exeo.app Open in urlscan Pro
2606:4700:20::681a:9e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://exe.io/fundamentos_color
Effective URL:
https://exeo.app/fundamentos_color
Submission: On June 06 via manual (June 6th 2023, 6:17:03 am UTC) from RU — Scanned from NL

Summary HTTP 131 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 36 domains to perform 131 HTTP transactions. The main IP is 2606:4700:20::681a:9e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is exeo.app. The Cisco Umbrella rank of the primary domain is 412304.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.

This is the only time exeo.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700:20:... 2606:4700:20::681a:9e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	172.255.6.253 172.255.6.253	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e2:... 2606:4700:e2::ac40:8d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.215.60 143.204.215.60	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:801::200d	15169 (GOOGLE) (GOOGLE)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2250:b200:6:78c5:6b40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:8c00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	52.18.254.139 52.18.254.139	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	64.74.236.159 64.74.236.159	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2600:9000:205... 2600:9000:2057:5000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
131	39

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:9e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

exeo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.253 (Netherlands)

ASN7979 (SERVERS-COM, US)

oo.onlapmynas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8d24 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thycantyoubelike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.215.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-60.fra53.r.cloudfront.net

nedukeration.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:b200:6:78c5:6b40:21 (United States)

ASN16509 (AMAZON-02, US)

d1ux93ber9vlwt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8c00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.254.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-254-139.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.159 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	153 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51	253 KB
14	google.com 5 redirects accounts.google.com — Cisco Umbrella Rank: 50 adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	4 KB
13	demand.supply live.demand.supply — Cisco Umbrella Rank: 39026	34 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 366	136 KB
6	exeo.app 1 redirects exeo.app — Cisco Umbrella Rank: 412304	205 KB
5	thycantyoubelike.com thycantyoubelike.com	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	96 KB
5	nedukeration.info nedukeration.info	6 KB
4	google.nl adservice.google.nl — Cisco Umbrella Rank: 13768	940 B
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27496	202 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	4 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2331	7 KB
3	cloudfront.net d1ux93ber9vlwt.cloudfront.net	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 826	530 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 402	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 556	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	109 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1552	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 797 id5-sync.com — Cisco Umbrella Rank: 429	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 995 bcp.crwdcntrl.net — Cisco Umbrella Rank: 871	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
2	exe.io 1 redirects exe.io — Cisco Umbrella Rank: 468562	12 KB
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13652	560 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 764	475 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 7300	233 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	571 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1448	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	896 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1445	2 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 25623	461 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 54633	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	47 KB
1	onlapmynas.com oo.onlapmynas.com — Cisco Umbrella Rank: 738835	1 KB
131	36

	Domain	Requested by
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com exeo.app 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
13	live.demand.supply	exeo.app live.demand.supply client
11	securepubads.g.doubleclick.net	exeo.app securepubads.g.doubleclick.net www.googletagservices.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com exeo.app www.googletagservices.com
7	cm.g.doubleclick.net	1 redirects 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
6	accounts.google.com	4 redirects exeo.app
6	exeo.app	1 redirects exeo.app
5	thycantyoubelike.com	exeo.app
5	nedukeration.info	exeo.app
4	www.google.com	1 redirects tpc.googlesyndication.com exeo.app
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.nl	securepubads.g.doubleclick.net
4	pogothere.xyz	exeo.app
4	fonts.googleapis.com	exeo.app securepubads.g.doubleclick.net 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
3	www.gstatic.com	exeo.app 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
3	d1ux93ber9vlwt.cloudfront.net	nedukeration.info
2	onetag-sys.com	1 redirects
2	eb2.3lift.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net exeo.app
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	exe.io	1 redirects exeo.app
1	googleads.g.doubleclick.net	exeo.app
1	im.bluevoox.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dsp.adkernel.com	81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	mug.criteo.com	exeo.app
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	datatechone.com	cdntechone.com
1	www.facebook.com	exeo.app
1	cdntechone.com	exeo.app
1	www.googletagmanager.com	exeo.app
1	oo.onlapmynas.com	exeo.app
131	46

This site contains links to these domains. Also see Links.

Domain
exe.io
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-27` - `2024-01-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
exe.io Cloudflare Inc ECC CA-3	`2023-02-21` - `2024-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
oo.onlapmynas.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
nedukeration.info Amazon RSA 2048 M01	`2023-04-16` - `2024-05-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
thycantyoubelike.com GTS CA 1P5	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-15` - `2023-06-13`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://exeo.app/fundamentos_color
Frame ID: 8C6ADE094FD52BE6AEE6DA18EB39F926
Requests: 68 HTTP requests in this frame

Frame: https://nedukeration.info/OTVLMzhYVyheB1gIKRVNS1l2Fgp/EHl1XAhAMwoLW1A5Ck5VQj8dW1VaPldeS1olRxZXUD8WCn9NGlhUa1cDUFBzX3N4a31sLH1uf2Uoe0xSbSB9U3BMAnd/bX97cWpWWA1KTFFzCGZoX108ZG1tbDF9bn99EXBtTnQjcR0LcylJaXpzAwoMXUJ7Z3FxZydgX3RMAVlIa3IxekBzdzxSdW10IHFufAYAdE97cg9UX2lkCmRiCkYTZG5VTCl0dlptMWZfaUIsanZtRXtrU1pGG2tqXGd4fQ1fBDNgW2hBe2tTWgQCdwFYZHlXDnwFJ3VbU3MlZH4MWy4BFXx7CUlxVXsJQGtwdgIHf39/PHcKa1MadEAPb3tfflpYDgV6eHg9eWBrUAV0XA5sGnJdcmYzA2BSVid/fHB9DHRMSmx6RG1yXzgWCnt0GXlWXE0vV2pXbyVqbXN2L2tIUmQgBkFbcgVQenp4PX56DVARAEthYh5hCWMHAVJtbVF7ankfXzhcVkkIH0VpbFd7S2p0AgZJ
Frame ID: 0F6761A425B9921609197B9FDDB20AD7
Requests: 2 HTTP requests in this frame

Frame: https://nedukeration.info/bHp3Q2ENGBQuXg1HFWUUHhZKZlMqX0UFBV0PD3pSDh8FehcADQNtAgAVAicHHhUZN08CHwNmUyorORcFPSAbCTY7PkMCAzk8Eg0nGAszElQHIkUaNTQpOgkxKS88CzItOSUoJFw/NhEXKAItAisHQyMhNzZKIBU4SUg1AjZULiIpVSoYABIzISs+NCItNEUGCCYbLwRRJzMcciIlOwQrNSkzQhIiCC80KVEmMTE7Azw7E3AjXzwbECYlKzUUIyMwITs7IjscLzMEMB4VCxQ4Mi4rOyMAFjs1PzkrBRQwHhUIOhkgFDs/HgAZUAgsJSo1PTwcF1IPMjU5TCktPi8NPzAADhY0FkMoMF44DQIMIigRAjguHiERCCQsAHckBkMtBgwlFhM0AiQqNntUOTg9KjcGLCYVJR8wEjsgKiM2Flc+SxB6IF8ZPyA2KiItKxIkHBsNDS4dPWZTLiJFCjAuLTYVLF00IAoGVUk1cCcALCAWAy49LQIrGx0wZQsfFRkzXCE8JzAXCAwhGVkq
Frame ID: 55CDB0FB5AD0F3839CE2EFDA8322CFF8
Requests: 2 HTTP requests in this frame

Frame: https://nedukeration.info/UE9XU1cxLTQ+aDFyNXUiIiNqdmUWamUVM2E6L2pkMiolaiE8OCN9NDwgIjcxIiA5J3k+KiN2ZRYFDRQzBy49Gh8TCzAeEwIOGB47MwQCFQU7FxYdFBQcAhUPEh02Ay0aFhU0AggGAjARACINNTISfzMWAigIHzQZIhg/Ah4SJTAdE2AGFBwWOx8BBhJjCzsRDQV8FjUCYSQcHAUSLRQSJGMbIBI+BSE/MhFhFQ81P2EtFDQaZQcCFRUGGA4WBTsJAQk7IwwEPzMqGA8RFQYYDjcAJz8FCjxoDR04HTsYPCMEBXxuAxYWHhAZPyAqFgEWKgwROBkVfHodDjQJEQYOBR4VBjwaJAA7OAALLhofCCQRBREFdxYFFiNqZRUWBisVBQAJAQEkNB0AAh4PBiM0YhY7DhsQPR4fFhAdBxVmZzQGCjs5DwEJBQAAaS4RYg0IBQYnAhIdAnZlFhsgEj4FIgE3HxYrBTAVaB8BAnE6PDg9J20mDzk1Mg4cJjYJf2IZLioI
Frame ID: 7884404D7941FABBB72F87EA310FD73A
Requests: 2 HTTP requests in this frame

Frame: https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
Frame ID: 1D28068AA6EA0589678D58D4B9D6F03F
Requests: 3 HTTP requests in this frame

Frame: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F49CE1CC2093F9759FF31F1D791152F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=exeo.app
Frame ID: 08DA5CC70CDD41189BACB628A1FF9B02
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk490grGWhtjdX9ndNeux1wT3w3KrB_FPjDLs4FrpGJGLGeGQ9rrCB9KDNxtSbzMH8cqtI1kbR5mIBQuuaBw7sy-lge6A7hKhMqsS2qKvUutCdLehapO2fSO6zEguWztc2dqekSZXX1csdvPoDfmrXNLupCgs9DI493X0qoG6AQZ2rwbuVuUG19UaMdYvAe3b4aK5ValkFLwtwxXWx11-A_-8YlgLziHsgnhjC2ToEdurrK-GCOAZknuPKYT9Pn8EkY3odRpvpnNqdNintDQo-_nwC6gixfXhHamNwr5HzpEp141BJL0glITKlDu81bAcZGmoo&sai=AMfl-YQ4_NcZDG1_ZJWYkY1iKe9X9WLR8HA2ItoVAvZLeqW3WwuBcbQ_7SzUdNLxntVOog1_Jc_HxUUK8MrWuhmOI-vL-CYzibhEu-QD7fjFXaJGsGTJBc6GiT917iAlU-Y9pf3w_9Cgz6GKQqMkE9tu&sig=Cg0ArKJSzOXDijxiWVyLEAE&uach_m=[UACH]&adurl=
Frame ID: 1D373D960F64ED2B4000288EDF31E689
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 41578BA2A9D7BB1500EC227BE6C66E3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2375359B68C3D3BC9AFB6D20FD17542
Requests: 2 HTTP requests in this frame

Frame: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A34F097EDB8EB397F2DCE077D04FB4E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022305221508000/amp4ads-v0.mjs
Frame ID: 1CE0CA75B5DE8C2BFB3E6153396E9056
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Frame ID: AC58B3127E0F72F6C20BEE6F0E10E150
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D53A8EBD685983C6FDFA4C448902728C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js
Frame ID: 78E0F83AD08C10D7B3D5BC036AFBFB6B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Page URL History Show full URLs

https://exe.io/fundamentos_color HTTP 302
https://exeo.app/fundamentos_color Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

131
Requests

91 %
HTTPS

60 %
IPv6

36
Domains

46
Subdomains

39
IPs

6
Countries

1346 kB
Transfer

3585 kB
Size

22
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://exe.io/
Title: exe.io

Search URL Search Domain Scan URL

URL: https://exe.io/auth/signup
Title: https://exe.io/auth/signup

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://exeo.app/fundamentos_color&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://exe.io/fundamentos_color HTTP 302
https://exeo.app/fundamentos_color Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFHLA9zSUhxlrbHLm9G1942aRIyvgFUC6kWN-EmyQzBFXEdSYtpkPpaPKa2EfcqucD3rsQdcQ HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1811910027%3A1686032217479062&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneGct33WmybrIITe7W0rmt_RrVIN1KhxVa3cZ8eMMnO-LQkjWpAkBifJn9B_SbxFSmLHT2CHaA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 21

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGVUP1shgCoBL68yUpB-bmJZ8WJRSXRaQcIzW_r9b7NsUf_e4As_ECFQlHdvHeYr9SRcmD0mA HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-871946444%3A1686032217571848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFFUig3DmKOzfapOAyN5BJaj8IWINgAdgrKHk6n0IIsOXhINhH_IZ6WDbIR2-9aiIAFacsUYw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 24

https://exeo.app/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

Request Chain 56

https://gum.criteo.com/sid/json?origin=publishertagids&domain=exeo.app&sn=ChromeSyncframe&so=0&topUrl=exeo.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hdioXnxUODB1SGFPYWVuSms5NzgveGJUalQwdVk4SFB6WjNva1FMTFhoekVmejNjNTZHdVJ4K0hpT3h1TUpYRzUxS2FIbFFCS3liMjhlODBSWjUrb3JPRDRYZzdadW9aQ09kYzBUamE3SGQwNU1xamp1eVFKWTVORnpoa0kxZGFiUGphWllLQVVEeEQzeG5Kd2xXWFlpSG43WkhPVGdzZWlYTkFzV1hZQ3pFM2hRblJsdWxCcFZPSTlhODFFRG9MQUcwVHF2OENZSlNZTkRjVk1SRWtNVHZqUTN4ajA1TG9nOWRLWGhva2grU0x2MlRNNlFtOEFYc2N1REt0N1VhSWZjaGpHZVNSY01ReHYzU3Z3N0NsVnduTytUZz09fA&cppv=2

Request Chain 120

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJRz4IMMZ9WJcPt-m-d2RyE&google_cver=1&google_push=ATf1kGPA_4HypwN1IBmjB4hSIg5Jy_5WdMV7tmLXJD6YsDYs7zXK1_iQaNmCcwZm3w-7EYfQCE9qFru5Ch83yFXwK3Fa8q5ysJQcOZ4lq5-W6eKR4k8eR-4mDiiYyBtTvFjLThHs6c127kA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRz4IMMZ9WJcPt-m-d2RyE&google_push=ATf1kGPA_4HypwN1IBmjB4hSIg5Jy_5WdMV7tmLXJD6YsDYs7zXK1_iQaNmCcwZm3w-7EYfQCE9qFru5Ch83yFXwK3Fa8q5ysJQcOZ4lq5-W6eKR4k8eR-4mDiiYyBtTvFjLThHs6c127kA

Request Chain 121

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMFFE7z1VpoM_MG9xuxG8Vc&google_cver=1&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3CbjobFn8L9gBriDlrPS8HNEtQpTdzUiynIdB72KnFdxaeT6BvWmcaHVgOZFI HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMFFE7z1VpoM_MG9xuxG8Vc&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3CbjobFn8L9gBriDlrPS8HNEtQpTdzUiynIdB72KnFdxaeT6BvWmcaHVgOZFI&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3CbjobFn8L9gBriDlrPS8HNEtQpTdzUiynIdB72KnFdxaeT6BvWmcaHVgOZFI&google_hm=MnBNN2tyV3RvWll1RGVJbFJMX00=

Request Chain 123

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECBHKfJd2hPhVpGL4dYb7o0&google_cver=1&google_push=ATf1kGPluKy1Y9q186YX-gJviJsbUijFO_itIEEqb5sX-QB-Zf9B6eamVo0hybH7k-XtTKy91y8fV9mhB5rtW3xZhiFA3yrWCmBFe3Nrfvrp0tdbmB29TRiqYYr8y0YXUNly_waiQXRPCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPluKy1Y9q186YX-gJviJsbUijFO_itIEEqb5sX-QB-Zf9B6eamVo0hybH7k-XtTKy91y8fV9mhB5rtW3xZhiFA3yrWCmBFe3Nrfvrp0tdbmB29TRiqYYr8y0YXUNly_waiQXRPCQ

Request Chain 124

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENVk_LSkwAZmO7Mc2lPEnt4&google_cver=1&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg3aQ5tWCU_WhdjQfzDzk84uHxwOz7iApWEqFqfrFZrAlCM HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg3aQ5tWCU_WhdjQfzDzk84uHxwOz7iApWEqFqfrFZrAlCM&google_gid=CAESENVk_LSkwAZmO7Mc2lPEnt4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NjAxODUwOTY2NTkxNjU4MDMwMA%3D%3D&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg3aQ5tWCU_WhdjQfzDzk84uHxwOz7iApWEqFqfrFZrAlCM

Request Chain 125

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMnaIGCZhN9EL8JBMdO3u_o&google_cver=1&google_push=ATf1kGN-FuiLAijaxqaQxhSssutxQJk2-Zu_ezOgyobE2zSGkriVH7lFrpLq9uvK0KV9YuYKJBXmSrnaWOyCXWfxBEwuZ9mR-vp7401YNoVKJ-os_trZpbSdpmDEKXb57OVsKXGu2ylhv98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGN-FuiLAijaxqaQxhSssutxQJk2-Zu_ezOgyobE2zSGkriVH7lFrpLq9uvK0KV9YuYKJBXmSrnaWOyCXWfxBEwuZ9mR-vp7401YNoVKJ-os_trZpbSdpmDEKXb57OVsKXGu2ylhv98&google_hm=QlMuNTUzYy1mM2E4LTRiMjgtODE3NQ==

Request Chain 126

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAosOwBoA0Ml8JYpdvUNdyE&google_cver=1&google_push=ATf1kGPvZRcn-EeMCatUvWFnJbcuCVtM50aqJBBhXDKFWEpxEuKl_mDduwgo2OO_to0qWnlfsvfePSevAjN40z8vXUNv_kNBRNAsbftGV-pTVzgbEtH2oX9jl7Kn0gl49Lnd42I-lW86goc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPvZRcn-EeMCatUvWFnJbcuCVtM50aqJBBhXDKFWEpxEuKl_mDduwgo2OO_to0qWnlfsvfePSevAjN40z8vXUNv_kNBRNAsbftGV-pTVzgbEtH2oX9jl7Kn0gl49Lnd42I-lW86goc HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

131 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fundamentos_color Show response
exeo.app/
Redirect Chain

https://exe.io/fundamentos_color
https://exeo.app/fundamentos_color

583 KB
149 KB

304ms
240ms

Document
text/html

2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30e4ac01475ec8c24b8fb173cc994f4453cb361a99b404637a369d8425af6b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d2e878af8735c6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Jun 2023 06:16:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwVCRTptt8cZub%2B%2FBWnfWViW%2BDG92tVvxWhkyuTeOBaYZ%2B9X%2B0Y1ZOPq0N1y2sGglLw36%2Buf11BpAI3g6aHOyAuKL%2F8D2cl770QKvvtsoD8OqL88cN1mB0D0zy8yN3XqY6WeYwgZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d2e8789fb9a1cbd-FRA
content-type: text/html; charset=UTF-8
date: Tue, 06 Jun 2023 06:16:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://exeo.app/fundamentos_color
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJlIfsy%2ByLOLCo4bm7dveDDdhJpcKgqgL2ip1h4TJBnUqrba0mIiASSl%2FFC7bylEcWOa7rS25IVszsVMVLcN4hTmYoQbnr7CbetIGwwzrg0SBpVar65fSbYJEIQ4ZDMsvE3KOkM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 155ms
104ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 04:41:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 06:16:57 GMT

GET
H2 200 continue.css
exeo.app/css/ 179 KB
41 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exeo.app/css/continue.css

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23998750e040d16d7cdcc67be18f2c98db45cc55e098f1548107d04a4666d6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/fundamentos_color
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1540876
cf-polished: origSize=211688
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 17:28:40 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc%2FYysi1JpS4U%2FSoYz5QTRdnpAF%2BWB4SilFMe8fWtUvFQDqvuo8KFynSuv1UmfScu6o6STgsKUvvkhXl6Tq5%2BqZJoFe1qE7uvZaiCueHLiRiHAygCyV3GUhRrlJpvCaEGfG22NlG"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7d2e878c8a345c6e-FRA
expires: Sun, 18 Jun 2023 10:15:41 GMT

GET
H2 200 logo_sm.png
exe.io/img/ 11 KB
11 KB 29ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exe.io/img/logo_sm.png

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9082710
alt-svc: h3=":443"; ma=86400
content-length: 10989
x-xss-protection: 1; mode=block
last-modified: Sun, 28 Mar 2021 18:01:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTKNhBBp5LQPU4N%2BAggXCGXLTbAddi%2FKk6%2Bn%2FnwBRj9%2BSWGaPzdafU0hISXQ1oUpygmwa0c6d9tdh5%2Fd6qL0%2Bwq16ufEs1iHOfjsLiwd7EUkJNJ6NanO3cubj8%2FyEXbMZmmKmVs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7d2e878cdf161cbd-FRA
expires: Wed, 21 Feb 2024 03:18:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 149ms
98ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a858d262dc6315f4cfb75899f5cb0c4409432835ccdc90b1d90104bb79544ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25224
x-xss-protection: 0
server: cafe
etag: 904 / 19514 / m202306010101 / config-hash: 435238587681776568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 06:16:57 GMT

GET
H/1.1 200
OK 29529 Show response
oo.onlapmynas.com/1clkn/ 6 B
1 KB 110ms
22ms Script
application/javascript 172.255.6.253
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://oo.onlapmynas.com/1clkn/29529

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.253 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 06:16:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
47 KB 88ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

946c3fab403476057b0ecf16b979cbd776983ca6e93af0b7742e38914e04e860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47446
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jun 2023 06:16:57 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 222ms
162ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3807505d144858c5849579d34b8fd8da69afad01292bc59e1fa516e850b1399

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H26P0D9FY08ZRHBZ7XA80N81
date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 296
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"88831c550ff1a3dea2c787ca9ec25895-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7d2e878e08409b52-FRA
link: <https://live.demand.supply/impl.v16.13.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/ZXhlby5hcHAv>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 stattag.js Show response
cdntechone.com/ 18 KB
8 KB 93ms
31ms Script
application/javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7002
etag: W/"646736c9-4859"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnllaK5J5Yh1hagewGK%2BjSAih%2FpYZ4BCakkgWaved9ZJ%2FFVWq7u2Ly7vZ4B93p2NYrGK2gJ2j6roz3RuZWWn7VRgsfo%2BwhT2i%2F949ka1y5yoRYgylylLpb%2FRmKqgk71OEp6xHsNW9%2BXzFpZDng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d2e878e1c6e3a97-FRA
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 114ms
59ms Fetch
binary/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1346
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Jun 2023 05:54:31 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5q6OvM5hrRt89W1fSgm4HQx%2Bjc8ERnYzMFu7dOjYRXkUqt9CIkKuZxZxooKk%2Fa%2BcK81SyhFNaqfZ6h0J%2FFxKSroUIZ3mkmNq%2BLU4%2BEbWi%2F0k%2FCn5MJIJfGJwex2EwrG"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7d2e878e3fe92bcb-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
364 B 180ms
125ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ff1923a8ad8f22a2fe9540bc9a68b2400867ccbd338d8148d2f31784e14795

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ijd3kmeTsN5avVJGn47f4ONPV8uFHM0iqnG3NVteCgx69vNB3f9xidyufv0z8cCS778UBYya6XAAQYye6p39KZurfcILd%2FjepZ8M7NQcQI3EcuRGFzsDqKDN1tA32cM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exeo.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7d2e878e3feb2bcb-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
nedukeration.info/ 0
534 B 192ms
121ms XHR
text/plain 143.204.215.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeration.info/utx?cb=F3BMs9ss3njo&top=exeo.app&tid=822524
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-60.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:57 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: nLR_ft9KDMV3R9Oq4I3GkVAAGmPyQikrtMtSbq5DXHPMWjdV7GnKgA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 104ms
30ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exeo.app
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 280513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 00:21:44 GMT

GET
H2 200 fHB9DHRMSmx6RG1yXzgWCnt0GXlWXE0vV2pXbyVqbXN2L2tIUmQgBkFbcgVQenp4PX56DVARAEthYh5hCWMHAVJtbVF7ankfXzhcVkkIH0VpbFd7S2p0AgZJ Show response
nedukeration.info/OTVLMzhYVyheB1gIKRVNS1l2Fgp/EHl1XAhAMwoLW1A5Ck5VQj8dW1VaPldeS1olRxZXUD8WCn9NGlhUa1cDUFBzX3N4a31sLH1uf2Uoe0xSbSB9U3BMAnd/bX97cWpWWA1KTFFzCGZoX108ZG1tbDF9bn99EXBtTnQjcR0LcylJaXpzAwo... Frame 0F67 3 KB
2 KB 158ms
118ms Document
text/html 143.204.215.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeration.info/OTVLMzhYVyheB1gIKRVNS1l2Fgp/EHl1XAhAMwoLW1A5Ck5VQj8dW1VaPldeS1olRxZXUD8WCn9NGlhUa1cDUFBzX3N4a31sLH1uf2Uoe0xSbSB9U3BMAnd/bX97cWpWWA1KTFFzCGZoX108ZG1tbDF9bn99EXBtTnQjcR0LcylJaXpzAwoMXUJ7Z3FxZydgX3RMAVlIa3IxekBzdzxSdW10IHFufAYAdE97cg9UX2lkCmRiCkYTZG5VTCl0dlptMWZfaUIsanZtRXtrU1pGG2tqXGd4fQ1fBDNgW2hBe2tTWgQCdwFYZHlXDnwFJ3VbU3MlZH4MWy4BFXx7CUlxVXsJQGtwdgIHf39/PHcKa1MadEAPb3tfflpYDgV6eHg9eWBrUAV0XA5sGnJdcmYzA2BSVid/fHB9DHRMSmx6RG1yXzgWCnt0GXlWXE0vV2pXbyVqbXN2L2tIUmQgBkFbcgVQenp4PX56DVARAEthYh5hCWMHAVJtbVF7ankfXzhcVkkIH0VpbFd7S2p0AgZJ
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-60.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b2f6c87dd526014f1ff13316715936f55146885c78603bf34a4bb0e108fac792

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1233
content-type: text/html
date: Tue, 06 Jun 2023 06:16:57 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-id: 5kHc0q1v8l9LUIkh6zslt7Ro2IJ7lzsQdzJR5p3c4ai_IRtqjWiHGA==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 44ms
33ms Fetch
binary/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1346
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Jun 2023 05:54:31 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9k815tJM8feDw7Hyx5eL3SAv7T7hybOjNUjiXBK4lAdaIsBmIL%2BEfYqxJ4q8ts%2Ft84k6HC%2FT7G9LAC2ihOVXuK%2F8dDdx7QRF2HdVpes%2FL8sHP1E3fvdkPHwENxGIOnu"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7d2e878e3fee2bcb-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
349 B 138ms
128ms Fetch
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd50645a84d8f30b0ac5a706084d685df9d5b5d4d0c115557468e28560df599

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfAmEUCKkM0gnIKaAcyXKhZ9J5%2FLmgVIcJljmOQjev6UkLxwtA94Z8A3XFS8f9Z5e059YFEW507IP2Nm%2Fv%2Bt2y1CtfAeAbrYk4c1wotFmm2XOYpP8kQYrIj%2B4TSOsPwA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exeo.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7d2e878e3fed2bcb-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
nedukeration.info/ 0
533 B 243ms
216ms XHR
text/plain 143.204.215.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeration.info/utx?cb=ygsJwR5zCT0K&top=exeo.app&tid=889494
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-60.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:57 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: qFHOtu1n5Fm6piO_eVXGa0cSftUqvEPk2feGF-ZVzbyqP5FwBHroiA==

GET
H2 200 HgAZUAgsJSo1PTwcF1IPMjU5TCktPi8NPzAADhY0FkMoMF44DQIMIigRAjguHiERCCQsAHckBkMtBgwlFhM0AiQqNntUOTg9KjcGLCYVJR8wEjsgKiM2Flc+SxB6IF8ZPyA2KiItKxIkHBsNDS4dPWZTLiJFCjAuLTYVLF00IAoGVUk1cCcALCAWAy49LQIrGx0wZ... Show response
nedukeration.info/bHp3Q2ENGBQuXg1HFWUUHhZKZlMqX0UFBV0PD3pSDh8FehcADQNtAgAVAicHHhUZN08CHwNmUyorORcFPSAbCTY7PkMCAzk8Eg0nGAszElQHIkUaNTQpOgkxKS88CzItOSUoJFw/NhEXKAItAisHQyMhNzZKIBU4SUg1AjZULiIpVSoYABI... Frame 55CD 3 KB
2 KB 130ms
125ms Document
text/html 143.204.215.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeration.info/bHp3Q2ENGBQuXg1HFWUUHhZKZlMqX0UFBV0PD3pSDh8FehcADQNtAgAVAicHHhUZN08CHwNmUyorORcFPSAbCTY7PkMCAzk8Eg0nGAszElQHIkUaNTQpOgkxKS88CzItOSUoJFw/NhEXKAItAisHQyMhNzZKIBU4SUg1AjZULiIpVSoYABIzISs+NCItNEUGCCYbLwRRJzMcciIlOwQrNSkzQhIiCC80KVEmMTE7Azw7E3AjXzwbECYlKzUUIyMwITs7IjscLzMEMB4VCxQ4Mi4rOyMAFjs1PzkrBRQwHhUIOhkgFDs/HgAZUAgsJSo1PTwcF1IPMjU5TCktPi8NPzAADhY0FkMoMF44DQIMIigRAjguHiERCCQsAHckBkMtBgwlFhM0AiQqNntUOTg9KjcGLCYVJR8wEjsgKiM2Flc+SxB6IF8ZPyA2KiItKxIkHBsNDS4dPWZTLiJFCjAuLTYVLF00IAoGVUk1cCcALCAWAy49LQIrGx0wZQsfFRkzXCE8JzAXCAwhGVkq
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-60.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f166a0339150b2a4d8fe1aa2d47d474e5e3db9410c8aae1a884c6e32692ce289

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Tue, 06 Jun 2023 06:16:57 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-id: n2u3OJkX9gpfESAoVMp45pB9IsWxZsQCFVfM4QlVbE_3htyU47G-5A==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 MhFhFQ81P2EtFDQaZQcCFRUGGA4WBTsJAQk7IwwEPzMqGA8RFQYYDjcAJz8FCjxoDR04HTsYPCMEBXxuAxYWHhAZPyAqFgEWKgwROBkVfHodDjQJEQYOBR4VBjwaJAA7OAALLhofCCQRBREFdxYFFiNqZRUWBisVBQAJAQEkNB0AAh4PBiM0YhY7DhsQPR4fFhAdB... Show response
nedukeration.info/UE9XU1cxLTQ+aDFyNXUiIiNqdmUWamUVM2E6L2pkMiolaiE8OCN9NDwgIjcxIiA5J3k+KiN2ZRYFDRQzBy49Gh8TCzAeEwIOGB47MwQCFQU7FxYdFBQcAhUPEh02Ay0aFhU0AggGAjARACINNTISfzMWAigIHzQZIhg/Ah4SJTAdE2AGFBw... Frame 7884 3 KB
2 KB 204ms
203ms Document
text/html 143.204.215.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeration.info/UE9XU1cxLTQ+aDFyNXUiIiNqdmUWamUVM2E6L2pkMiolaiE8OCN9NDwgIjcxIiA5J3k+KiN2ZRYFDRQzBy49Gh8TCzAeEwIOGB47MwQCFQU7FxYdFBQcAhUPEh02Ay0aFhU0AggGAjARACINNTISfzMWAigIHzQZIhg/Ah4SJTAdE2AGFBwWOx8BBhJjCzsRDQV8FjUCYSQcHAUSLRQSJGMbIBI+BSE/MhFhFQ81P2EtFDQaZQcCFRUGGA4WBTsJAQk7IwwEPzMqGA8RFQYYDjcAJz8FCjxoDR04HTsYPCMEBXxuAxYWHhAZPyAqFgEWKgwROBkVfHodDjQJEQYOBR4VBjwaJAA7OAALLhofCCQRBREFdxYFFiNqZRUWBisVBQAJAQEkNB0AAh4PBiM0YhY7DhsQPR4fFhAdBxVmZzQGCjs5DwEJBQAAaS4RYg0IBQYnAhIdAnZlFhsgEj4FIgE3HxYrBTAVaB8BAnE6PDg9J20mDzk1Mg4cJjYJf2IZLioI
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-60.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 165e871ee8053bed9e5cfd101e9a39b816f3dff32936be23bfde205621958ab7

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1222
content-type: text/html
date: Tue, 06 Jun 2023 06:16:57 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-id: AH1vv5wFf4F3byCpy_mPf6H-PrwH945gx80DbaIcbVgIyXeVKGP-mQ==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 204 AF0EZWwCQRljZEROBnc2QRJQbHMXA0MlLgxCAWl0AUAFY3MGQQNm
thycantyoubelike.com/UUIxczd+fVIAChxzcEJWBwNyKXYDG2gicTgDXQtHExVaO2IWKRcHXjV/CUEFZHAFVUc4JgxCESI2UAdCIn8AVV4/JF5OESd/ 0
397 B 177ms
113ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thycantyoubelike.com/UUIxczd+fVIAChxzcEJWBwNyKXYDG2gicTgDXQtHExVaO2IWKRcHXjV/CUEFZHAFVUc4JgxCESI2UAdCIn8AVV4/JF5OESd/AF0EZWwCQRljZEROBnc2QRJQbHMXA0MlLgxCAWl0AUAFY3MGQQNm
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLRogdO03ZiDDb4cGsziQKcMnJ%2BW%2BxQ1V2w0pE2TAqxFJlb%2Bsxh6u3iAnK1Bk0o79Ozx48AmbgmuJnquamYCEoVHMy%2F73S8ftiVtv4BYs6veFnIGneAAzjQhXGkud%2Bq2O3pl4ulThw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d2e878eb8cc18db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 168ms
124ms Image
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFHLA9zSUhxlrbHLm9G1942aRIyvgFUC6kWN-EmyQzBFXEdSYtp...
https://accounts.google.com/v3/signin/identifier?dsh=S-1811910027%3A1686032217479062&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneGct33WmybrIITe7W0rmt_RrVIN1KhxVa3cZ8...

0
0

69ms
65ms

Image
text/html

2a00:1450:4001:801::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1811910027%3A1686032217479062&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneGct33WmybrIITe7W0rmt_RrVIN1KhxVa3cZ8eMMnO-LQkjWpAkBifJn9B_SbxFSmLHT2CHaA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H3
Server: 2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Tue, 06 Jun 2023 06:16:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ugheDGItyDlLbKC7VeDJCA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1811910027%3A1686032217479062&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneGct33WmybrIITe7W0rmt_RrVIN1KhxVa3cZ8eMMnO-LQkjWpAkBifJn9B_SbxFSmLHT2CHaA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGVUP1shgCoBL68yUpB-bmJZ8WJRSXRaQcIzW_r9b7NsUf_...
https://accounts.google.com/v3/signin/identifier?dsh=S-871946444%3A1686032217571848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFFUig3DmKOzfapOAyN5BJaj8IWINgAdgrKHk...

0
0

197ms
197ms

Image
text/html

2a00:1450:4001:801::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-871946444%3A1686032217571848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFFUig3DmKOzfapOAyN5BJaj8IWINgAdgrKHk6n0IIsOXhINhH_IZ6WDbIR2-9aiIAFacsUYw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H3
Server: 2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Tue, 06 Jun 2023 06:16:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NhYIflm1tcpWrEEIVdpDxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-871946444%3A1686032217571848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFFUig3DmKOzfapOAyN5BJaj8IWINgAdgrKHk6n0IIsOXhINhH_IZ6WDbIR2-9aiIAFacsUYw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 VW00RE56Ulc3czc1bgwYZydhFiBgBmEoOgUJYxIYDQZmPhcDHhIwJzFQDHx3YVQAYj48CQl1aCYZVTA7JlAFYic7C1t5aCNQBWp9YUMHdmBnS0F5f3MZRCUpaFwSNDohAQl1eG1bBHd8Z1wDdndn
thycantyoubelike.com/ 0
257 B 185ms
123ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thycantyoubelike.com/VW00RE56Ulc3czc1bgwYZydhFiBgBmEoOgUJYxIYDQZmPhcDHhIwJzFQDHx3YVQAYj48CQl1aCYZVTA7JlAFYic7C1t5aCNQBWp9YUMHdmBnS0F5f3MZRCUpaFwSNDohAQl1eG1bBHd8Z1wDdndn
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzmQkDBunU3RWPKI3ohpmgaBxngEfbDmkeLiZRU41%2F5UKEJEJQQt0MPeA4XMmTRBIXQCNoA%2FkEjDpTSAMhJJGzqLXlfEYze1tbnR3kHFpgBmjqj%2BLoyu2CFxPqiBgkxNNoV0v%2BW0bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d2e878eb8ce18db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 UnhFWEh9RyYrdQhKImsRBQgWDRkYLBJpcTM6Aw4tCkkuGx0UC2MsITZFfWx7YE50fjg7HHhpcHQLMTk8Jwt4aW47FiM3dXQOeGlmYlZ3dnt0DXhpbiYIJD91Y141LDw+RXRucGRIdmp6Y092aX0
thycantyoubelike.com/ 0
253 B 184ms
122ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thycantyoubelike.com/UnhFWEh9RyYrdQhKImsRBQgWDRkYLBJpcTM6Aw4tCkkuGx0UC2MsITZFfWx7YE50fjg7HHhpcHQLMTk8Jwt4aW47FiM3dXQOeGlmYlZ3dnt0DXhpbiYIJD91Y141LDw+RXRucGRIdmp6Y092aX0
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIv1pQv9K5WMvLywfXTef6FE2a8yLFxAO2TapZ%2BqNrNhBv8CDU3zXsPESfQAUvtTibt%2BnQ0TVcQSGHKOMK28vi2Ih7sZW1clySUzGEdhvJrU1FPQQdloyct2KMoMxui%2BvJcrfZ24rA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d2e878ec8d018db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

invisible.js Show response
exeo.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/ Frame 1D28
Redirect Chain

https://exeo.app/cdn-cgi/challenge-platform/scripts/invisible.js
https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

24 KB
11 KB

27ms
26ms

Script
application/javascript

2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Server

2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84992c60c946bfc5f86d48264699567a35b2aa01ee45883b40da307e19c3285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuEgrPj6HuPdEXiX9o4juQaOLJm1SplL5p9BOPJSoWXc9rdYjspf014%2FKv6iCEcQScR0CyIlCh0RFqykEfLb61CPKE6qlbllG0cQX%2FlOSnpmja5d9PEEA%2BJVq4ajOIMD1gWkINMi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d2e878eecb55c6e-FRA

Redirect headers

date: Tue, 06 Jun 2023 06:16:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA7trhlCMrP4NVlkoXaQEP8Lr7vkKtJsqeFUOgdbTrFehXEYFUefqHeKVFlPTEgtJicxIb85NC4GCyEOwytriad%2FnPbJvlqkNEgxX%2BVaVD%2FWASUu19fjcq6jJdlWFcZfOV8ALWvT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
cache-control: max-age=300, public
cf-ray: 7d2e878e7c4d5c6e-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 406 KB
126 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70117
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 10:48:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 616 B
345 B 98ms
56ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fe2315bb63add7329bb6a3063badc5d4385d0dd125d31494d9a857b6d777ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Tue, 06 Jun 2023 06:16:57 GMT

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
461 B 76ms
17ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://exeo.app/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Jun 2023 06:16:57 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://exeo.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 73ms
19ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 05:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4329
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 06 Jun 2023 07:04:48 GMT

GET
H2 200 impl.v16.13.1.js Show response
live.demand.supply/ 74 KB
24 KB 30ms
30ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.13.1.js
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f430e23c61450f0a151627991bf492fbd215873ebb3007bb45979ed26afff92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H26NHRA932TCF1RZX7PKXK0B
date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 33530
cf-polished: origSize=76068
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"35eba87017a84574ea2241a0c63bf007-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7d2e878f19619b52-FRA

GET
H2 200 ZXhlby5hcHAv Show response
live.demand.supply/p4/v16-10-0/ 969 B
599 B 182ms
181ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/ZXhlby5hcHAv
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1d5877e2a900b6698f8eae50453b9bed571b18be39ad31dc3ec0d228d37197

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7d2e878f19629b52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bzQCFH94dw0TIHRlSgMyJjpRGzIxJBwaMTAkBVE3KGwBGDggPQAWZ3sXWVlybGNcXzUgPwgYNTp0XkcsPXReR3N5f1xScQt0Xkc1ID9aQ2d6E0lFcjFnWF5ne2-ENBzIlNBsSICI4GFJwD2RfQGx6Z0lFcmE6BAMvJXReNGd7YQAeKSx0XkclLDIHGGtsY1wUKjs+... Show response
d1ux93ber9vlwt.cloudfront.net/xQklRbHchJj8KSDYgNVFPcHtkXkNkIyIDGTJ0BRomFythFCUPfhwWUTYzNVFHZCUwAhB/ Frame 0F67 704 B
789 B 260ms
170ms Script
text/plain 2600:9000:2250:b200:6:78c5:6b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ux93ber9vlwt.cloudfront.net/xQklRbHchJj8KSDYgNVFPcHtkXkNkIyIDGTJ0BRomFythFCUPfhwWUTYzNVFHZCUwAhB/bzQCFH94dw0TIHRlSgMyJjpRGzIxJBwaMTAkBVE3KGwBGDggPQAWZ3sXWVlybGNcXzUgPwgYNTp0XkcsPXReR3N5f1xScQt0Xkc1ID9aQ2d6E0lFcjFnWF5ne2-ENBzIlNBsSICI4GFJwD2RfQGx6Z0lFcmE6BAMvJXReNGd7YQAeKSx0XkclLDIHGGtsY1wUKjs+ARJnexddRnZnYUJCdXpkQk5ybGNcBCMvMB4eZ3sXWUR1Z2JaUTd0YA
Requested by: Host: nedukeration.info
URL: https://nedukeration.info/OTVLMzhYVyheB1gIKRVNS1l2Fgp/EHl1XAhAMwoLW1A5Ck5VQj8dW1VaPldeS1olRxZXUD8WCn9NGlhUa1cDUFBzX3N4a31sLH1uf2Uoe0xSbSB9U3BMAnd/bX97cWpWWA1KTFFzCGZoX108ZG1tbDF9bn99EXBtTnQjcR0LcylJaXpzAwoMXUJ7Z3FxZydgX3RMAVlIa3IxekBzdzxSdW10IHFufAYAdE97cg9UX2lkCmRiCkYTZG5VTCl0dlptMWZfaUIsanZtRXtrU1pGG2tqXGd4fQ1fBDNgW2hBe2tTWgQCdwFYZHlXDnwFJ3VbU3MlZH4MWy4BFXx7CUlxVXsJQGtwdgIHf39/PHcKa1MadEAPb3tfflpYDgV6eHg9eWBrUAV0XA5sGnJdcmYzA2BSVid/fHB9DHRMSmx6RG1yXzgWCnt0GXlWXE0vV2pXbyVqbXN2L2tIUmQgBkFbcgVQenp4PX56DVARAEthYh5hCWMHAVJtbVF7ankfXzhcVkkIH0VpbFd7S2p0AgZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b200:6:78c5:6b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fced9801cbb8c4a7f550a60af75564e838b96f95cc57bdd4a231c59fdfa9cd0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nedukeration.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 511
x-amz-cf-id: VUMUXJmiHUZSYkPQdF4W2KZiJcVUOcqO8IhmmKfLadYjdere7UDf2A==

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 95ms
30ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 91ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 89ms
19ms Script
text/javascript 2600:9000:2250:8c00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8c00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 05:58:55 GMT
Via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 1083
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: iWy75h2aQ2DfMi7vfmpl1kzUx5hkUlTPsSYLupb4zochPaJpwTPL4w==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 96ms
43ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Jun 2023 06:16:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 93ms
22ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:50:11 GMT
content-encoding: gzip
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 34007
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: DyBKYz5rH0gzNnXtGzdov_xIRM6Py2iTWY1VBdn8VZsI9-NiQUb1Mg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 98ms
30ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: S9JX37CDGCGPM1K6
age: 2059
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d2e878fe95b1c3a-FRA
x-amz-id-2: LEZHPh/M8YcieToZefnLggoRbQozK4vyVBqIFpM92t9ZTc/REr8IBauyCTgZhZVB0tZvCJ65eXcvzpRqF9ZCgw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 66ms
14ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Jun 2023 06:16:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25044
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21027-AMS
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 67ms
15ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 05:23:16 GMT
via: 1.1 google
age: 3221
x-guploader-uploadid: ADPycdvE3T7bpMeHwr7z4h1hB75hzetfsiqBbnDEDxv08PDndhpFghwTY4gspvPns3l_Rw2lczVRyGeS1lkTnPtSr_jb8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Tue, 06 Jun 2023 06:23:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
20 KB 368ms
367ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2936154684968206&correlator=632689159021726&eid=31074948%2C31075062%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=339263271%3A22819833991%2Cgam_exeo.app_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1281229031&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686032217516&lmt=1686032217&dlt=1686032217032&idt=445&adxs=328&adys=145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fexeo.app%2Ffundamentos_color&frm=20&vis=1&psz=945x826&msz=945x250&fws=0&ohw=0&ga_vid=754385939.1686032218&ga_sid=1686032218&ga_hid=1725137855&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYpOvn-ogxSABSAghkEhkKCnB1YmNpZC5vcmcYpOvn-ogxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKTr5_qIMUgAUgIIZBIXCghydGJob3VzZRik6-f6iDFIAFICCGQSGQoKdWlkYXBpLmNvbRik6-f6iDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKTr5_qIMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e0307f6bf7bc49847ee223ca595208c05fd55d0f7e2aabb31e4553ea72375f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20042
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430325756
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F49 6 KB
3 KB 109ms
29ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 06:16:57 GMT
expires: Wed, 05 Jun 2024 06:16:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 QNTdQZlJWWD4AbUFeNFtqDQ5kX2YTXSMJPEUKHSACRkE0EARvDxZAJk9TbVZ0WVY+AW8TUj4FbwQRMQIwCAN2EiJaXG0KIk1CIAshTEI5QCdUCj0JKFxbPAd3B3FlSGIQBWBOJVxZNAklRhJiVjxBEmJWYwUZYENhdxJiViVcWWZSdwZ1dVRiTQFkT3cHBz-EWIll... Show response
d1ux93ber9vlwt.cloudfront.net/ Frame 55CD 875 B
892 B 192ms
165ms Script
text/plain 2600:9000:2250:b200:6:78c5:6b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ux93ber9vlwt.cloudfront.net/QNTdQZlJWWD4AbUFeNFtqDQ5kX2YTXSMJPEUKHSACRkE0EARvDxZAJk9TbVZ0WVY+AW8TUj4FbwQRMQIwCAN2EiJaXG0KIk1CIAshTEI5QCdUCj0JKFxbPAd3B3FlSGIQBWBOJVxZNAklRhJiVjxBEmJWYwUZYENhdxJiViVcWWZSdwZ1dVRiTQFkT3cHBz-EWIllSJwMwXl4kQ2BzAmNRfAYBdVRiHVw4Ej9ZEmIldwcHPA85UBJiVjVQVDsJexAFYAU6R1g9A3cHcWFXZhsHflNlBgJ+X2IQBWAVM1NWIg93B3FlVWUbBGZAJwgG
Requested by: Host: nedukeration.info
URL: https://nedukeration.info/bHp3Q2ENGBQuXg1HFWUUHhZKZlMqX0UFBV0PD3pSDh8FehcADQNtAgAVAicHHhUZN08CHwNmUyorORcFPSAbCTY7PkMCAzk8Eg0nGAszElQHIkUaNTQpOgkxKS88CzItOSUoJFw/NhEXKAItAisHQyMhNzZKIBU4SUg1AjZULiIpVSoYABIzISs+NCItNEUGCCYbLwRRJzMcciIlOwQrNSkzQhIiCC80KVEmMTE7Azw7E3AjXzwbECYlKzUUIyMwITs7IjscLzMEMB4VCxQ4Mi4rOyMAFjs1PzkrBRQwHhUIOhkgFDs/HgAZUAgsJSo1PTwcF1IPMjU5TCktPi8NPzAADhY0FkMoMF44DQIMIigRAjguHiERCCQsAHckBkMtBgwlFhM0AiQqNntUOTg9KjcGLCYVJR8wEjsgKiM2Flc+SxB6IF8ZPyA2KiItKxIkHBsNDS4dPWZTLiJFCjAuLTYVLF00IAoGVUk1cCcALCAWAy49LQIrGx0wZQsfFRkzXCE8JzAXCAwhGVkq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b200:6:78c5:6b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 00d08deadeb0ed13cf2df133bdeeced285ee36ff9e3e9eacc8e18293fc7e2de1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nedukeration.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 615
x-amz-cf-id: e2yKBOa3ONKppS2-CeJofBM-Cgxqwjb2Bro0JljP_7Nh8gEqOe7B2Q==

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
515 B 139ms
114ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=223&cs=c&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H05NKF3HAJ68KY8AV7N2QGNP
date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: HIT
age: 1231384
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d2e878fed5a9b45-FRA

GET
H3 200 ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I= Show response
live.demand.supply/p4/v16-10-0/ 969 B
689 B 176ms
169ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1d5877e2a900b6698f8eae50453b9bed571b18be39ad31dc3ec0d228d37197

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7d2e878fcf04367a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
585 B 147ms
123ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01GZ1RZT020HFX0MG79T6KPDKH
date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2061754
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7d2e878fed5c9b45-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 TwAiUmVdHFdRcB8PVQ Show response
d1ux93ber9vlwt.cloudfront.net/JZGdWajIHCDgMDRAOMlcKUFRkXANCDSUFXBRaPzJYBgUXIUcFPmZfeB0dEUxGHgNrWhQIBjgND0ICOAkPVUE3DlBZU3AfU1kKORBbCAs3TwAiUnhaF1ZXfh1bCgM5HUFBVWYERkFVZlsCSldzWXBBVWYdWwpRYk8BJkJkWk... Frame 7884 204 B
472 B 165ms
164ms Script
text/plain 2600:9000:2250:b200:6:78c5:6b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ux93ber9vlwt.cloudfront.net/JZGdWajIHCDgMDRAOMlcKUFRkXANCDSUFXBRaPzJYBgUXIUcFPmZfeB0dEUxGHgNrWhQIBjgND0ICOAkPVUE3DlBZU3AfU1kKORBbCAs3TwAiUnhaF1ZXfh1bCgM5HUFBVWYERkFVZlsCSldzWXBBVWYdWwpRYk8BJkJkWkpSU39PAFQGJhpeARAzCFkNE3-NYdFFUYUQBUkJkWhoPDyIHXkFVFU8AVAs/AVdBVWYNVwcMOUMXVlc1AkALCjNPACJWZ14cVEljXQFRSW9aF1ZXJQtUBRU/TwAiUmVdHFdRcB8PVQ
Requested by: Host: nedukeration.info
URL: https://nedukeration.info/UE9XU1cxLTQ+aDFyNXUiIiNqdmUWamUVM2E6L2pkMiolaiE8OCN9NDwgIjcxIiA5J3k+KiN2ZRYFDRQzBy49Gh8TCzAeEwIOGB47MwQCFQU7FxYdFBQcAhUPEh02Ay0aFhU0AggGAjARACINNTISfzMWAigIHzQZIhg/Ah4SJTAdE2AGFBwWOx8BBhJjCzsRDQV8FjUCYSQcHAUSLRQSJGMbIBI+BSE/MhFhFQ81P2EtFDQaZQcCFRUGGA4WBTsJAQk7IwwEPzMqGA8RFQYYDjcAJz8FCjxoDR04HTsYPCMEBXxuAxYWHhAZPyAqFgEWKgwROBkVfHodDjQJEQYOBR4VBjwaJAA7OAALLhofCCQRBREFdxYFFiNqZRUWBisVBQAJAQEkNB0AAh4PBiM0YhY7DhsQPR4fFhAdBxVmZzQGCjs5DwEJBQAAaS4RYg0IBQYnAhIdAnZlFhsgEj4FIgE3HxYrBTAVaB8BAnE6PDg9J20mDzk1Mg4cJjYJf2IZLioI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b200:6:78c5:6b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 90e0c056a8305c6b6a8fc33620c4df9a9d1d9a14fb3a5f8d481f06a2a9f0c2fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nedukeration.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 196
x-amz-cf-id: vK07Ce_VioC2tsk6VbJiOJy8PBUK5GtiNbd4-15COE0g8cL2PvNaGg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 27ms
26ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1725137855&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2Ffundamentos_color&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=407883828&gjid=797181350&cid=754385939.1686032218&tid=UA-135952122-1&_gid=1782883070.1686032218&_r=1&gtm=457e35v0&jsscut=1&z=572634312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exeo.app/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exeo.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 115ms
115ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.13.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H05NKF4ZCXEXCCTGQV2VVF7E
date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: HIT
age: 2061515
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d2e878ffd6c9b45-FRA

GET
H2 200 pica.js
exeo.app/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1D28 6 KB
3 KB 27ms
26ms Other
application/javascript 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exeo.app/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e188caf62de95d079a389f86b346bfe0e7790966d38a6277fa39fbba655025

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9k2ojTtEk8xI0bFinaomh4HruifPdzweZasdFHb%2FWzr1L3q1lrKxNV18YW5Nf1moD2aU0m9VgK6f6lRReMFBPzHu8G1%2FDMV6jzlEhK2%2Fp9V3g6GBVq6dn5RrPKGv3fMkIbwwiAs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d2e878ffda45c6e-FRA

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 34ms
33ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b418fa61e8b3017524654f7c7841fe5596f839841db3af82227ff636841a3f66

Request headers

Referer: https://exeo.app/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: de6408545b2aa31a4ed73ec5571be052
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 284ms
22ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://exeo.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://exeo.app
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 06 Jun 2023 06:16:57 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 3a89cc90f636eb769f7cca246895e73e

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
329 B 109ms
30ms XHR
application/json 52.18.254.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.254.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-254-139.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 242bcaed2bdecb2b43ee2c7ba83457631e810816885b2fb84ddee565d7c6ad83

Request headers

Referer: https://exeo.app/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:57 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://exeo.app
cache-control: no-cache
x-server: 10.45.3.147
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 08DA 15 KB
6 KB 74ms
26ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=exeo.app

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 06:16:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 375046
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
317 B 84ms
23ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://exeo.app/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://exeo.app
date: Tue, 06 Jun 2023 06:16:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 7d2e878af8735c6e Show response
exeo.app/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1D28 2 B
506 B 57ms
56ms XHR
text/plain 2606:4700:20::681a:9e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exeo.app/cdn-cgi/challenge-platform/h/g/cv/result/7d2e878af8735c6e
Requested by: Host: exeo.app
URL: https://exeo.app/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2e87915ef65c6e-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNxLK63nOURH1qmBik%2FGuGlWX6l1SKdwF5fxfc8xH0%2Fa0zTNELKWv1goygZBZIsALYCEkpnNeiri9n%2FDnOj4TzH3HQ%2F5V0zbLk83xsGPL%2Fdzs0By3WFCa2y8ynZZ5TXN8tFgOf%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame 08DA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=exeo.app&sn=ChromeSyncframe&so=0&topUrl=exeo.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=hdioXnxUODB1SGFPYWVuSms5NzgveGJUalQwdVk4SFB6WjNva1FMTFhoekVmejNjNTZHdVJ4K0hpT3h1TUpYRzUxS2FIbFFCS3liMjhlODBSWjUrb3JPRDRYZzdadW9aQ09kYzBUamE3SGQwNU1xamp1eVFKWTVORnpoa0...

431 B
669 B

101ms
28ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hdioXnxUODB1SGFPYWVuSms5NzgveGJUalQwdVk4SFB6WjNva1FMTFhoekVmejNjNTZHdVJ4K0hpT3h1TUpYRzUxS2FIbFFCS3liMjhlODBSWjUrb3JPRDRYZzdadW9aQ09kYzBUamE3SGQwNU1xamp1eVFKWTVORnpoa0kxZGFiUGphWllLQVVEeEQzeG5Kd2xXWFlpSG43WkhPVGdzZWlYTkFzV1hZQ3pFM2hRblJsdWxCcFZPSTlhODFFRG9MQUcwVHF2OENZSlNZTkRjVk1SRWtNVHZqUTN4ajA1TG9nOWRLWGhva2grU0x2MlRNNlFtOEFYc2N1REt0N1VhSWZjaGpHZVNSY01ReHYzU3Z3N0NsVnduTytUZz09fA&cppv=2

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8cfba6f59489cb766efd9c6fc2645ef2c2041e5ebfa7f87c9e5a64d46f500ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1460988
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hdioXnxUODB1SGFPYWVuSms5NzgveGJUalQwdVk4SFB6WjNva1FMTFhoekVmejNjNTZHdVJ4K0hpT3h1TUpYRzUxS2FIbFFCS3liMjhlODBSWjUrb3JPRDRYZzdadW9aQ09kYzBUamE3SGQwNU1xamp1eVFKWTVORnpoa0kxZGFiUGphWllLQVVEeEQzeG5Kd2xXWFlpSG43WkhPVGdzZWlYTkFzV1hZQ3pFM2hRblJsdWxCcFZPSTlhODFFRG9MQUcwVHF2OENZSlNZTkRjVk1SRWtNVHZqUTN4ajA1TG9nOWRLWGhva2grU0x2MlRNNlFtOEFYc2N1REt0N1VhSWZjaGpHZVNSY01ReHYzU3Z3N0NsVnduTytUZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 334132
content-length: 0
expires: 0

GET
H2 204 azZNV1VECS4kaCZMF2MbEV0OFj4AcQ4WEC5iOh4UKWd0HBEMd2sjPA8LdWVnXgR5cSUCUnBmcxhCLCMgGAt+Z2VaECQ5MwQLfWdlWhA7amRFBXl5ZlkYf3EgVgN0YGVZD3lmZ1IDemZsXBA5JzQMC3xxJR9CIWpkXQ57Z2ZZBHxgbVoA
thycantyoubelike.com/ 0
258 B 116ms
115ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thycantyoubelike.com/azZNV1VECS4kaCZMF2MbEV0OFj4AcQ4WEC5iOh4UKWd0HBEMd2sjPA8LdWVnXgR5cSUCUnBmcxhCLCMgGAt+Z2VaECQ5MwQLfWdlWhA7amRFBXl5ZlkYf3EgVgN0YGVZD3lmZ1IDemZsXBA5JzQMC3xxJR9CIWpkXQ57Z2ZZBHxgbVoA
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjQTV8ZbDSA%2Bl1NbnJu%2BZ1ZEoVg4wewPG273Gi%2FmUnA1k3gMPEY9qNe%2BMeKSSYGsy4F1lkNOmKh1%2Fh5d0thOK7Q5YnS0BWhdw5Y%2Fyr8EEeGudZNHoMegSevjnCngZxVDU2ID7iz1Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d2e87917b7d18db-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 exeo.app_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
374 B 340ms
340ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/exeo.app_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.13.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f0181162556ef28eb1cee331a6543a647290f55203c497d61cbbdab4770b59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7d2e87917ef79b45-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 42ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
656 B 257ms
256ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2936154684968206&correlator=656522140268666&eid=31074948%2C31075062%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2C78cce584-1f85-453c-ab7b-63934a693dcb&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=3092702470&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D5e49940c-b069-47fa-b039-be8a25ffaa4d%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D2%26bid-p%3Dgoogle%26bsc%3D37&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1686032217831&lmt=1686032217&dlt=1686032217032&idt=445&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fexeo.app%2Ffundamentos_color&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=754385939.1686032218&ga_sid=1686032218&ga_hid=1725137855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpOvn-ogxSABSAghkEhkKCnB1YmNpZC5vcmcY-evn-ogxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTr5_qIMUgAUgIIZBIXCghydGJob3VzZRik6-f6iDFIAFICCGQSGQoKdWlkYXBpLmNvbRik6-f6iDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM7t5_qIMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425ec825b5a306d6e1880284d5acf29a44e6829cc793890d561660c7ab33763a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 626
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 37 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9551ba024878fd2e95d1104e5c580dfa3521a7abf71b2eb0d7058bb754491e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59541
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13047
x-xss-protection: 0
server: cafe
etag: 6693448290075278788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 13:44:36 GMT

GET
H3 200 popunder.gif
thycantyoubelike.com/ 35 B
544 B 25ms
25ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thycantyoubelike.com/popunder.gif
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: public
date: Tue, 06 Jun 2023 06:16:57 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 12:51:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 321914
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXJGLNjrBon8awR6PZ4H%2F7zyHPqcy%2FlMhGyThrDWvlFZa4cr4mcfiaWL%2BfzHI17U9%2F5bB1X9%2Fkr7T8cNmhPgnKBdh0pj2ne6CHt4uDE2GzwctaGdCl%2FzGxmF67WLS7%2Bx7Aht6WiDRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7d2e8791dbe218db-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D37 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk490grGWhtjdX9ndNeux1wT3w3KrB_FPjDLs4FrpGJGLGeGQ9rrCB9KDNxtSbzMH8cqtI1kbR5mIBQuuaBw7sy-lge6A7hKhMqsS2qKvUutCdLehapO2fSO6zEguWztc2dqekSZXX1csdvPoDfmrXNLupCgs9DI493X0qoG6AQZ2rwbuVuUG19UaMdYvAe3b4aK5ValkFLwtwxXWx11-A_-8YlgLziHsgnhjC2ToEdurrK-GCOAZknuPKYT9Pn8EkY3odRpvpnNqdNintDQo-_nwC6gixfXhHamNwr5HzpEp141BJL0glITKlDu81bAcZGmoo&sai=AMfl-YQ4_NcZDG1_ZJWYkY1iKe9X9WLR8HA2ItoVAvZLeqW3WwuBcbQ_7SzUdNLxntVOog1_Jc_HxUUK8MrWuhmOI-vL-CYzibhEu-QD7fjFXaJGsGTJBc6GiT917iAlU-Y9pf3w_9Cgz6GKQqMkE9tu&sig=Cg0ArKJSzOXDijxiWVyLEAE&uach_m=[UACH]&adurl=

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Jun 2023 06:16:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 1D37 22 KB
9 KB 96ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:25:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 1D37 3 KB
1 KB 100ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 17:24:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D37 173 KB
55 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H2 200 811511909485606589
tpc.googlesyndication.com/simgad/ Frame 1D37 54 KB
54 KB 101ms
27ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/811511909485606589

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:00:28 GMT
x-content-type-options: nosniff
age: 242190
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55229
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 19:45:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 11:00:28 GMT

GET
DATA 200
OK truncated
/ Frame 1D37 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 254abaa4622958bca132cda5d085747e2e867d82cc05b12ad5b83b570c24f0bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D37 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvmwD6ZeNoOnDhKpYsTHhAyqcybTKesnhoG22Roy3bnZetHQx1gaEZHrCG8KXFrrt941sP14Z7jE0mdy61j0JVZhjU_J5rVEBXOAG598ELNJQwwO1tJ5bU_6eujcB1oa5fNKTnD8UMrcI0xbH1XztOA0Q0QtunvrZnRHyCexkFuzwV_XM-xfEuYGKmUXmEDGtaxT_6ZcEaqZvBz3s26JvcAhDNf3EymFTq5jK7MKq5a98sJvX9KFmx6QUzGsG1GbrZAJTYs1CWyfCnKGseurlpQqvoCbo8dFYajLKxlI_zxHF0nJR54VkhwpfVnkUiXzRAR4K3wRU&sai=AMfl-YQh4W0CF-al9Sch9qLeh1jHON4AbnDO0ZRq1etaBfWxxdQMDl_mfZEGWTzcM3CjkvE7tmIqu8fjqO51ppyt4TpdjVhEfVpBHnDtBhbZL7Pl8a7MYfin3NFTUN3hWeNh_vdkd7qjExPOEObnh5Xl&sig=Cg0ArKJSzDO-vQVKwQR4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 117ms
69ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5365613f6ca529c7cbb4ed422e9e1db26046dec1ee64375c9ec3c121dcff2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11237
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 117ms
116ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_auto_interstitial_desktop&e=nai&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.13.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H05NKF3HAJ68KY8AV7N2QGNP
date: Tue, 06 Jun 2023 06:16:58 GMT
cf-cache-status: HIT
age: 1231385
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d2e879379019b45-FRA

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
53 KB 497ms
496ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2936154684968206&correlator=279966206868339&eid=31074948%2C31075062%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2C18a08806-b22e-466c-a375-de050db82f32&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=2203375625&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D5e49940c-b069-47fa-b039-be8a25ffaa4d%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D37&eri=1&sc=1&cookie=ID%3D9765db85b03be9df%3AT%3D1686032217%3ART%3D1686032217%3AS%3DALNI_MbPL1nb2uMn_ayXighVe02l4Jr-XA&gpic=UID%3D00000c3d53dc844a%3AT%3D1686032217%3ART%3D1686032217%3AS%3DALNI_MZowG16GrvpOlso584yLekurxjKlw&abxe=1&dt=1686032218133&lmt=1686032218&dlt=1686032217032&idt=445&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fexeo.app%2Ffundamentos_color&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=754385939.1686032218&ga_sid=1686032218&ga_hid=1725137855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpOvn-ogxSABSAghkEhkKCnB1YmNpZC5vcmcY-evn-ogxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTr5_qIMUgAUgIIZBLCAQoIcnRiaG91c2USrAFNM1lqRGZxSDFqZWx3WXRNZVA3NVMwd0xieUgzMU1QUjU5Y000eHdTeitHY2NicndsbjJtZmlRcjdkU011T0hrWlJoWUlnUTBvc0I5d0dYbkNzSlRaZnFudXBwejFNZXpBNThDV0IvZ3VwWkZrY3VQekQ3QXZ0WWgzZFdmRzE3WUhXdzF0K1FmM2JtU3lROUdod25kUVdvMDB2emVyc0dxKyt4blZYNTBESjQ9GN3u5_qIMUgAEhkKCnVpZGFwaS5jb20YpOvn-ogxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjO7ef6iDFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02530b917cf773f332fd8ba3c354aaf1dbfcc4bbfa62fc88a94bec09bdd5fb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53773
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 103ms
102ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=exeo.app_auto_728x90_sticky_display_bottom&pdc=0.2051587700843811&ucv=null&e=tcp&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.13.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H05NKF3HAJ68KY8AV7N2QGNP
date: Tue, 06 Jun 2023 06:16:58 GMT
cf-cache-status: HIT
age: 1231385
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d2e879399299b45-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 104ms
104ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 433691
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7d2e87939bd0367a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exeo.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
15 KB 484ms
483ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2936154684968206&correlator=3203358989298239&eid=31074948%2C31075062%2C31075064&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=44890869%3A22855689125%2Cca-pub-3831894559014614-tag%2Cafafdb0d-39d1-4953-b43d-ab93c1fbc5a3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=3418422939&sfv=1-0-40&prev_scp=ti%3D5e49940c-b069-47fa-b039-be8a25ffaa4d%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D37&eri=1&sc=1&cookie=ID%3D9765db85b03be9df%3AT%3D1686032217%3ART%3D1686032217%3AS%3DALNI_MbPL1nb2uMn_ayXighVe02l4Jr-XA&gpic=UID%3D00000c3d53dc844a%3AT%3D1686032217%3ART%3D1686032217%3AS%3DALNI_MZowG16GrvpOlso584yLekurxjKlw&abxe=1&dt=1686032218170&lmt=1686032218&dlt=1686032217032&idt=445&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fexeo.app%2Ffundamentos_color&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=754385939.1686032218&ga_sid=1686032218&ga_hid=1725137855&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpOvn-ogxSABSAghkEhkKCnB1YmNpZC5vcmcY-evn-ogxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTr5_qIMUgAUgIIZBLCAQoIcnRiaG91c2USrAFNM1lqRGZxSDFqZWx3WXRNZVA3NVMwd0xieUgzMU1QUjU5Y000eHdTeitHY2NicndsbjJtZmlRcjdkU011T0hrWlJoWUlnUTBvc0I5d0dYbkNzSlRaZnFudXBwejFNZXpBNThDV0IvZ3VwWkZrY3VQekQ3QXZ0WWgzZFdmRzE3WUhXdzF0K1FmM2JtU3lROUdod25kUVdvMDB2emVyc0dxKyt4blZYNTBESjQ9GN3u5_qIMUgAEhkKCnVpZGFwaS5jb20YpOvn-ogxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjO7ef6iDFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92940df0255c7ac4110b08df3e259fb5e4ec7870da0f8cc983620cc55d866e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15169
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exeo.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4157 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 46353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 17:24:25 GMT
expires: Tue, 04 Jun 2024 17:24:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E237 783 B
1 KB 81ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aaa0d81f6b760fc9b32307387cd7bd8b1829785479c8b5afbbea03b9b9744846

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bzke3dd9ruNYIYLjrUAzhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Bzke3dd9ruNYIYLjrUAzhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 06:16:58 GMT
expires: Tue, 06 Jun 2023 06:16:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4157 38 KB
15 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 13:04:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E237 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=2936154684968206&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4157 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?whPZ_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A34 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 06:16:57 GMT
expires: Wed, 05 Jun 2024 06:16:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.85&b=2&r=exeo.app_auto_interstitial_desktop&sy=3838af68-9004-41f0-a9d5-53297c8809d1&ts=37&cd=2&pud=223&pus=c&pue=884&pid=35&pis=c&pie=924&ppd=183&pps=a&ppe=1072&pcl=786&ttc=1262&tti=2121&ttif=0&lca=1072&lcak=ppe&lct=1072&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=exeo.app&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=5e49940c-b069-47fa-b039-be8a25ffaa4d&e=lm&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.13.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H05NKF3HAJ68KY8AV7N2QGNP
date: Tue, 06 Jun 2023 06:16:58 GMT
cf-cache-status: HIT
age: 1231385
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d2e8796ccbf9b45-FRA

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022305221508000/ Frame 1CE0 222 KB
61 KB 109ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d38d3575be56d128dcaebb0d6013e528e67048b2a47393a7122248f51bbf1a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 03:23:43 GMT
age: 269595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "fe5a329ea36c66a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 03:23:43 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame 1CE0 15 KB
5 KB 144ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 03:20:41 GMT
age: 269777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 03:20:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame 1CE0 94 KB
28 KB 156ms
74ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 15:26:25 GMT
age: 312633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 15:26:25 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame 1CE0 40 KB
14 KB 168ms
85ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4479f33dddfe1f3536e21f877740fb15901a34cb07960cabe74bfe6787ce2291

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 02:10:48 GMT
age: 273970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13737
x-xss-protection: 0
server: sffe
etag: "4116485e544d101c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 02:10:48 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame 1CE0 5 KB
2 KB 171ms
89ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 07:51:35 GMT
age: 253523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 07:51:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame 1CE0 40 KB
13 KB 164ms
82ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 07:22:45 GMT
age: 255253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 07:22:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1CE0 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 04:54:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1CE0 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 65357
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Tue, 06 Jun 2023 12:07:41 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1CE0 295 B
319 B 22ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:39:27 GMT
x-content-type-options: nosniff
server: cafe
age: 70651
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 06 Jun 2023 10:39:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1CE0 0
0 30ms
27ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzs-8McnzlOiU2mDj0mq1wjQQ8QzKbqWNW-O3dxvZ0E3a-SnvH6SxZ5VVgya6VtjI7kRAQcBGJiuBU6cAJhmMir-pjgA
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 1CE0 225 B
249 B 22ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:09:33 GMT
x-content-type-options: nosniff
server: cafe
age: 47245
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 06 Jun 2023 17:09:33 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1CE0 0
0 65ms
63ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CW0OtWs9-ZMmiDbTwnsEPr-mBwAj08MWebIPo-4H-D9rZHhABIJWbyiFgkQSgAd2Y7oUDyAEBqQL-S-wiq_mxPuACAKgDAcgDCqoE5gFP0IF10at3Xdt8x6bAqf2lHoeplTl8yRGLiZhhUZ2eUPcBBa5sE0yr26bz7wo0qztqVfDQN-6nkKyUPCAimJmVDA8_6YALFllSpF6LK2slLxEW_LRnaS03ZXnweW4wE1dSL8be_UcpZ0619GsfeIlUJ3AsA1nbXyVf_i1leLClAOzeCmFjQosNoRt_KXCr9Hk8Ht3VABLpxG4waXbyMBd25H3dCfmoEhfhVQ4zjrl7fUpVl_ZTCizycAkbex-pN19nsu_TBHn4TAagU70dEYEEXTN0MkqbWkYDHSXcNJTJpMQiXS5798AE7rOI-_kD4AQBgAeL55F6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2Ika0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTA4gUBNAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=FRxs_jtqQIU&uach_m=[UACH]&cid=CAQSPABygQiDYOFMGrupMV5tVn7uOHQrKdtd2YwQ9tgn6hJzLrsNWgHj3WHABo1MsuZDk2PyKCqHyQIiHsyPlhgB
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 114ms
114ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=2&r=exeo.app_auto_728x90_sticky_display_bottom&sy=3838af68-9004-41f0-a9d5-53297c8809d1&ts=37&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=exeo.app&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=5e49940c-b069-47fa-b039-be8a25ffaa4d&e=lm&dsReferer=ZXhlby5hcHAvZnVuZGFtZW50b3NfY29sb3I=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.13.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nf-request-id: 01H05NKF3HAJ68KY8AV7N2QGNP
date: Tue, 06 Jun 2023 06:16:58 GMT
cf-cache-status: HIT
age: 1231385
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d2e8796ecd79b45-FRA

GET
DATA 200
OK truncated
/ Frame 1CE0 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1CE0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2c5498626c651f2dd9fbe68241c615ec308b9ab5555ab53d068dc8290fd8262

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 3A34 4 KB
744 B 32ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
URL: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 05:13:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AC58 2 KB
566 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 04:53:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AC58 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:26:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame AC58 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:25:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AC58 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 17:24:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D53A 1 KB
643 B 26ms
25ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 65486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AC58 19 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 20:26:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC58 0
0 43ms
42ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBoo8nWDuysrVFlmlhOOQA-dnDhxdP9tyde3cAekI4QfFU9o9rx1TrS8CbgObrJlhDYHOieZwATHrOOhNFJ29ai_y2pw
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC58 173 KB
54 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 06:16:58 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame AC58 32 KB
14 KB 96ms
19ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Wed, 31 May 2023 00:11:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 17:15:44 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 3A34 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
URL: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 21:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 21:05:41 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A34 205 B
519 B 93ms
23ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
URL: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:18:33 GMT
x-content-type-options: nosniff
age: 21505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Jun 2024 00:18:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A34 604 B
695 B 93ms
24ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
URL: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:13:02 GMT
x-content-type-options: nosniff
age: 18236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Jun 2024 01:13:02 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1CE0 33 KB
33 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exeo.app
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 558461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:09:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRz4IMMZ9WJcPt-m-d2RyE&google_push=ATf1kGPA_4HypwN1IBmjB4hSIg5Jy_5WdMV7tmLXJD6YsDYs7zXK1_iQaN...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRz4IMMZ9WJcPt-m-d2RyE&google_push=ATf1kGPA_4HypwN1IBmjB4hSIg5Jy_5WdMV7tmLXJD6YsDYs7zXK1_iQaNmCcwZm3w-7EYfQCE9qFru5Ch83yFXwK3Fa8q5ysJQcOZ4lq5-W6eKR4k8eR-4mDiiYyBtTvFjLThHs6c127kA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21045-AMS
pragma: no-cache
date: Tue, 06 Jun 2023 06:16:58 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686032219.901858,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJRz4IMMZ9WJcPt-m-d2RyE&google_push=ATf1kGPA_4HypwN1IBmjB4hSIg5Jy_5WdMV7tmLXJD6YsDYs7zXK1_iQaNmCcwZm3w-7EYfQCE9qFru5Ch83yFXwK3Fa8q5ysJQcOZ4lq5-W6eKR4k8eR-4mDiiYyBtTvFjLThHs6c127kA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMFFE7z1VpoM_MG9xuxG8Vc&google_cver=1&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3Cb...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMFFE7z1VpoM_MG9xuxG8Vc&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3Cb...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3CbjobFn8L9gBriDlrPS8HNEtQpTdzUiynIdB72KnFdxaeT6B...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3CbjobFn8L9gBriDlrPS8HNEtQpTdzUiynIdB72KnFdxaeT6BvWmcaHVgOZFI&google_hm=MnBNN2tyV3RvWll1RGVJbFJMX00=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 06:16:59 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN5HE9KVm2ytS0qfRcLiCRlNBLHGKHJPxDvPDzyztyo5wi4bvO7oIwUZ_tUokBOCjkmqsjMSXM16k3CbjobFn8L9gBriDlrPS8HNEtQpTdzUiynIdB72KnFdxaeT6BvWmcaHVgOZFI&google_hm=MnBNN2tyV3RvWll1RGVJbFJMX00=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 279
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame D53A 42 B
233 B 303ms
101ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIgv4vpEdEyWvjY1I33j9is&google_cver=1&google_push=ATf1kGOynrNc3MZX3xVe66vi91U77rHDfLr3CSHUQ-J0Q1IVraSP6hYj9-vM0TeXdrmvImrnTVvfX-VI2ch299ifxTV5xjvVKdGKHKNE-UeI-EuhGN5ge9IZBQMS788lYqrfITxO8SGJgw
Requested by: Host: 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
URL: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 06:16:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECBHKfJd2hPhVpGL4dYb7o0&google_cver=1&google_push=ATf1kGPluKy1Y9q186YX-gJviJsbUijFO_itIEEqb5sX-QB-Zf9B6eamVo0hybH7k-XtTKy91y8fV9mhB5rtW3xZ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPluKy1Y9q186YX-gJviJsbUijFO_itIEEqb5sX-QB-Zf9B6eamVo0hybH7k-XtTKy91y8fV9mhB5rtW3xZhiFA3yrWCmBFe3Nrfvrp0tdbmB29TRiqYYr8y0YXUNly...

170 B
243 B

32ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPluKy1Y9q186YX-gJviJsbUijFO_itIEEqb5sX-QB-Zf9B6eamVo0hybH7k-XtTKy91y8fV9mhB5rtW3xZhiFA3yrWCmBFe3Nrfvrp0tdbmB29TRiqYYr8y0YXUNly_waiQXRPCQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 06 Jun 2023 06:16:58 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPluKy1Y9q186YX-gJviJsbUijFO_itIEEqb5sX-QB-Zf9B6eamVo0hybH7k-XtTKy91y8fV9mhB5rtW3xZhiFA3yrWCmBFe3Nrfvrp0tdbmB29TRiqYYr8y0YXUNly_waiQXRPCQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: zQoTHSS3UjGuRW7HPEeUdWS9Lw-JkqYwJaboXlB14RCbM1D3kfvZnA==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENVk_LSkwAZmO7Mc2lPEnt4&google_cver=1&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg3...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NjAxODUwOTY2NTkxNjU4MDMwMA%3D%3D&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2...

170 B
232 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NjAxODUwOTY2NTkxNjU4MDMwMA%3D%3D&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg3aQ5tWCU_WhdjQfzDzk84uHxwOz7iApWEqFqfrFZrAlCM

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NjAxODUwOTY2NTkxNjU4MDMwMA%3D%3D&google_push=ATf1kGOtTt7fyxCS0tle6FQ2DnEeQPYeEHQjI3X2wXnlMSCggE2NnEV2LU1dsoTqZy-x0K434h66YEpr5Cx3jN43lf7f_uOvAg3aQ5tWCU_WhdjQfzDzk84uHxwOz7iApWEqFqfrFZrAlCM
date: Tue, 06 Jun 2023 06:16:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMnaIGCZhN9EL8JBMdO3u_o&google_cver=1&google_push=ATf1kGN-FuiLAijaxqaQxhSssutxQJk2-Zu_ezOgyobE2zSGkriVH7lFr...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGN-FuiLAijaxqaQxhSssutxQJk2-Zu_ezOgyobE2zSGkriVH7lFrpLq9uvK0KV9YuYKJBXmSrnaWOyCXWfxBEwuZ9mR-vp7401YNoVKJ-os_trZpbSdpmDEKXb57...

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGN-FuiLAijaxqaQxhSssutxQJk2-Zu_ezOgyobE2zSGkriVH7lFrpLq9uvK0KV9YuYKJBXmSrnaWOyCXWfxBEwuZ9mR-vp7401YNoVKJ-os_trZpbSdpmDEKXb57OVsKXGu2ylhv98&google_hm=QlMuNTUzYy1mM2E4LTRiMjgtODE3NQ==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGN-FuiLAijaxqaQxhSssutxQJk2-Zu_ezOgyobE2zSGkriVH7lFrpLq9uvK0KV9YuYKJBXmSrnaWOyCXWfxBEwuZ9mR-vp7401YNoVKJ-os_trZpbSdpmDEKXb57OVsKXGu2ylhv98&google_hm=QlMuNTUzYy1mM2E4LTRiMjgtODE3NQ==
Date: Tue, 06 Jun 2023 06:16:59 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame D53A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAosOwBoA0Ml8JYpdvUNdyE&google_cver=1&google_push=ATf1kGPvZRcn-EeMCatUvWFnJbcuCVtM50aqJBBhXDKFWEpxEuKl_mDduwgo2OO_to0qWnlfsvfePSevAjN...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPvZRcn-EeMCatUvWFnJbcuCVtM50aqJBBhXDKFWEpxEuKl_mDduwgo2OO_to0qWnlfsvfePSevAjN40z8vXUNv_kNBRNAsbftGV-pTVzgbEtH2oX9j...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

23ms
22ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D53A 0
130 B 105ms
29ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Im_hgM1_ROHC4VVRIOPkZwJonMy-2OnBhO68HaVp24uxmRV7DLy1N10yMpnbf5cfJ68-arxeI

Requested by

Host: 81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
URL: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:16:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1CE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

91ms
38ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: exeo.app
URL: https://exeo.app/fundamentos_color
Protocol: H2
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Tue, 06 Jun 2023 06:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ww.mjs Show response
cdn.ampproject.org/rtv/022305221508000/ Frame 1CE0 45 KB
13 KB 72ms
22ms Fetch
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022305221508000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4196febe06270106c748a4e2590eeb54458d9b75f88711c7677993d5f092da3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://exeo.app/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 18:18:30 GMT
age: 302308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13081
x-xss-protection: 0
server: sffe
etag: "ff7fda1e95d1f2e6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 18:18:30 GMT

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame 78E0 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: exeo.app
URL: https://exeo.app/fundamentos_color

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 13:04:21 GMT

GET
BLOB 200
OK e2e70f01-866f-4b72-af90-071fbc96a068
https://exeo.app/ Frame 1CE0 45 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://exeo.app/e2e70f01-866f-4b72-af90-071fbc96a068
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e71ae76487ec8807c0ce24205be90c32714aaef2f935c1bc26014a6f4f702c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length: 46336
Content-Type: text/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=2936154684968206&bg=!4eKl4rbNAAY9J7QfHSc7ADkAdvg8WmYBcyNcYGZVxKQVr0annhxdfDi5mh-rLOrj9JRqZvOulM5k32XosRduf082-AbGnItnOVoCAAAAZlIAAAAFaAEHCgCFSkC1aXELe6p8I3dmP3oHwfP3XA0BqGITT7ghlTc4xG4zdg6MDGUUIQd1b3eqZr8_kEl4pEFK5nYQqirCjVVexDWfLZji_iJHzCg-mEMRGcH0eQlS5qQix6dcjjbLnEQi8Skw4sYc1R3Nh-rZfEoVyJ-dRHLPgH5-wpUe1Hz5lmXf9EtW85kC2_ilknHg5hynvLsxviozly1mYZSN0N3nDbFNfgzXQWd8fGOYusJJNdqXng8i1vYm8jpP1eytpRz5VLDFjt6BjKMOam2WhpukhGd0s0WN5GTQIdJ74wLMzKkQxFJ34vpm6Tdi0bZrR7ZqmBgXJ0rvuspfIHLrbcOp8vXlfFnKYWfN7kovXzW5dLGGGw0o1_Yx4WZvbybF-zZrqdgKjpJ6MrM8IKGk_rqhR83tbyI8oRdnByYDDc1G1Xl4OPY30QooZf1PBFSGe823aRa7-X2e9GY8eGqadqpzJfqN5SZdPPUJj76KDN0W3cZyLz63q-SWpyso2k2iZCoPtajNoCoWbb50BhObSnOu4fbzTwoaw92CpXET69boMnQHbkGuWjhZYMU4RiJwZDJVX8sKpe6vPP2WRUWf1UvyLJQvPYnokbZMtY5cqxecQdWWaae1fW2B1-3IlTnYW9CzhlEbOMTCNDuVIyqRChWP3OcSDKklHtchUs-evlm8pJ_Mwk8ctvq8sOz2ledDgenK8YGHE6HREMt4EHaeJDcDeEqypLUKBU_b_vYlIKrs6ao8l3t-FOs-nFXfb9zxUjXjMKoOxsiO2RBBl6cYygUkzIXk8lkMxBzJRWxM66Z3bg4DqaD7NsWMeyn_-FR15Vh5-ymo762lHCy8261rKQvpofO8_Xv48VQf_V99b4LmoSKQFj39b8LVZ4WoaQcwK9s4DVMKv3SlB02KBu0LSEpw7AgaFkjKj6NAna3LgZXs92qLOPaA3RIKJeihlT4398xBcrHQHVIK8kgEHoWBmnvY1AIf5iRR3_vJG9ebmPV0yZ8QEY909KqSJRxCXEynG9MiL5oHmeSwOsZKEAS6KsWaZ3Kgf4VaBeye4EryYK2D55OfJmLt-OaKSV0aQCziPyfWWtR4gymDeVuV2wdf1rXHRym3OiWhCnLpHeiqm5g4C0A75ufVFNT6TIurOozn8yt8UCrs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D37 42 B
174 B 56ms
54ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNLNyoqQadrWV7cFMUD83Q6WDKgL4aZPJXTo5atj4D8rNYTPZqcdcMzWw7eLTjMeIPKg7suuIJcGbHtN6ePy8Wz6qkL_grY2N4ONGYKqp4DdZsLJm1&sig=Cg0ArKJSzNFjY3l4gCs5EAE&id=lidar2&mcvt=1000&p=145,650,395,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1281229031&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686032217930&rpt=174&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1CE0 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuy14c37hqNpgpnnNrtGkGqdqt9QJ-59-aY12-bqlZMvtDgGtsQ5plpIUkez3Jgjr3T6hVOGCY02-FdXJkqeTmXE7CivZGLkqacSBEXXxlmvU6WChVW7R_W9wKvxCappJR4GEozApCBhWrp6d5q14lf4uTRYxBLS_F3_Nw81RthM9qyQa6gWQD7cJJSENItn68fWPxE1d16rAXyffd8qbabAPJzj_i54_L8OLN6yZs2I1CNG_tSteXN4R2o5FJFjuaiHMORhSrm2tYc6AMrIyl9oO3XBxuIWLHIZBOj38YIn6xpXHqgKN8suItnq_zP-X3DYc3UHhwqwz6o1BaoZBekQyws9h6rcDm-r8KXcZ8VpzkyBMKuTA6qvzzuNVNYm5UZS5KgTklDeRi5Ui_QK0XLqDRalT5xxBPXqi5Gh2vCWXxigP7nrCArwkOZY6eyh-wg5qY-Vm0PNC0-aZ2Cta9nUVFDJyuF1WcnQEHD70-CmipbwBz3XTHot8Lwso7Hzkuv9MQT8vWXDic4Qxj0AJQSNhkkiT3AbTJcoNF11jn9W1PHWGiJRvFUyzSZB_RKfIKgp5ZxH34pRNp3WAD-5Ta1ZXot2YWOwP681-RHg7vx9XoMgG4WvLBK9OfuUNrGOP4XH5MMLQJFrRMmMM5CJeisKzGanq4hdxTImhMUaB7MyVIAfqlYoMxWNZD4_tdQ7Vu_1y7kvPjf3gCBcXnfHpi8md3-sKpoLhiAqLtHptHHdBa_qlhgopP2N7-cL9E1LQY9QAksIWwcfQvFK13TMhHtuqfaNpPa23YuRMneMNu4V91dhhjUddxc_vqav0fNCIYrTPTbHtISgYU4kLdUMnxrD7uJduXMiKSxryuMNUxXiIFymQzZjouEW11ShvGL9Z2sUy_p8_JoKQhqvEeSvrz4_UelE0VPRKdYRyGKm0xmVzFdlYTBhGT3YNoJHR9WgnRE5ZmyN3ilRJ-NHRJ6S0lnnTIylc04sous8XVEPwW1d32byZORbw&sai=AMfl-YTqwV2rjGHKQ2WYQ2wcp6lAonM0cEswD5qCenv7D9QuPgkoaaFYP5Tj-gJh2peGYg-d9lXMM3aepJGmkp4oJ7Yoo4WEO6ElK98NUxZytaGsH_ptQBeAxhPOGm2HnOyOcYddEmQ54dT6WQ&sig=Cg0ArKJSzE2hVBfyDO5lEAE&cid=CAQSPABygQiDYOFMGrupMV5tVn7uOHQrKdtd2YwQ9tgn6hJzLrsNWgHj3WHABo1MsuZDk2PyKCqHyQIiHsyPlhgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=282&tls=1282&g=100&h=100&tt=1282&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exeo.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:17:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exe.io/	1969-12-31 23:59:59	Name: AppSession Value: fbcf2d96803644b13b90b3c531c3ca4a
exeo.app/	1969-12-31 23:59:59	Name: AppSession Value: 1f34f762bbc6ec782167f3cd569dc5b5
exeo.app/	1969-12-31 23:59:59	Name: csrfToken Value: 5c1c93f1baa0ef6182f558f9e64b65130ac265fe6c376702ee0ff2183abf411ea30728a902a009de5db0d3b874858615738ec60cc3f65ea12d3e9458c3834a04
oo.onlapmynas.com/	1970-01-20 12:21:58	Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEuI0qPQTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iL3imTgqmpKCj4q%2FHjtGB04kfzqoTfd%2BfBO70MnguJvIZdsvMnR%2F8mmE%2FkiGn5SCtogpPwfprrsZuJkMuHDeqQj4HY6pQCme3hVyTIjN8JhTvF2dD5jP%2FtA4pY31gbQLHLRK7NGl9j%2FJDGxWG9R4Ja%2Bu6iPBwm7g%2FWzcPWhUx8tFxRYjfsJPc02jdN0pFy9XbG2AnNfz7v7%2FpxloUilYtw7n1F3I%2FG8hPPw%3D%3D
oo.onlapmynas.com/	1970-01-20 12:21:58	Name: GL_GI10 Value: eJxNjEtLw0AUhdNJGRrbRA64cdc%2F4ECkVdzqNmRXXQ4xua2D7b3DzPiIv15aobg6h%2FP4sixTVxWU8ygf1ua2rk29ujP3K%2BQ7Eqi2waKXD05htNwdCPOW0huFfcdDhA60c8Il5n%2FG9jIQLtrmZsPvLF98Lo7fEtPepbFEcZTTtpohd9HjuqEu0gu9Lv%2Fhl4%2Fm2aBgSjZ6ogHFkwQvoUuE6pyeODrHzEXrg3yPeoLL5A70I0xWtttISStMPrX6BYjZR1g%3D
pogothere.xyz/	1970-01-20 20:58:56	Name: csu Value: 597029412957197@1@1686032217
live.demand.supply/	1970-01-20 21:56:32	Name: demandSupplyTi Value: 5e49940c-b069-47fa-b039-be8a25ffaa4d
.demand.supply/	1970-01-20 12:20:34	Name: __cf_bm Value: ZOunQ2VNSO0L8xu2owJ5LmVm9CKkawzWTyQvy3XoL8w-1686032217-0-AZ5TVKmmX4W2biVKcnhVxVuaQCl3YggRzwEEYVttLp12zZPYrglcW+gNv1z97+KNmO79l8mAennk814PAERKhAg=
.exeo.app/	1970-01-20 21:56:32	Name: _ga Value: GA1.2.754385939.1686032218
.exeo.app/	1970-01-20 12:21:58	Name: _gid Value: GA1.2.1782883070.1686032218
.exeo.app/	1970-01-20 12:20:32	Name: _gat_gtag_UA_135952122_1 Value: 1
.criteo.com/	1970-01-20 21:42:08	Name: uid Value: 457d0726-072b-409d-8956-9be4f38f7c87
.exeo.app/	1970-01-20 12:20:34	Name: __cf_bm Value: QlxXiYTfI2RlnCiBtyrZqXRu9ATmr5YwrGkWpOSwuhc-1686032217-0-AZtLY1hPjBPwUAU9NXpfIoDMef0Xfktzuri1hvMG/8bb2CNYLW6601Tf8hcKZyiP8V6Tq3AlcOZ/pF0cU33lQcPgNorivcDSkjHzcJTEfbd5
.exeo.app/	1970-01-20 21:42:08	Name: cto_bundle Value: Q2ov419pUlZzNmh6SFFjR3JCeXNZVGdJQm1JTnNJSkklMkZxYkZQU2llN0xQaEdEZW5rR09qazlSdWdzRHVPJTJCMkRweXFFUW81cmFWUDZ5OFlJR0t2cVR6UU5ZNHFlOWt2MSUyRk1pdm5xUUVGUGNTTUtDa0hLNEhqWllVTFBPam1ZN0w1Q0M4NnZNY3BTSzlVdllyJTJCd0lwbW5BY1V0dyUzRCUzRA
.doubleclick.net/	1970-01-20 21:42:08	Name: IDE Value: AHWqTUkuoBvUUJ8A61jqkl1Gt7oDTvJ-xI5z-R64P_6kwM3dgpoxo80nHXlA7nzbatI
.doubleclick.net/	1970-01-20 12:20:33	Name: test_cookie Value: CheckForPermission
.exeo.app/	1970-01-20 21:42:08	Name: __gads Value: ID=9765db85b03be9df:T=1686032217:RT=1686032217:S=ALNI_MbPL1nb2uMn_ayXighVe02l4Jr-XA
.exeo.app/	1970-01-20 21:42:08	Name: __gpi Value: UID=00000c3d53dc844a:T=1686032217:RT=1686032217:S=ALNI_MZowG16GrvpOlso584yLekurxjKlw
.3lift.com/	1970-01-20 14:30:08	Name: tluid Value: 2446018509665916580300
.everesttech.net/	1970-01-20 21:06:08	Name: everest_g_v2 Value: g_surferid~ZH7PWgAAAQscCwAD
.doubleclick.net/	1970-01-20 12:20:35	Name: DSID Value: NO_DATA
.zemanta.com/	1970-01-20 21:06:08	Name: zuid Value: 2pM7krWtoZYuDeIlRL_M

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1811910027%3A1686032217479062&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneGct33WmybrIITe7W0rmt_RrVIN1KhxVa3cZ8eMMnO-LQkjWpAkBifJn9B_SbxFSmLHT2CHaA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-871946444%3A1686032217571848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFFUig3DmKOzfapOAyN5BJaj8IWINgAdgrKHk6n0IIsOXhINhH_IZ6WDbIR2-9aiIAFacsUYw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://exeo.app/fundamentos_color Message: The resource https://live.demand.supply/p4/v16-10-0/ZXhlby5hcHAv was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

81972796f71a2fd2b376107272a4894a.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.nl
b1sync.zemanta.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdntechone.com
cm.g.doubleclick.net
d1ux93ber9vlwt.cloudfront.net
datatechone.com
dsp.adkernel.com
eb2.3lift.com
esp.rtbhouse.com
exe.io
exeo.app
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
im.bluevoox.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
nedukeration.info
onetag-sys.com
oo.onlapmynas.com
pagead2.googlesyndication.com
pogothere.xyz
s.ad.smaato.net
securepubads.g.doubleclick.net
static.criteo.net
sync-tm.everesttech.net
tags.crwdcntrl.net
thycantyoubelike.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.248.245.213
139.45.195.253
142.250.184.226
143.204.215.60
151.101.194.49
162.19.138.118
172.255.6.253
174.137.133.49
178.250.7.13
188.114.96.3
2600:9000:2057:5000:1b:5138:8a40:93a1
2600:9000:2250:8c00:a:e047:753:be1
2600:9000:2250:b200:6:78c5:6b40:21
2606:4700:10::ac43:266a
2606:4700:20::681a:9e9
2606:4700::6810:8616
2606:4700:e2::ac40:8d24
2a00:1450:4001:801::2001
2a00:1450:4001:801::200d
2a00:1450:4001:803::200e
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:2638:d::2
2a02:2638:d::d
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::485
2a06:98c1:3120::3
34.96.70.87
35.190.39.111
51.89.9.251
52.18.254.139
52.45.175.185
64.74.236.159
65.9.66.68
00d08deadeb0ed13cf2df133bdeeced285ee36ff9e3e9eacc8e18293fc7e2de1
02530b917cf773f332fd8ba3c354aaf1dbfcc4bbfa62fc88a94bec09bdd5fb3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f430e23c61450f0a151627991bf492fbd215873ebb3007bb45979ed26afff92
0fe2315bb63add7329bb6a3063badc5d4385d0dd125d31494d9a857b6d777ccc
165e871ee8053bed9e5cfd101e9a39b816f3dff32936be23bfde205621958ab7
1d38d3575be56d128dcaebb0d6013e528e67048b2a47393a7122248f51bbf1a9
23998750e040d16d7cdcc67be18f2c98db45cc55e098f1548107d04a4666d6fa
242bcaed2bdecb2b43ee2c7ba83457631e810816885b2fb84ddee565d7c6ad83
254abaa4622958bca132cda5d085747e2e867d82cc05b12ad5b83b570c24f0bb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30e4ac01475ec8c24b8fb173cc994f4453cb361a99b404637a369d8425af6b6b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
39ff1923a8ad8f22a2fe9540bc9a68b2400867ccbd338d8148d2f31784e14795
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3e0307f6bf7bc49847ee223ca595208c05fd55d0f7e2aabb31e4553ea72375f4
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
425ec825b5a306d6e1880284d5acf29a44e6829cc793890d561660c7ab33763a
4479f33dddfe1f3536e21f877740fb15901a34cb07960cabe74bfe6787ce2291
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1d5877e2a900b6698f8eae50453b9bed571b18be39ad31dc3ec0d228d37197
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8cfba6f59489cb766efd9c6fc2645ef2c2041e5ebfa7f87c9e5a64d46f500ab2
8dd50645a84d8f30b0ac5a706084d685df9d5b5d4d0c115557468e28560df599
90e0c056a8305c6b6a8fc33620c4df9a9d1d9a14fb3a5f8d481f06a2a9f0c2fd
92940df0255c7ac4110b08df3e259fb5e4ec7870da0f8cc983620cc55d866e6f
946c3fab403476057b0ecf16b979cbd776983ca6e93af0b7742e38914e04e860
9551ba024878fd2e95d1104e5c580dfa3521a7abf71b2eb0d7058bb754491e29
96f0181162556ef28eb1cee331a6543a647290f55203c497d61cbbdab4770b59
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e71ae76487ec8807c0ce24205be90c32714aaef2f935c1bc26014a6f4f702c4
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a858d262dc6315f4cfb75899f5cb0c4409432835ccdc90b1d90104bb79544ff9
aaa0d81f6b760fc9b32307387cd7bd8b1829785479c8b5afbbea03b9b9744846
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1e188caf62de95d079a389f86b346bfe0e7790966d38a6277fa39fbba655025
b2c5498626c651f2dd9fbe68241c615ec308b9ab5555ab53d068dc8290fd8262
b2f6c87dd526014f1ff13316715936f55146885c78603bf34a4bb0e108fac792
b418fa61e8b3017524654f7c7841fe5596f839841db3af82227ff636841a3f66
b5365613f6ca529c7cbb4ed422e9e1db26046dec1ee64375c9ec3c121dcff2f5
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
d3807505d144858c5849579d34b8fd8da69afad01292bc59e1fa516e850b1399
d4196febe06270106c748a4e2590eeb54458d9b75f88711c7677993d5f092da3
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f166a0339150b2a4d8fe1aa2d47d474e5e3db9410c8aae1a884c6e32692ce289
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f84992c60c946bfc5f86d48264699567a35b2aa01ee45883b40da307e19c3285
fced9801cbb8c4a7f550a60af75564e838b96f95cc57bdd4a231c59fdfa9cd0e

exeo.app Open in urlscan Pro 2606:4700:20::681a:9e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

91 %HTTPS

60 %IPv6

36 Domains

46 Subdomains

39 IPs

6 Countries

1346 kBTransfer

3585 kBSize

22 Cookies

3 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

exeo.app Open in urlscan Pro
2606:4700:20::681a:9e9 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

91 %
HTTPS

60 %
IPv6

36
Domains

46
Subdomains

39
IPs

6
Countries

1346 kB
Transfer

3585 kB
Size

22
Cookies

131 HTTP transactions
5 data transactions