/HRZIZj4gEXkDDgI2cQMDBwZnGDwedWUgFhosdxVpEixzFxgYD2dvEx4VWzoWI3x9ABkFLmgvDwIgXmMeHjxULD4dLFEQaQ13YxAfAQpjNRYKL0MgA3p8XBISHTxhZxsbHXQYCx4jFjwpJCpAax0jBXQ0CSYIWycRBQ
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f742ad0e706e90e8080a56cb002eb7b644d077aa73494ac4ba81cb4c117fdf07

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1233
content-type: text/html
date: Thu, 01 Dec 2022 15:46:37 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-amz-cf-id: lQBc1E6mNIvYieA4-aqnqlj4O61Sbt1ObyS83YPjNIAq3iBTUZqTJA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 26ms
25ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Dec 2022 15:14:40 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exee.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8GIrke0%2FRQp%2F4ZSZ0%2F3yKIVaWGqND0Jy0QUgnaB5E2uApgbOIhHK5f93L7L2eSPNfn9m7QjniurB%2FuVGyGq2LWKApUoVRSoIoYBirzsuem0YPcSxWuJnRvnh%2BXpElsu"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 772cf4ea1e3c9076-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
352 B 123ms
122ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841e71c2a2d3dcfee139c5c05a2d3b95e7a4489dae42a102424d7b138d21ac65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Ft%2FCfNp87zMCCSI9FatoSevHbdPTtgWDrF3FgKgAj7ckpWhLsIlC0hQEsWDKvl5aPpmz%2B%2Bk3SgkTfCUOWLok4tiMC%2FcIGRmsbvTVLU9DKIBHYphVHcEsHGZsVCHT0hY"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exee.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 772cf4ea1e3e9076-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
terialnevitiesini.com/ 0
486 B 112ms
112ms XHR
text/plain 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://terialnevitiesini.com/utx?cb=7o7HC2o4CcdO&top=exee.app&tid=889494
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:37 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exee.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: JJqW6tj8blFCIYlYKi10M6h5VBnKg_jJpWRlQS5vJPVvOUmGtXHIGw==

GET
H2 200 ZUUjLTwHXEdeJxw+VlwiFRtROzExCgNeAWYyJBRQMx8kAjY4EA4rDzkgLQYNMwwkXCs1KSAEJC8LR14nAFswCAM8IjohAgcABC4BPDAbXFwHLFYvLmUpIypUY01QLgcEEAo9PSIFIF4NFA01PT0PWVpVKxA5FSQ2Mh8jLgE3DjUlBg8EDgMsF1EFSg8lBwwcWDhcL... Show response
terialnevitiesini.com/bGVWaGINBzUFXQ1YNE4XHglrTVAqQGQuBl8Rbl8NAwpmXltbFW5GAQAKIwwEHgo4HEwCACJNUCoPNFhXOig6LS8lMSI9AAQWOCUzVRUAWwYEJmQ+KCYmDAwyFFwsJxU1AR4pLAc2LwsTKyQPKi8UMzkhNwtUAwZXFj08KSAnMjE9LC0... Frame B4F8 3 KB
2 KB 99ms
98ms Document
text/html 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://terialnevitiesini.com/bGVWaGINBzUFXQ1YNE4XHglrTVAqQGQuBl8Rbl8NAwpmXltbFW5GAQAKIwwEHgo4HEwCACJNUCoPNFhXOig6LS8lMSI9AAQWOCUzVRUAWwYEJmQ+KCYmDAwyFFwsJxU1AR4pLAc2LwsTKyQPKi8UMzkhNwtUAwZXFj08KSAnMjE9LC0gIgkjIlYSAQ1fIWQ+KCMMAAwtACw/JQ5YUBQBCRU3PA8BDSYUPAAtLD4kUx9cFxFbGyQUDAM1IgMwO11cOyEOH0BkLiEVID85Oj4BMAIWKwEQWUdeJwwpKElXEDBQGAg1IDAIAz8iADxUOl4BLSACOwwUCQUFBg4/ZUUjLTwHXEdeJxw+VlwiFRtROzExCgNeAWYyJBRQMx8kAjY4EA4rDzkgLQYNMwwkXCs1KSAEJC8LR14nAFswCAM8IjohAgcABC4BPDAbXFwHLFYvLmUpIypUY01QLgcEEAo9PSIFIF4NFA01PT0PWVpVKxA5FSQ2Mh8jLgE3DjUlBg8EDgMsF1EFSg8lBwwcWDhcLh8oZxEUKTMFWwAW
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a0970ce58273d8536790110c1d83b0e931b3be4153b33befce4940fdbd5ab20a

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1236
content-type: text/html
date: Thu, 01 Dec 2022 15:46:37 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-amz-cf-id: NkJApAk1sGkw2ZD57IQ0flxGdQYt8rNtgi1_imOl8THvI-d919jeEQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H2 200 JhV5GCshNQw+PgIwHh02LQE7YSALOHkDLwwxAGM+AjAdPykBP3YoKws7GAgwKjAOBzIANgo4NBQWKGEwHAE3FBEPBAo6SAANCX1Aa2YJCS0+LR5gCCcMBzQcGwB3AjUfFRkzLT0THBUMJRIcJz8GHAkcHB87LB4AByUdFgAjBxwJPg0uPAUxCzwDFRMmZRkGHCUCf... Show response
terialnevitiesini.com/VE9QeE41LTMVcTVyMl47JiNtXXwSamI+Kmc7aE8hOyBgTndjP2hWLTggJRwoJiA+DGA6KiRdfBIZNS0YICoGKS8fKB0eLyN/IzsbBjwEIBQyG2IuKBg3ZC8BMyNkOw0VOh4PFwEbAgsBMhwJLR4HP2MrOWQ6GCAmMBcqHxcfOCA9LTw... Frame 5C15 3 KB
2 KB 99ms
98ms Document
text/html 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://terialnevitiesini.com/VE9QeE41LTMVcTVyMl47JiNtXXwSamI+Kmc7aE8hOyBgTndjP2hWLTggJRwoJiA+DGA6KiRdfBIZNS0YICoGKS8fKB0eLyN/IzsbBjwEIBQyG2IuKBg3ZC8BMyNkOw0VOh4PFwEbAgsBMhwJLR4HP2MrOWQ6GCAmMBcqHxcfOCA9LTw4IjwlBiMIAR8eCGIUAA03NyEvBh4hPjYVexYrHB0cKDIDNX5hGxQ/IyQ/JhV5GCshNQw+PgIwHh02LQE7YSALOHkDLwwxAGM+AjAdPykBP3YoKws7GAgwKjAOBzIANgo4NBQWKGEwHAE3FBEPBAo6SAANCX1Aa2YJCS0+LR5gCCcMBzQcGwB3AjUfFRkzLT0THBUMJRIcJz8GHAkcHB87LB4AByUdFgAjBxwJPg0uPAUxCzwDFRMmZRkGHCUCfBIdGhN+CBsiLCwKEyVmCxJAfxc2KDEdLAUdHCIkFwpIdz4IFSoiciUjFyAkcjUhNBoMKUwBI3cbFScHfQ
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a99fc9557f20ad09807af213442d400f9ecf436efc79264f875759d0bd268535

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1222
content-type: text/html
date: Thu, 01 Dec 2022 15:46:37 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-amz-cf-id: czC09aoPFAoEHis-mG14CMa0EXLXCpyb3yJsfjZQfG_A4Xu57tsLpg==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H2 204 cDkzUzlfBlAgBD5XdSZdJU5jAghJd1cSADpudmIBNAl5MGsoARUnUBQEC2ELRQsHdUkZXQ5iHwNNUidMAwQCdVAeX1xuHwYEAn0KRBcAYhdBH0ZuCFZNQzJeTQgVI00EVQ5iD0YACmMARQAEZA1A
labortiontrifee.com/ 0
255 B 156ms
122ms Image
text/plain 104.21.24.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://labortiontrifee.com/cDkzUzlfBlAgBD5XdSZdJU5jAghJd1cSADpudmIBNAl5MGsoARUnUBQEC2ELRQsHdUkZXQ5iHwNNUidMAwQCdVAeX1xuHwYEAn0KRBcAYhdBH0ZuCFZNQzJeTQgVI00EVQ5iD0YACmMARQAEZA1A
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HREbNdkqvUxZgTlyP6Uy7HfWg1ZTloy9u1TXo%2BfradI14iFP6xCvySNPfp85c7GuarI6PvO%2BLiJU%2F2%2FMQzCYtu0c1PWiztFfZdhzqzLNAb%2F%2BTrjvYp%2B0Pk%2FsWzLECFkqNbkIbdoQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 772cf4ea78749b49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 108ms
90ms Image
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S16914024%3A1669909597867957&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&...

0
0

69ms
46ms

Image
text/html

2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S16914024%3A1669909597867957&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtnxzRvmVZJSFECn_UsF4l9eeznYnd2ZnRgmd9HE4Y_HP7w59ljexZP5ByPe4stN5tmnWvRLw
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H3
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Redirect headers

date: Thu, 01 Dec 2022 15:46:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-quMDHY-jhaE_KqOZsoW3fQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 391
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S16914024%3A1669909597867957&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtnxzRvmVZJSFECn_UsF4l9eeznYnd2ZnRgmd9HE4Y_HP7w59ljexZP5ByPe4stN5tmnWvRLw
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S2131170938%3A1669909597881245&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...

0
0

41ms
38ms

Image
text/html

2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S2131170938%3A1669909597881245&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsntElPF6bdtrx-jjSOb2ZqvF88FbS6rGTe3G9DdSzw00ZTIDlLa9b3iDjACfXtwou8Mdjwwg
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H3
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Redirect headers

date: Thu, 01 Dec 2022 15:46:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-sIo0V05mdETJhbmA6f2aSg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S2131170938%3A1669909597881245&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsntElPF6bdtrx-jjSOb2ZqvF88FbS6rGTe3G9DdSzw00ZTIDlLa9b3iDjACfXtwou8Mdjwwg
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ZExvWXBLcwwqTTV9OQojDhpcOzc2ey5qKgMWXCo3AAs5KxMTfEktGQBxV2FJUHVbfwANKFJoVhc4Di0FF3FefxkKKgBkVhJxXndDUGJcaF5VahpkQUI4HzgXWX1JKQQQIFJoRlJ1VmlJUXVYbkdc
labortiontrifee.com/ 0
414 B 148ms
115ms Image
text/plain 104.21.24.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://labortiontrifee.com/ZExvWXBLcwwqTTV9OQojDhpcOzc2ey5qKgMWXCo3AAs5KxMTfEktGQBxV2FJUHVbfwANKFJoVhc4Di0FF3FefxkKKgBkVhJxXndDUGJcaF5VahpkQUI4HzgXWX1JKQQQIFJoRlJ1VmlJUXVYbkdc
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9WkU9nIn4llT5%2FJz3TP%2BFpaDPyY3TiNiuChLC3YLYobkx0zkuBt7CwDyoZD%2FnKb5rn5hHVpUu%2B1ys0Rlykl9mh8ifP8uSpE%2Brqo12RwQm%2B33YZ37Ao22EYT%2BUD7YJO4HkxRrv28"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 772cf4ea88799b49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 axAwBzgYDQ1lKmdyM2ogFHwtYxo1Ej0HLxd7BhQ4Py5ICnhleEMDaiYjEQ99bmwGRi0iPwYPfXAjG1Qja2wDD314elsAYmRsAA99cD4FUytre1NCOCImSAN6YHNMAnVjc0IFdWM
labortiontrifee.com/SnUyTFZlSlE/ 0
248 B 149ms
116ms Image
text/plain 104.21.24.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://labortiontrifee.com/SnUyTFZlSlE/axAwBzgYDQ1lKmdyM2ogFHwtYxo1Ej0HLxd7BhQ4Py5ICnhleEMDaiYjEQ99bmwGRi0iPwYPfXAjG1Qja2wDD314elsAYmRsAA99cD4FUytre1NCOCImSAN6YHNMAnVjc0IFdWM
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9%2BApp6bAvOIvF2P2n4btyOpBrXyHq%2B31xxCtcb8jolAiBtBiF9blfo%2FAY5JqPNso0g2KPfUvJxtZaE2GseFPZwNUGzASxAXLGDHOwQjSiyantroEBW%2FDzjw1IfpJ2riAckZVAXP"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 772cf4ea78769b49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
461 B 50ms
15ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 01 Dec 2022 15:46:37 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://exee.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 33ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-41

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exee-app/vdo.ai.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3db4a30f2e939340c829e889fedc57efe332f9d7d0810a343153526e047935a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43547
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Dec 2022 15:46:37 GMT

POST
H2 200 logger Show response
analytics.vdo.ai/ 0
512 B 148ms
112ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exee-app/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfZuAb9pkqZbVnQ0Ee9t4RznrfzUPmhiB0zDUhrVpcF6QvXVT4Us1bmBT78%2B2uaVLZvvgYZGgJCJiVVxsuBz6Ier1tduuovPPCAUWirjZW5l3Vkbi%2BDWG0Rq3XdB%2B13KN%2FVJ1j%2B%2BCOSE%2F%2BW8Eh1v"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4eac9ab7a43-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 8 KB
2 KB 74ms
39ms XHR
application/json 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=exee.app%2FSamaraOliveira&tag=v-exee-app&domain=exee.app
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exee-app/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2447221b681325078a06c218357c8e92588383f996d5af3abae9f4e4a2873b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jMq2pQI9HYVeYed%2FydSp4VK9BCtmRZcbeMiuL3QedjrJs%2BTxUMAt%2BgiByseqZPv4olagB331fl9L13obrzmsfiek5SW2nu%2FoBcajapMnjdTeQncAly%2BXiyohMXWqzfTp8Dyj08yhv65iASgG4l3"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json
cf-ray: 772cf4eacc129b1f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 WRm1jOUYlAg1feTIEBwR+dF9WC3JgBxBWKDZQJFEHAg8wVAotHCh3YDIXBwR2YAECVyF7SwZXJXtcRVgiJFBXHzI2AggEKiEBC1AhIRkKSmAzDF5UKTwED1UnY18lDGh2SFEJbjEEDV0pMR5GC3YoGUYLdnddTQljdS9GC3YxBA0PcmNeIRx0dhVVDW9jX1-NYNjY... Show response
d3t87ooo0697p8.cloudfront.net/ Frame EC3B 712 B
778 B 180ms
152ms Script
text/plain 2600:9000:2156:ba00:10:8cf5:4f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3t87ooo0697p8.cloudfront.net/WRm1jOUYlAg1feTIEBwR+dF9WC3JgBxBWKDZQJFEHAg8wVAotHCh3YDIXBwR2YAECVyF7SwZXJXtcRVgiJFBXHzI2AggEKiEBC1AhIRkKSmAzDF5UKTwED1UnY18lDGh2SFEJbjEEDV0pMR5GC3YoGUYLdnddTQljdS9GC3YxBA0PcmNeIRx0dhVVDW9jX1-NYNjYBBk4jJAYKTWN0K1YKcWheVRx0dkUIUTIrAUYLBWNfU1UvLQhGC3YhCABSKW9IUQklLh8MVCNjXyUIdn5DUxdzdVhaF3F3SFEJNScLAksvY18lDHVxQ1APYDNQUg
Requested by: Host: terialnevitiesini.com
URL: https://terialnevitiesini.com/WktEMFY7KSddaTt2JhYjKCd5FWQcbnZ2Mmk/fAc5NSR0Bm9tO3weNTYkMVQwKCQqRHg0LjAVZBwcFl1nMAQRaTobLHVWMw4CAXIhCG52cjIcchNzZRAsBkgUDQAAagcQDQF4Fz1zM2YXNT8Mcz5pEgB5Dhg8FgIPGw4HZi8cfBdHDAIBHEQ1CB0jWRwcCRx4LBN5BVcxHwAtdRQZegVYHwggD2M7GzEAdmMPABBHEx56EV4Pa3ModBEyeRd2ExApLnUTHh10QBsIfgNzZQMkA2UPFi8qVDIOGihaMglyA3NlAzMGcWYKKCl+MxMZPAAyMh0SdAFjIRwBexQSCloPGAkvBDwQCh17Ag0FdHtnAwAnZz4/HRZIZj4gEXkDDgI2cQMDBwZnGDwedWUgFhosdxVpEixzFxgYD2dvEx4VWzoWI3x9ABkFLmgvDwIgXmMeHjxULD4dLFEQaQ13YxAfAQpjNRYKL0MgA3p8XBISHTxhZxsbHXQYCx4jFjwpJCpAax0jBXQ0CSYIWycRBQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:10:8cf5:4f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 08b5f5e75b5ab0a5a8b658a281423e2f0af3ea3204edd66f14ad95e86f700c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terialnevitiesini.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 503
x-amz-cf-id: o2i1gjGKfAkYfbf30lm42nhd3sWJp2eXlEUn1iN2TPx6QtSWvooJog==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 15:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1314
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 01 Dec 2022 17:24:43 GMT

GET
H2 200 X2tmcHRdfiJbP1l6cAETSnxlSmdbZ3-AAYQ4+JV40GCs3WTgba2d0ZFx5ewFnSnxlGjoHOjhedF0NcABhAyc+V3RdfjJXMgQhfBdjXy09QD4CK3AAF15+bRxhQXtmB2hBeWQXY189NFQwHSdwABdafWIcYlloIA9g Show response
d3t87ooo0697p8.cloudfront.net/jb05VMlEMITtUbhsnMQ9pV3dhC2VJJCZdPx9zOwYdHANkSycqGAYBMxVoIUg1Un5zXjABKWgUNAEtaAN3Dio3D2VJOiVdOlIiMl45BikyRjgcaCBTbAIhL1s9Ay9wABdaYGUXY19mIls/CyEiQXRdfjtGdF1+ZAJ/ Frame B4F8 886 B
915 B 154ms
152ms Script
text/plain 2600:9000:2156:ba00:10:8cf5:4f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3t87ooo0697p8.cloudfront.net/jb05VMlEMITtUbhsnMQ9pV3dhC2VJJCZdPx9zOwYdHANkSycqGAYBMxVoIUg1Un5zXjABKWgUNAEtaAN3Dio3D2VJOiVdOlIiMl45BikyRjgcaCBTbAIhL1s9Ay9wABdaYGUXY19mIls/CyEiQXRdfjtGdF1+ZAJ/X2tmcHRdfiJbP1l6cAETSnxlSmdbZ3-AAYQ4+JV40GCs3WTgba2d0ZFx5ewFnSnxlGjoHOjhedF0NcABhAyc+V3RdfjJXMgQhfBdjXy09QD4CK3AAF15+bRxhQXtmB2hBeWQXY189NFQwHSdwABdafWIcYlloIA9g
Requested by: Host: terialnevitiesini.com
URL: https://terialnevitiesini.com/bGVWaGINBzUFXQ1YNE4XHglrTVAqQGQuBl8Rbl8NAwpmXltbFW5GAQAKIwwEHgo4HEwCACJNUCoPNFhXOig6LS8lMSI9AAQWOCUzVRUAWwYEJmQ+KCYmDAwyFFwsJxU1AR4pLAc2LwsTKyQPKi8UMzkhNwtUAwZXFj08KSAnMjE9LC0gIgkjIlYSAQ1fIWQ+KCMMAAwtACw/JQ5YUBQBCRU3PA8BDSYUPAAtLD4kUx9cFxFbGyQUDAM1IgMwO11cOyEOH0BkLiEVID85Oj4BMAIWKwEQWUdeJwwpKElXEDBQGAg1IDAIAz8iADxUOl4BLSACOwwUCQUFBg4/ZUUjLTwHXEdeJxw+VlwiFRtROzExCgNeAWYyJBRQMx8kAjY4EA4rDzkgLQYNMwwkXCs1KSAEJC8LR14nAFswCAM8IjohAgcABC4BPDAbXFwHLFYvLmUpIypUY01QLgcEEAo9PSIFIF4NFA01PT0PWVpVKxA5FSQ2Mh8jLgE3DjUlBg8EDgMsF1EFSg8lBwwcWDhcLh8oZxEUKTMFWwAW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:10:8cf5:4f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 73a1c6120b36c8f825a9eb025638788a045227c87891e31523400c720bd7313c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terialnevitiesini.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 636
x-amz-cf-id: 0qlDkI85FQ2I7aNJjn1_NBsYxh3GjrgSUFc6qcE_xDyNLOuOXmKL0w==

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 410 KB
127 KB 54ms
44ms Script
application/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exee-app/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5fd2b175f045a4dc14c221d5d84fc5d595481209f752fd4cc00054651ee0f75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Dec 2022 12:43:16 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpMAdr6cGJF2UBWAqpvEei2aIjqUnNwbHR2hyPcbF7rHJT9IzWuJnpwV05rvsgw72on9%2F%2FlrsYomVBDE71pFzgh5O5JxWYUX1iL8oSht%2B7jtgHruTgTdpj3FkJ6DR3M4EdYnBLyA%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-varnish: 2023500 262147
cf-ray: 772cf4eb1c4d9a0f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 371 KB
124 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exee-app/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126620
x-xss-protection: 0
expires: Thu, 01 Dec 2022 15:46:37 GMT

GET
H2 200 YUpyQ0piXHddUT8RMQAVcUsGSEtkFSwGHHFLdQocNxIqRFxmSSYFCzsUIEhLEkh1VVdkV3BeTG1XclxcZkk2DB81CyxISxJMdlpXZ09jGERl Show response
d3t87ooo0697p8.cloudfront.net/VeUVteVQaKgMfaw0sCURsTXZfT2VfLx4WOgl4CCAuNwYUTRsOfSYUPSp3Sw0uHXhdXzgYKwpEchwrDkRlXyQJG2lNYxgYaRQqFxA4FSRISxJMa11cZkltGhA6HSoaCnFLdQMNcUt1XEl6SWBeO3FLdRoQOk9xSEoWXHddAW... Frame 5C15 207 B
475 B 153ms
152ms Script
text/plain 2600:9000:2156:ba00:10:8cf5:4f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3t87ooo0697p8.cloudfront.net/VeUVteVQaKgMfaw0sCURsTXZfT2VfLx4WOgl4CCAuNwYUTRsOfSYUPSp3Sw0uHXhdXzgYKwpEchwrDkRlXyQJG2lNYxgYaRQqFxA4FSRISxJMa11cZkltGhA6HSoaCnFLdQMNcUt1XEl6SWBeO3FLdRoQOk9xSEoWXHddAWJNbEhLZBg1HRUxDiAPEj0NYF-8/YUpyQ0piXHddUT8RMQAVcUsGSEtkFSwGHHFLdQocNxIqRFxmSSYFCzsUIEhLEkh1VVdkV3BeTG1XclxcZkk2DB81CyxISxJMdlpXZ09jGERl
Requested by: Host: terialnevitiesini.com
URL: https://terialnevitiesini.com/VE9QeE41LTMVcTVyMl47JiNtXXwSamI+Kmc7aE8hOyBgTndjP2hWLTggJRwoJiA+DGA6KiRdfBIZNS0YICoGKS8fKB0eLyN/IzsbBjwEIBQyG2IuKBg3ZC8BMyNkOw0VOh4PFwEbAgsBMhwJLR4HP2MrOWQ6GCAmMBcqHxcfOCA9LTw4IjwlBiMIAR8eCGIUAA03NyEvBh4hPjYVexYrHB0cKDIDNX5hGxQ/IyQ/JhV5GCshNQw+PgIwHh02LQE7YSALOHkDLwwxAGM+AjAdPykBP3YoKws7GAgwKjAOBzIANgo4NBQWKGEwHAE3FBEPBAo6SAANCX1Aa2YJCS0+LR5gCCcMBzQcGwB3AjUfFRkzLT0THBUMJRIcJz8GHAkcHB87LB4AByUdFgAjBxwJPg0uPAUxCzwDFRMmZRkGHCUCfBIdGhN+CBsiLCwKEyVmCxJAfxc2KDEdLAUdHCIkFwpIdz4IFSoiciUjFyAkcjUhNBoMKUwBI3cbFScHfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:10:8cf5:4f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1e4aba5031a8c24a8bcf74e855ee47cb63ed828ca82e9c60f71e92f8886fcb82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terialnevitiesini.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 199
x-amz-cf-id: MetEF7geK0Onoar3M-JK5Iof1RKem41Mbaym7CK2Q0pjkTZt2GY5AQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=343296074&t=event&_s=1&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=v-exee-app&_u=YEBAAUABAAAAACAAI~&jid=1836055059&gjid=1256046183&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&_r=1&gtm=2oubs0&z=276433057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=timing&_s=2&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_allowed_url.php&utl=v-exee-app&utt=77&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1292575750

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68628
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

434df8c17121a24a67763fdb3559e801de74258b30fd927a5d0803e4243a28d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43577
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Dec 2022 15:46:37 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=343296074&t=pageview&_s=1&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1864276194&gjid=439991470&cid=1270600727.1669909598&tid=UA-135952122-1&_gid=2060067950.1669909598&_r=1&gtm=2oubs0&z=1017382539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=timing&_s=3&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_ima3.js&utl=v-exee-app&utt=92&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1416241420

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
496 B 142ms
124ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA6Sd0AUkwG1V2A85EY7dd4UW2bFNy4WDPjG1kIA41m%2BUZLTFjTlTcvffqBFRnqR%2BOVRuNUJWunRhJ4G8INA%2BNeHOspzIPdwqdgGTwnIh5N115tPv%2Bq0I%2FNIeGfghLBTsN0Xy3NrIaWW7p0RTgkk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4ec1eb1cac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 651 KB
180 KB 38ms
37ms Script
application/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 624
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 13:25:49 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyYzXIv5WCNqkiaIEIvt8VXRZlEqRr7lTD%2BQEUOR5pNfgAf05xaWGYykR5WokcHT3GKE8l5G87k%2FNuVDRNfQZcrRtceJi10fBtfy0N55DZ4sTreoLqFUs1he%2Bku9XXRpbNm4DTJ8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
x-varnish: 1546147 1606580
cf-ray: 772cf4ebfe4d9a0f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v6.24.1.js Show response
a.vdo.ai/core/assets/ 468 KB
130 KB 29ms
29ms Script
application/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f598127eaff64f97312f924cba7129e164c56b2895371ce39d9db5cecf2b743b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 629
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Nov 2022 11:45:25 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBvTXiIMIBbzPsEQAUQFMC0gy0Oq5l6GEr59PUsjZ7DIETCp0JxUq4kuw16ldzeAXisZ48cam%2F5bIHc5izLEQpZAqi4VdZ33Ki%2FfyGcR%2FS55CyYPTvBQABcdBMPkEiQ1ZFfUdhVN0w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
x-varnish: 1420240 1420063
cf-ray: 772cf4ebfe519a0f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=timing&_s=1&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.min.js&utl=v-exee-app&utt=119&_u=QACAAUABCAAAAAAAI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1260724504

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=pageview&_s=2&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABCAAAAAAAI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=2133517515

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=3&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=v-exee-app&_u=QACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=178032976

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 62ms
24ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b9fc37386561508e71a539d87f0c11495ca7d5fe00d3b6ab3d1f318248b8f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 01 Dec 2022 15:46:38 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=timing&_s=4&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=v-exee-app&utt=72&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=2121131689

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=timing&_s=5&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=v-exee-app&utt=86&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1237507789

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 77ms
58ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a99fb4f4d8a4feffebc98781f0359bfd769661d970672dc47c913766880ebc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2733
x-jsd-version: 1.0.1540
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA, cache-yyz4560-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-MHpICIFaKHnsfHq0GL0f+aHehJQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRp0OmEL5bD5cGZblSJKJ6lDA0YTk5IR8WxeMfjpS%2FBiMj1k3qkoOHoXesw4KOCz4WS26vSvL92CnTFSIwIQGt%2B7GaNs7iYBVJTDQYN8WFMHdTmjDTfiMNdxn6LIGxTlkbhciLweIoZphPLMe8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 772cf4eca8a49b34-FRA

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/30135/1/exee.app/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/30135/1/exee.app/ROS?rnd=0.021393174366816092&e=728x90_0%3A728x90%2C320x50%2C300x50&ur=https%3A%2F%2Fexee.app%2FSamaraOliveira&pbv=6.24.1&ncb=1&vs=F&crs=UTF-8&fr=...
https://pbjs.e-planning.net/hb/1/30135/1/exee.app/ROS?ct=1&r=pbjs&rnd=0.021393174366816092&e=728x90_0%3A728x90%2C320x50%2C300x50&ur=https%3A%2F%2Fexee.app%2FSamaraOliveira&pbv=6.24.1&ncb=1&vs=F&crs...

511 B
921 B

22ms
22ms

XHR
application/json

185.172.90.251
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/30135/1/exee.app/ROS?ct=1&r=pbjs&rnd=0.021393174366816092&e=728x90_0%3A728x90%2C320x50%2C300x50&ur=https%3A%2F%2Fexee.app%2FSamaraOliveira&pbv=6.24.1&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fexee.app%2FSamaraOliveira
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H2
Server: 185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-plannning.net
Software: openresty /
Resource Hash: 6807c34c780e7b6f8bc07601329d4f536d92d086767864589fb73273bd4459b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

expires: Thu, 01 Dec 2022 15:46:38 GMT
date: Thu, 01 Dec 2022 15:46:38 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type: application/json
access-control-allow-origin: https://exee.app
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 511
x-sid: AMS-929

Redirect headers

date: Thu, 01 Dec 2022 15:46:38 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/30135/1/exee.app/ROS?ct=1&r=pbjs&rnd=0.021393174366816092&e=728x90_0%3A728x90%2C320x50%2C300x50&ur=https%3A%2F%2Fexee.app%2FSamaraOliveira&pbv=6.24.1&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fexee.app%2FSamaraOliveira
access-control-allow-origin: https://exee.app
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-929

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
696 B 42ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:38 GMT
AN-X-Request-Uuid: 537f64c7-b45f-42dd-a4ac-59e650e1637d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://exee.app
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
696 B 42ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:38 GMT
AN-X-Request-Uuid: 21679d29-56c9-47b9-8068-e652701b4d38
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://exee.app
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 16494291789562504aba5f866.png
h5.vdo.ai/media_file/v-exee-app/source/uploads/thumbnails/ 68 KB
68 KB 554ms
186ms Image
image/png 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/thumbnails/16494291789562504aba5f866.png
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: 4ef36c7fb595d9e325c5d15b8143c03774407dc5da6c9a77ff9160580136a46d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 15:46:38 GMT
Last-Modified: Fri, 08 Apr 2022 14:46:21 GMT
Server: nginx/1.20.1
ETag: "62504abd-10eaa"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69290
Expires: Fri, 01 Dec 2023 15:46:38 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.m3u8
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 435ms
97ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:38 GMT
Expires: Fri, 01 Dec 2023 15:46:38 GMT
Server: nginx/1.20.1

GET
H/1.1 200
OK 16494291789562504aba5f866.m3u8 Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 48 KB
8 KB 98ms
98ms XHR
application/vnd.apple.mpegurl 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: af04d7f17b30f3beb2c330f099297d98973e00f809b501cc361e424c4b45ca0b

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 15:46:38 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: W/"62e47d3b-bf8c"
Transfer-Encoding: chunked
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Fri, 01 Dec 2023 15:46:38 GMT

GET
BLOB 200
OK 20a5020f-7339-4fd3-8e1a-7268bd6ccbc2
https://exee.app/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://exee.app/20a5020f-7339-4fd3-8e1a-7268bd6ccbc2
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK 66cae92b-91e9-46a0-901f-b93682850049
https://exee.app/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://exee.app/66cae92b-91e9-46a0-901f-b93682850049
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK d9039597-f112-4cc1-84d2-25265fa20e14
https://exee.app/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://exee.app/d9039597-f112-4cc1-84d2-25265fa20e14
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 bridge3.547.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C5D1 691 KB
221 KB 25ms
8ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f461e1e3fb47ce63a8d28c453253784cc233481904428c57a361fc93fd987327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 161780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226691
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 18:50:18 GMT
expires: Wed, 29 Nov 2023 18:50:18 GMT
last-modified: Tue, 29 Nov 2022 15:11:42 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Dec 2022 15:46:38 GMT

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
461 B 115ms
115ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpym7EvrJJQshYuVl%2F7vFUbeh0RyoQt0drEIJdt4vgwk74%2FAMhFH4H3iXdJPHsrBiPvL94xi3XZM1Nf%2BC7%2BSM3iHVoW6Bn3dJnvCBGqpNqqEqmR3Ld91uQu2pvoy8B83Dxn%2BPXv%2Foh6M3a7lhOH%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4ed28c0cac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 17ms
17ms Image
image/svg+xml 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS%2BnupedDX6nfoxGN2oRwQvi9XT%2FvuIWl4RWWKweIicQbqgF%2Bv3wb3vlLPCAFZwF0RpN2gRuQ%2Fe3J%2BPRZePyaXixbcSARJblV6azrTCxwEt3mheCcemAnygCfML%2BNIvD1vFwDHQ1gg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-varnish: 3411122 163843
cf-ray: 772cf4ed28dd9a0f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d75422b4/www-widgetapi.vflset/ 161 KB
53 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d75422b4/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc41640dd72382f686ce37ae82b916bcb605c9deb6762bb179a3d57f318d02b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54004
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 01:20:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 15:02:51 GMT

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
457 B 121ms
121ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PjiKAoZvn5HSBZ6hcu35Ap5OYU9WnDxL3RjdIxbwdO48hkVBGwsbDM8KZvqtOhZnCWQ2AaVLxV5zY%2B8%2FFXn5eWaj9dGMknwBN7ZIDbjShwkAk0wcErzHy5W5XZHoqnFBUfxdkT47I9kt9awBGFt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4ed48e8cac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
460 B 120ms
120ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9f57cLl1vKUkfYD6lhlrCNxXOmXmuPG3AmCsL78hnMsOFnRIK6vqQoO%2B4NKnuTJfuJZSnJV0SPcduQVtZvjj5R24ef7lim1rRhY%2B%2Bp%2BonVeODQF7WIANL0XH3pv54z2T%2FTQzdhZLUMZhcFKbKpY"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4ed48eccac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
458 B 121ms
120ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3r0IaEfo0djN6rxxpeBxDPi6AgYEehJa6y0YE9SAMNA7mRyc0AwzXpwrJjY0qJ%2FasjurBkKy24wCLnTt%2B%2FQn838cAmAok9cpArdwhq%2FHWPBSietsJTYJN9QUY8Uf4XT8nlF02%2F8pxEToRpGPCO9"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4ed48f4cac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://exee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
459 B 115ms
115ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bh9VZDvs7VmlU932iHJnI6Kji4NyltGTxrFTaZ68OED3xNM4RC%2BCIkdCnlhNkQd0rZgYK3wizyqeomE16%2BZpHqOLKXRr4D%2Fl5BdSgi698vHc5o8W%2Bq%2BedJyCYneiDnSu4TmnN1iAojPFWA5zf4oW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4ed590bcac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=6&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=2084607501

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=7&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=2056285575

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=8&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=128619056

Requested by

Host: exee.app
URL: https://exee.app/SamaraOliveira

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 popunder.gif
labortiontrifee.com/ 35 B
554 B 33ms
22ms Image
image/gif 104.21.24.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://labortiontrifee.com/popunder.gif
Requested by: Host: exee.app
URL: https://exee.app/SamaraOliveira
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: public
date: Thu, 01 Dec 2022 15:46:38 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 19:56:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 71391
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35lIF%2FRFJ5f94ePG%2Fo7xSYawGkjIJh7tOBl1n%2F7Sv467QOLIb9mX7Beu%2F3mHkGF9xhG%2BIyWnxUXeh8OpmZo0GUIrEQoc6VsCvpQowO3lwpkrUj7XOreWilHAmk88crKvoIqtI%2Bwo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 772cf4eddfedbbe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 206
Partial Content 16494291789562504aba5f866.ts Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 382 KB
382 KB 98ms
98ms XHR
video/mp2t 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: 6c90bfc07e47febe7dd92eb1bc86b7f67d54a6cbad30577c9efe629eeeb24a22

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=0-391039

Response headers

Date: Thu, 01 Dec 2022 15:46:38 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: "62e47d3b-113cda88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 0-391039/289200776
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 391040
Expires: Fri, 01 Dec 2023 15:46:38 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.ts
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 97ms
97ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:38 GMT
Expires: Fri, 01 Dec 2023 15:46:38 GMT
Server: nginx/1.20.1

POST
H3 200 logger Show response
analytics.vdo.ai/ 0
461 B 126ms
126ms XHR
text/html 2606:4700:e0::ac40:6803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 15:46:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TU%2BVkP5uI4oxPG9wqY5nVQavNiwRe1rhR4dvueM1sqWeCIljNXRp8STAY8qp%2FQMJvoSbSA4ARtMj%2F7CSxxT6DGy5JiXkkegwpCLpUvDbqabJ8%2FaLThh2AYChsk5lefKNZXuID%2BATvHJiwy3mtyfk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html
cf-ray: 772cf4f38b49cac1-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=9&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=53647229

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68630
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
850 B 899ms
835ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22794390700%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_exee_app_v_pre_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=3357649838289189&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909599346&cookie_enabled=1&scor=564852510553829&ged=ve4_td1_tt1_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=timing&_s=10&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=v-exee-app&utt=1195&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=486336820

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68630
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 16494291789562504aba5f866.ts Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 535 KB
536 KB 99ms
99ms XHR
video/mp2t 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: 4789bbdb5b984cd19fe9a91a4b0c23efdfcbf9a4f2c601c48be685536b065654

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=391040-939059

Response headers

Date: Thu, 01 Dec 2022 15:46:39 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: "62e47d3b-113cda88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 391040-939059/289200776
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 548020
Expires: Fri, 01 Dec 2023 15:46:39 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.ts
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 98ms
97ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:39 GMT
Expires: Fri, 01 Dec 2023 15:46:39 GMT
Server: nginx/1.20.1

GET
H/1.1 206
Partial Content 16494291789562504aba5f866.ts Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 449 KB
449 KB 98ms
98ms XHR
video/mp2t 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: 4484223cf5628ede7b85c5ae5bda2e353d6c1d770b8ee949b6889450180a6a6c

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=939060-1398343

Response headers

Date: Thu, 01 Dec 2022 15:46:39 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: "62e47d3b-113cda88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 939060-1398343/289200776
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 459284
Expires: Fri, 01 Dec 2023 15:46:39 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.ts
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 98ms
98ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:39 GMT
Expires: Fri, 01 Dec 2023 15:46:39 GMT
Server: nginx/1.20.1

GET
H/1.1 206
Partial Content 16494291789562504aba5f866.ts Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 297 KB
298 KB 99ms
99ms XHR
video/mp2t 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: 25f0e35c28e4878db049c1c478f65c003029343545fc1b615d6b42a6c02b9e72

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=1398344-1702903

Response headers

Date: Thu, 01 Dec 2022 15:46:40 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: "62e47d3b-113cda88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 1398344-1702903/289200776
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 304560
Expires: Fri, 01 Dec 2023 15:46:40 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.ts
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 98ms
98ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:40 GMT
Expires: Fri, 01 Dec 2023 15:46:40 GMT
Server: nginx/1.20.1

GET
H/1.1 206
Partial Content 16494291789562504aba5f866.ts Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 292 KB
292 KB 98ms
98ms XHR
video/mp2t 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: 139791cfcbf308d45485cb9d3a2b89c506d7bb57cef027263bc89ec06d5d647b

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=1702904-2001635

Response headers

Date: Thu, 01 Dec 2022 15:46:40 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: "62e47d3b-113cda88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 1702904-2001635/289200776
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 298732
Expires: Fri, 01 Dec 2023 15:46:40 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.ts
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 98ms
97ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:40 GMT
Expires: Fri, 01 Dec 2023 15:46:40 GMT
Server: nginx/1.20.1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=11&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1846568102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68631
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
144 B 475ms
458ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22794390700%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_exee_app_v_pre_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=834606187424841&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909600293&cookie_enabled=1&scor=2578298702789447&ged=ve4_td2_tt2_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 16494291789562504aba5f866.ts Show response
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ 344 KB
344 KB 98ms
98ms XHR
video/mp2t 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash: dc10e13e94364ecfea16030411185568d5eba65ac0230dbbe7357a1e72f96234

Request headers

Referer: https://exee.app/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=2001636-2353759

Response headers

Date: Thu, 01 Dec 2022 15:46:40 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Server: nginx/1.20.1
ETag: "62e47d3b-113cda88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 2001636-2353759/289200776
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 352124
Expires: Fri, 01 Dec 2023 15:46:40 GMT

OPTIONS
H/1.1 204
No Content 16494291789562504aba5f866.ts
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/ Frame 0
0 98ms
97ms Preflight
text/plain 15.235.42.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5011080.ip-15-235-42.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://exee.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Dec 2022 15:46:40 GMT
Expires: Fri, 01 Dec 2023 15:46:40 GMT
Server: nginx/1.20.1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=12&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=65995610

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68631
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
142 B 276ms
276ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22794390700%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_exee_app_v_mid1_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=425587349890676&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909600779&cookie_enabled=1&scor=4290032125360702&ged=ve4_td3_tt3_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=13&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=391764912

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68632
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
142 B 350ms
350ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22794390700%2FDFP_APAC_Parent_Second_AdBreak%2Fellipsis_dfp_v_exee_app_v_mid1_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=825659742781507&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909601064&cookie_enabled=1&scor=1298072843385414&ged=ve4_td3_tt3_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A7CD 52 KB
17 KB 56ms
9ms Document
text/html 88.221.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-189.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 01 Dec 2022 15:46:41 GMT
ETag: "623de86a-cf34"
Expires: Fri, 02 Dec 2022 15:46:43 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 96B4 52 KB
17 KB 55ms
8ms Document
text/html 88.221.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-189.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 01 Dec 2022 15:46:41 GMT
ETag: "623de86a-cf34"
Expires: Fri, 02 Dec 2022 15:46:43 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 4035 9 KB
2 KB 68ms
38ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef6982a2701c60054212c8d9285f52ba77b2c790099adf3d2c90ce47f296727

Request headers

Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://exee.app
cf-cache-status: DYNAMIC
cf-ray: 772cf5002db19b46-FRA
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 15:46:41 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 96B4
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
808 B

8ms
8ms

Script
text/html

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
AN-X-Request-Uuid: 721929a1-58a3-49f0-b920-ea2f025cc532
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
AN-X-Request-Uuid: 338f21cf-b3e0-497d-b6f1-4d5b9efc4a8d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame A7CD
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
808 B

20ms
13ms

Script
text/html

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
AN-X-Request-Uuid: 2f3e11e6-7b9c-42b0-9202-e67c01319b71
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
AN-X-Request-Uuid: e8d81712-37d3-402a-a5c8-7e6a7bd0525c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 4035 0
0 17ms
8ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4035 170 B
502 B 51ms
18ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=f73aec1c-4683-4f04-a6f1-9d4852c9c49e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7...

95 B
163 B

38ms
29ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f73aec1c-4683-4f04-a6f1-9d4852c9c49e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf5010f3b9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 01 Dec 2022 15:46:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=f73aec1c-4683-4f04-a6f1-9d4852c9c49e&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 4035 0
331 B 100ms
29ms Image
text/plain 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4035 70 B
265 B 115ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 4035 0
165 B 586ms
257ms Image
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 85
date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1669909602.766868,VS0,VE85
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-bog2260030-BOG

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 4035 0
411 B 503ms
113ms Image
text/html 2607:ae80:128:1::48
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:128:1::48 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4035 0
166 B 75ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286c1199-cce5-4f79-410b-5dfc6db2e9d4%26reqId%3D66c2424b-81e9-47f7-7e12-9a0bb531653d%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 01 Dec 2022 15:46:40 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=136...
https://mwzeom.zeotap.com/mw?cid=a7f4806f-d358-4996-a0f0-d0e073fe10a2&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

37ms
36ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=a7f4806f-d358-4996-a0f0-d0e073fe10a2&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf501d8c69b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=a7f4806f-d358-4996-a0f0-d0e073fe10a2&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=08725328554265342050819685915059699476&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-...

95 B
152 B

29ms
28ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=08725328554265342050819685915059699476&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf501983d9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WCrbYMWCSMY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=08725328554265342050819685915059699476&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 4035 0
324 B 182ms
33ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022120116-63412-0.494079001669909601-41af95897bf044fd0836ba2dc7506625&zdid=533&env=mWeb

95 B
152 B

39ms
36ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022120116-63412-0.494079001669909601-41af95897bf044fd0836ba2dc7506625&zdid=533&env=mWeb
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf501680e9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022120116-63412-0.494079001669909601-41af95897bf044fd0836ba2dc7506625&zdid=533&env=mWeb
Date: Thu, 01 Dec 2022 15:46:41 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7172207123590412443&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-...

95 B
152 B

36ms
35ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7172207123590412443&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf5016ff99b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7172207123590412443&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Date: Thu, 01 Dec 2022 15:46:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3 200 receive
pixel.tapad.com/idsync/ex/ Frame 4035 95 B
122 B 18ms
17ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=286c1199-cce5-4f79-410b-5dfc6db2e9d4

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=286c1199-cce5-4f79-410b-5dfc6db2e9d4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=286c1199-cce5-4f79-410b-5dfc6db2e9d4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=gVmx5h7vvFmqbeFLHgW.TO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47...

95 B
152 B

36ms
33ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=gVmx5h7vvFmqbeFLHgW.TO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf501a86c9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
last-modified: Thu, 01 Dec 2022 15:46:41 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=gVmx5h7vvFmqbeFLHgW.TO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 4035 0
84 B 68ms
11ms Image
text/plain 185.15.245.81
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2 404 tpid=286c1199-cce5-4f79-410b-5dfc6db2e9d4
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 4035 49 B
264 B 117ms
31ms Image
image/gif 63.32.97.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=286c1199-cce5-4f79-410b-5dfc6db2e9d4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-75.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.9.10
content-length: 49
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-AB4cMblE2ookR3_TCxEkjCkLnRvfE1qHOw--~A&zpartnerid=570&env=mWeb

95 B
152 B

32ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-AB4cMblE2ookR3_TCxEkjCkLnRvfE1qHOw--~A&zpartnerid=570&env=mWeb
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf502ba1f9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-AB4cMblE2ookR3_TCxEkjCkLnRvfE1qHOw--~A&zpartnerid=570&env=mWeb
date: Thu, 01 Dec 2022 15:46:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vfrjlNdCh463cWR2Cd0%2BXVve%2Ftx%2Bfp%2FM%2BS41iYitP1U%3D

95 B
152 B

43ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vfrjlNdCh463cWR2Cd0%2BXVve%2Ftx%2Bfp%2FM%2BS41iYitP1U%3D
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf50208f69b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vfrjlNdCh463cWR2Cd0%2BXVve%2Ftx%2Bfp%2FM%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 4035 43 B
356 B 61ms
18ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=286c1199-cce5-4f79-410b-5dfc6db2e9d4&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4035 0
338 B 148ms
31ms Image
text/plain 54.229.209.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.209.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-209-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by: beacon-n014-dub-prod.krxd.net
date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1669909601
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4035 95 B
361 B 48ms
13ms Image
image/png 162.55.236.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.225.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/png
date: Thu, 01 Dec 2022 15:46:41 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4jMYQAAtffWFwAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0...

95 B
152 B

35ms
35ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4jMYQAAtffWFwAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&_test=Y4jMYQAAtffWFwAZ
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf502fa7a9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-hhn4020-HHN
pragma: no-cache
date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669909602.746390,VS0,VE0
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4jMYQAAtffWFwAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&_test=Y4jMYQAAtffWFwAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=7cb96388-cc62-4800-9dc7-97f3578f2c4e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424...

95 B
152 B

24ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7cb96388-cc62-4800-9dc7-97f3578f2c4e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf5043d029b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 01 Dec 2022 15:46:41 GMT
Server: MT3 169 32252b7 master ord-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?cid=7cb96388-cc62-4800-9dc7-97f3578f2c4e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Dec 2022 15:46:40 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4035
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531...

0
337 B

32ms
32ms

Image
text/plain

54.229.209.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 54.229.209.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-209-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1669909601
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
date: Thu, 01 Dec 2022 15:46:41 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a016-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 4035
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410...

43 B
568 B

35ms
35ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&dcc=t

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 23291WPFX4640XW6PGYX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AV6JRNNTQZ9Q3QS186VD
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 4035 0
145 B 249ms
169ms Image
text/plain 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D286...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361

95 B
152 B

30ms
30ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf5030aa29b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
date: Thu, 01 Dec 2022 15:46:41 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame 4035 0
214 B 44ms
10ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4035
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%2...
https://mwzeom.zeotap.com/mw?cid=0ed36fba-617d-45f9-bab3-204372f0c6aa&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce...

95 B
152 B

56ms
56ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=0ed36fba-617d-45f9-bab3-204372f0c6aa&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf5034b2c9b46-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=0ed36fba-617d-45f9-bab3-204372f0c6aa&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
date: Thu, 01 Dec 2022 15:46:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 4035 95 B
152 B 34ms
34ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf502fa7e9b46-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 4035 557 B
470 B 45ms
43ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9089ee99bc66687edae4628eafe78b5bc20caa4846a62a2863fd8ca01b46ee3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772cf5008e809b46-FRA
access-control-allow-headers: *

GET
H2 204 cmp
spl.zeotap.com/ Frame 4035 0
0 36ms
35ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
cf-cache-status: DYNAMIC
cf-ray: 772cf500def89b46-FRA
date: Thu, 01 Dec 2022 15:46:41 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=14&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1972993362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68632
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
142 B 291ms
291ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22794390700%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_exee_app_v_mid2_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=2152212581220355&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909601425&cookie_enabled=1&scor=3972603925548914&ged=ve4_td3_tt3_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=15&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=187678313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68632
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
142 B 395ms
395ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22794390700%2FDFP_APAC_Parent_third_AdBreak%2Fellipsis_dfp_v_exee_app_v_mid2_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=2147901768648659&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909601725&cookie_enabled=1&scor=525529727630345&ged=ve4_td4_tt4_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=16&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=1977797945

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68633
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C5D1 156 B
142 B 302ms
302ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22794390700%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_exee_app_v_pre_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=3546817987678894&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909602128&cookie_enabled=1&scor=291720748468697&ged=ve4_td4_tt4_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 96B4 0
736 B 7ms
7ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:42 GMT
AN-X-Request-Uuid: e48a8b8e-cb68-4b82-8a5a-a0ae48924952
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A7CD 0
736 B 8ms
8ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 15:46:42 GMT
AN-X-Request-Uuid: 147694b1-fea3-46ca-bea4-ec8cdc821283
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=343296074&t=event&_s=17&dl=https%3A%2F%2Fexee.app%2FSamaraOliveira&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exee-app&_u=SACAAUABCAAAAAgCI~&jid=&gjid=&cid=1270600727.1669909598&tid=UA-113932176-41&_gid=2060067950.1669909598&gtm=2oubs0&z=78584291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:42:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68633
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exee.app

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
pubads.g.doubleclick.net/gampad/ Frame C5D1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22794390700%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_exee_app_v_pre_1&description_url=https%3A%2F%2Fexee.app%2FSamaraOliveira&tfcd=0&npa=0&correlator=160223097947855&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexee.app%2FSamaraOliveira&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&media_url=blob%3Ahttps%253a%2F%2Fexee.app%2Fecb29a15-2b3d-45e6-b39b-fffa3b951a7f&sid=98069FF2-2B7D-43A7-8234-D019FE4F8DDC&nel=0&eid=44748969%2C44754609%2C44765701%2C44777647&dlt=1669909597624&idt=734&dt=1669909602439&cookie_enabled=1&scor=4189967548291395&ged=ve4_td4_tt4_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exe.io/	1969-12-31 23:59:59	Name: AppSession Value: c6820b3b538872e9a5e15c447b5d41e6
exee.app/	1969-12-31 23:59:59	Name: AppSession Value: 9d2ec31240007a86b68b56735a3e0a6d
exee.app/	1969-12-31 23:59:59	Name: csrfToken Value: 80fc7a82982f3ea538fdff90592c04d9445794c3b90a5ab57c32a4ea130644b908a12c136ad0bee67cd384a5cd8e74f65df5f21ae097122e590effea862c8cad
fn.deulspoorn.com/	1970-01-20 07:53:15	Name: GL_UI4 Value: eJw9jVlugzAYhAGzNEpBHYkD5Ag4zUIeqx6ij8jYP8QN2JFxg3r7WpXap%2Fk0iyaKoqSuED9yBvYljtg1Z0mXVkkSh%2FashtMr50ei5jTs91wc%2Bgs2eum86CfyKZ5HMuS07KRVVOIlRH%2FOzdjVpMh6J4wqkc2hMZUoemfXhVzNkBoxE%2FL3q7NBs1l8WgfGmzawNoHjBoldalZtUHxoo8Kw2iLhTVXmEbb3SfjBurnTKo%2BRjU4oQvyGJyk8jdZ9o1C03Ly9A3ZS3X%2F%2F95etvEGu6KFlOLf%2BSu4H1E1K%2FA%3D%3D
fn.deulspoorn.com/	1970-01-20 07:53:15	Name: GL_GI10 Value: eJxNjMFOwkAURctUi1XE3ISw9gfaxBgS2SoEVyzYsJwM5dFOtPMmM09j%2FXorJMru5tyckySJmoyhrMf100M5n5Wz8nGOtCaGWiwxqvjDSei0My1huKLQGtchC1RbdlDrLW5OW1e8J1wulsUZO1rTNQdp7jeNdVRsKYpvzLs1uKisdMhfjYh1NTnkv%2BDUGfWd%2FyO10eP2hQMVz6Z627Ej5I5ER0%2B0R94%2FnoMRwviPHjtZiisbtQ%2F81WUD3Ilt6bu3NR8OkaRHg89M%2FQDutk%2Fn
pogothere.xyz/	1970-01-20 16:30:13	Name: csu Value: 529068833096998@1@1669909597
.exee.app/	1970-01-20 17:27:49	Name: _ga Value: GA1.2.1270600727.1669909598
.exee.app/	1970-01-20 07:53:15	Name: _gid Value: GA1.2.2060067950.1669909598
.exee.app/	1970-01-20 07:51:49	Name: _gat_gtag_UA_113932176_41 Value: 1
.exee.app/	1970-01-20 07:51:49	Name: _gat_gtag_UA_135952122_1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: MAB8HaE-_F8
.youtube.com/	1970-01-20 12:11:01	Name: VISITOR_INFO1_LIVE Value: bgN6gZFN-uo
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 17:27:49	Name: E Value: AGm5dSvRD8yu6tZE
.doubleclick.net/	1970-01-20 17:13:25	Name: IDE Value: AHWqTUn49boF3HXOH6nzQ0Cmt9ezuIDbuQyalCIQ_b4ccEY8obKWmpKOP6EsCZ_7Jp4
.zeotap.com/	1970-01-20 16:37:25	Name: zc Value: 286c1199-cce5-4f79-410b-5dfc6db2e9d4
.zeotap.com/	1970-01-20 07:53:16	Name: zsc Value: %9F%99%8Cb_%87%DCE%F7%E9%F1%C3%13%BD%12%8E%E4%7F%90%B9%F3CI8%01%F0%917%98z%AA%1D%CA%0A%F1-%16%17%ED%1FE%FBr%D9%12%A8%A5%0B%FC%19%CA8%BAM%92p%E9%D7%29P%12%E0q%CB%8B%92%D2%DB%B6%BEt1%3C%2C%92%84%3F%A9%D8%27%3E%5E%CD%8E%BA%DF%B7%5D%160%DA4%F5%8D%9C%C8%01%F5%A0W%B8%CD%3D%C5%CC%8A%BE%23%28%E7d9%5D%04%00%99%E6E%A1%97a%E1%0B%88%A2%8B%9C%3C%DAu%3EI%91%A5%A1%05%A7%DA%BA%7F%F4%03%03%86dk%291U%0C%7B%24%16q%0B%24%90%03%838%F2M%CF%0BP%AA%5E%5C%12%B7
.adnxs.com/	1970-01-20 10:01:25	Name: uuid2 Value: 326840434654418344
.tapad.com/	1970-01-20 09:18:13	Name: TapAd_TS Value: 1669909601395
.tapad.com/	1970-01-20 09:18:13	Name: TapAd_DID Value: f73aec1c-4683-4f04-a6f1-9d4852c9c49e
.tapad.com/	1970-01-20 09:18:13	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-20 12:11:01	Name: demdex Value: 08725328554265342050819685915059699476
.weborama.fr/	1970-01-20 17:17:44	Name: AFFICHE_W Value: 8-M75lZtOh3z81
.adfarm1.adition.com/	1970-01-20 10:01:25	Name: UserID1 Value: 7172207123590412443
.dpm.demdex.net/	1970-01-20 12:11:01	Name: dpm Value: 08725328554265342050819685915059699476
.tidaltv.com/	1970-01-20 16:37:25	Name: tidal_ttid Value: a7f4806f-d358-4996-a0f0-d0e073fe10a2
.tidaltv.com/	1970-01-20 16:37:25	Name: sync-his Value: "H4sIAAAAAAAAADM0Nja0sDK0MAIAOHaKdgkAAAA="
.agkn.com/	1970-01-20 16:37:25	Name: ab Value: 0001%3AqG1FbbejyYl5k7obXrr%2FL3GZZgAuALJc
.richaudience.com/	1970-01-20 10:01:25	Name: avcid-zeo-uid Value: 286c1199-cce5-4f79-410b-5dfc6db2e9d4
.krxd.net/	1970-01-20 12:11:01	Name: _kuid_ Value: PO2MYlER
.analytics.yahoo.com/	1970-01-20 16:37:25	Name: IDSYNC Value: 19ah~28lr
.yahoo.com/	1970-01-20 16:37:47	Name: A3 Value: d=AQABBGHMiGMCEH60QC7pOTebQ_F9I0M0oFUFEgEBAQEdimOSYwAAAAAA_eMAAA&S=AQAAAmzgmDe-hm_TTZ5duaQPiTQ
.everesttech.net/	1970-01-20 16:37:25	Name: everest_g_v2 Value: g_surferid~Y4jMYQAAtffWFwAZ
.bidswitch.net/	1970-01-20 16:37:25	Name: tuuid Value: 0ed36fba-617d-45f9-bab3-204372f0c6aa
.bidswitch.net/	1970-01-20 16:37:25	Name: c Value: 1669909601
.bidswitch.net/	1970-01-20 16:37:25	Name: tuuid_lu Value: 1669909601
.fwmrm.net/	1970-01-20 12:11:01	Name: _uid Value: "h8037_7172207123572216714"
.mathtag.com/	1970-01-20 17:17:44	Name: uuid Value: 7cb96388-cc62-4800-9dc7-97f3578f2c4e

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S2131170938%3A1669909597881245&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsntElPF6bdtrx-jjSOb2ZqvF88FbS6rGTe3G9DdSzw00ZTIDlLa9b3iDjACfXtwou8Mdjwwg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S16914024%3A1669909597867957&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtnxzRvmVZJSFECn_UsF4l9eeznYnd2ZnRgmd9HE4Y_HP7w59ljexZP5ByPe4stN5tmnWvRLw Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fightingcowardlycoffin.com/f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=286c1199-cce5-4f79-410b-5dfc6db2e9d4&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=286c1199-cce5-4f79-410b-5dfc6db2e9d4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=286c1199-cce5-4f79-410b-5dfc6db2e9d4&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=286c1199-cce5-4f79-410b-5dfc6db2e9d4&reqId=66c2424b-81e9-47f7-7e12-9a0bb531653d&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
adservice.google.com
analytics.vdo.ai
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
cdn.jsdelivr.net
cdntechone.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d3t87ooo0697p8.cloudfront.net
datatechone.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
exe.io
exee.app
fightingcowardlycoffin.com
fn.deulspoorn.com
fonts.googleapis.com
fonts.gstatic.com
h5.vdo.ai
ib.adnxs.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
labortiontrifee.com
loadeu.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
pbjs.e-planning.net
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pogothere.xyz
pubads.g.doubleclick.net
s0.2mdn.net
spl.zeotap.com
sync-tm.everesttech.net
sync.richaudience.com
sync.tidaltv.com
tags.bluekai.com
targeting.vdo.ai
terialnevitiesini.com
trc.taboola.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
pubads.g.doubleclick.net
104.21.24.51
139.45.195.253
142.250.186.98
15.197.193.217
15.235.42.79
151.1.205.165
151.101.130.49
162.55.236.225
172.255.6.139
172.64.172.27
184.30.20.207
185.15.245.81
185.172.90.251
185.64.190.78
192.243.59.20
212.82.100.182
2600:9000:2156:ba00:10:8cf5:4f00:21
2606:4700:10::6816:1857
2606:4700:20::681a:367
2606:4700:3036::ac43:9799
2606:4700::6810:5614
2606:4700:e0::ac40:6803
2606:4700:e0::ac40:6903
2607:ae80:128:1::48
2a00:1450:4001:802::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:827::200d
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:24:b002:d133:9dc2:a783:2cd2
2a06:98c1:3120::3
3.126.56.137
3.229.38.178
34.111.131.239
34.98.67.61
35.157.204.17
35.227.248.159
37.157.4.40
37.252.173.215
52.222.236.24
52.29.215.78
52.30.224.62
52.31.218.182
52.95.115.196
54.229.209.150
54.78.254.47
63.32.97.75
69.173.144.139
72.246.169.24
85.114.159.93
88.221.168.189
08b5f5e75b5ab0a5a8b658a281423e2f0af3ea3204edd66f14ad95e86f700c71
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c36925dbbfe2e79338f67182ff5dfaa03530de1f754a6713e2cbbe08e4b8712
0d981763db933058f1b28639140a9d1a682e613f1ccc56ffe830da094132bb4d
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
139791cfcbf308d45485cb9d3a2b89c506d7bb57cef027263bc89ec06d5d647b
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1e4aba5031a8c24a8bcf74e855ee47cb63ed828ca82e9c60f71e92f8886fcb82
2447221b681325078a06c218357c8e92588383f996d5af3abae9f4e4a2873b4d
25f0e35c28e4878db049c1c478f65c003029343545fc1b615d6b42a6c02b9e72
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b9e2b7f5c251c5b5490e5e8adbda9acdf687b74eb8d5a8d8f2ee1a0104bae3f
2ef6982a2701c60054212c8d9285f52ba77b2c790099adf3d2c90ce47f296727
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3a99fb4f4d8a4feffebc98781f0359bfd769661d970672dc47c913766880ebc4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
434df8c17121a24a67763fdb3559e801de74258b30fd927a5d0803e4243a28d5
4484223cf5628ede7b85c5ae5bda2e353d6c1d770b8ee949b6889450180a6a6c
4789bbdb5b984cd19fe9a91a4b0c23efdfcbf9a4f2c601c48be685536b065654
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4ef36c7fb595d9e325c5d15b8143c03774407dc5da6c9a77ff9160580136a46d
530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19
5b9fc37386561508e71a539d87f0c11495ca7d5fe00d3b6ab3d1f318248b8f6f
6807c34c780e7b6f8bc07601329d4f536d92d086767864589fb73273bd4459b1
69d4ef4bfc63c81803a97e3e44485df869e00932b094849f9e927db9323740c6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c90bfc07e47febe7dd92eb1bc86b7f67d54a6cbad30577c9efe629eeeb24a22
73a1c6120b36c8f825a9eb025638788a045227c87891e31523400c720bd7313c
813f3e262112289463813b904306788f2198b08df54837dcab7bc8f38e199403
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841e71c2a2d3dcfee139c5c05a2d3b95e7a4489dae42a102424d7b138d21ac65
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
9089ee99bc66687edae4628eafe78b5bc20caa4846a62a2863fd8ca01b46ee3c
97d876b0796d55e1a4d9dec67f958fd62674617e5417b92e4584c0397974e9d9
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0970ce58273d8536790110c1d83b0e931b3be4153b33befce4940fdbd5ab20a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a99fc9557f20ad09807af213442d400f9ecf436efc79264f875759d0bd268535
af04d7f17b30f3beb2c330f099297d98973e00f809b501cc361e424c4b45ca0b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5fd2b175f045a4dc14c221d5d84fc5d595481209f752fd4cc00054651ee0f75
cc41640dd72382f686ce37ae82b916bcb605c9deb6762bb179a3d57f318d02b2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
dc10e13e94364ecfea16030411185568d5eba65ac0230dbbe7357a1e72f96234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3db4a30f2e939340c829e889fedc57efe332f9d7d0810a343153526e047935a
f461e1e3fb47ce63a8d28c453253784cc233481904428c57a361fc93fd987327
f598127eaff64f97312f924cba7129e164c56b2895371ce39d9db5cecf2b743b
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f742ad0e706e90e8080a56cb002eb7b644d077aa73494ac4ba81cb4c117fdf07
fa24a9751c9d0739ddf643e38256dc39d51e581cabeb98b4f6347f0bef1b649a

exee.app Open in urlscan Pro 2606:4700:3036::ac43:9799 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

85 %HTTPS

38 %IPv6

50 Domains

60 Subdomains

45 IPs

9 Countries

3939 kBTransfer

7033 kBSize

38 Cookies

1 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exee.app Open in urlscan Pro
2606:4700:3036::ac43:9799 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

85 %
HTTPS

38 %
IPv6

50
Domains

60
Subdomains

45
IPs

9
Countries

3939 kB
Transfer

7033 kB
Size

38
Cookies

150 HTTP transactions
1 data transactions