URL: https://fex.net/get/043836459638/1034929369
Submission: On June 16 via api from US

Summary

This website contacted 17 IPs in 6 countries across 15 domains to perform 66 HTTP transactions. The main IP is 194.106.216.70, located in Ukraine and belongs to CDNNET-AS, UA. The main domain is fex.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 29th 2020. Valid for: 2 years.
This is the only time fex.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
12 pagead2.googlesyndication.com aj1913.online
pagead2.googlesyndication.com
fex.net
8 aj1913.online fex.net
aj1913.online
7 mc.yandex.ru 1 redirects fex.net
mc.yandex.ru
7 fex.net fex.net
6 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.gstatic.com mc.yandex.ru
4 www.google-analytics.com 2 redirects fex.net
3 www.googletagservices.com pagead2.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 www.google.de fex.net
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
1 c.hit.ua fex.net
1 api.fex.net fex.net
1 www.googletagmanager.com fex.net
1 cdn.polyfill.io fex.net
1 cdn.plrjs.com fex.net
1 fonts.googleapis.com fex.net
66 20
Subject Issuer Validity Valid
*.fex.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-29 -
2022-07-28
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
cdn.plrjs.com
Let's Encrypt Authority X3
2020-06-03 -
2020-09-01
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-06-08 -
2021-04-17
10 months crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
www.google.de
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.hit.ua
Sectigo RSA Domain Validation Secure Server CA
2020-02-20 -
2021-02-22
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
aj1913.online
Let's Encrypt Authority X3
2020-04-28 -
2020-07-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.google.de
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh

This page contains 11 frames:

Primary Page: https://fex.net/get/043836459638/1034929369
Frame ID: 0FDC92C489FFCB3B3E604442DF40AE88
Requests: 34 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: D0A91DDD80F0A5AE4F047FAC9117469C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html
Frame ID: A4C1A02F3FFF2E07B6CCD80A5DAD8FB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=600&slotname=3594821738&adk=2031901507&adf=3279755396&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283689770&bpp=15&bdt=45&idt=64&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=5&pv=2&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=951233884&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=120&ady=114&biw=1600&bih=1200&isw=300&ish=600&ifk=1196825584&scr_x=0&scr_y=0&eid=36998751%2C42530473%2C42530475%2C44717727&oid=3&pvsid=1360368446984068&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.9cwfwfwxyhgp&fsb=1&dtd=82
Frame ID: 12170D2B57254CE3D771297ADE0A37B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 78FD34A6247CDA9D3545A4785DA5C6D5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 1C5445C552EEDC380864DAB5EF195A11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=600&slotname=3594821738&adk=2031901507&adf=3279755399&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283689930&bpp=5&bdt=60&idt=56&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=5&pv=1&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=803496692&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=114&biw=1600&bih=1200&isw=300&ish=600&ifk=1196825584&scr_x=0&scr_y=0&eid=42530473%2C42530475&oid=3&pvsid=2501696130670708&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.mxer901zi05e&fsb=1&dtd=74
Frame ID: 038D6C35CDC9FCD1690479A89CEE9ABB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 9220D15C91A45CB7F66740D8829931D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: CD685C38AA4165390AA5FFED9B001D3B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=200&slotname=7672271343&adk=1928804621&adf=3279755398&w=1200&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x200&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283690152&bpp=1&bdt=79&idt=111&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=1&pv=1&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=293581811&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3960015391&scr_x=0&scr_y=0&eid=42530473%2C42530475&oid=3&pvsid=1628618054148613&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.zhlcap5n91tc&fsb=1&dtd=236
Frame ID: 2FFAE75EF7AFBBBBFC108F4D5417DD4C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 46D7F154D84356B6A1C3F5B400660383
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

66
Requests

100 %
HTTPS

78 %
IPv6

15
Domains

20
Subdomains

17
IPs

6
Countries

1668 kB
Transfer

5640 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://mc.yandex.ru/watch/61504924?wmode=7&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592283685730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200616070127%3Aet%3A1592283688%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1571120682891%3Arqn%3A1%3Arn%3A601313731%3Ahid%3A455560197%3Ads%3A1531%2C100%2C46%2C2%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A28175%3Ahl%3A2%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592283688%3Au%3A159228368826167425%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET HTTP 302
  • https://mc.yandex.ru/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592283685730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200616070127%3Aet%3A1592283688%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1571120682891%3Arqn%3A1%3Arn%3A601313731%3Ahid%3A455560197%3Ads%3A1531%2C100%2C46%2C2%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A28175%3Ahl%3A2%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592283688%3Au%3A159228368826167425%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET
Request Chain 13
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=257018139&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUAB~&jid=655156678&gjid=905635160&cid=1383704889.1592283688&tid=UA-134700492-1&_gid=1351031652.1592283688&_r=1&gtm=2ou640&z=1075127073 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_gid=1351031652.1592283688&gjid=905635160&_v=j82&z=1075127073 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_v=j82&z=1075127073 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_v=j82&z=1075127073&slf_rd=1&random=2360865077
Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=257018139&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&dp=%2Fget%2F043836459638%2F1034929369&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUAB~&jid=217441088&gjid=1378065014&cid=1383704889.1592283688&tid=UA-134700492-1&_gid=1351031652.1592283688&_r=1&cd2=1592283688275.99o9vcyu&cd3=anonymous&z=2023000565 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_gid=1351031652.1592283688&gjid=1378065014&_v=j82&z=2023000565 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_v=j82&z=2023000565 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_v=j82&z=2023000565&slf_rd=1&random=3396547651

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 1034929369
fex.net/get/043836459638/
8 KB
3 KB
Document
General
Full URL
https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ace891d6f2f03389618bfc970cb59222be4924252d7b38e49bda0e3422e8b08c

Request headers

:method
GET
:authority
fex.net
:scheme
https
:path
/get/043836459638/1034929369
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.12.2
date
Tue, 16 Jun 2020 05:01:27 GMT
content-type
text/html
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
etag
W/"5ede9dcb-1ef9"
content-encoding
gzip
css
fonts.googleapis.com/
6 KB
764 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44d59ca1ae59a9936a7c29a788593fedae3ddb7dd047c65634de9d5ec3b71de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Jun 2020 05:01:27 GMT
server
ESF
date
Tue, 16 Jun 2020 05:01:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jun 2020 05:01:27 GMT
45oc6pbsac03.js
cdn.plrjs.com/player/yk4kbi43598hf/
510 KB
176 KB
Script
General
Full URL
https://cdn.plrjs.com/player/yk4kbi43598hf/45oc6pbsac03.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.79.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.79.9.176.clients.your-server.de
Software
nginx /
Resource Hash
a57c8c5c24061a8a0917bfb02a78873cf90df198a68ba0beddb9d502d789fc56

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Jun 2020 05:01:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Mar 2020 22:07:00 GMT
Server
nginx
ETag
W/"5e5c3204-7f6f8"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
26.e40f41ea.chunk.css
fex.net/client/desktop/static/css/
82 KB
12 KB
Stylesheet
General
Full URL
https://fex.net/client/desktop/static/css/26.e40f41ea.chunk.css
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
server
nginx/1.12.2
etag
W/"5ede9dcb-146d0"
strict-transport-security
max-age=31536000, max-age=31536000
content-type
text/css
status
200
cache-control
max-age=43200
x-xss-protection
1; mode=block
expires
Tue, 16 Jun 2020 17:01:27 GMT
main.ddee2b89.chunk.css
fex.net/client/desktop/static/css/
196 KB
51 KB
Stylesheet
General
Full URL
https://fex.net/client/desktop/static/css/main.ddee2b89.chunk.css
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
61c2a1b9036ec29f0d41112a6cfd98b1d492079ceddf77508287e87e35e3254b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
server
nginx/1.12.2
etag
W/"5ede9dcb-31129"
strict-transport-security
max-age=31536000, max-age=31536000
content-type
text/css
status
200
cache-control
max-age=43200
x-xss-protection
1; mode=block
expires
Tue, 16 Jun 2020 17:01:27 GMT
polyfill.min.js
cdn.polyfill.io/v2/
222 B
637 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2991472
detected-user-agent
Chrome/83.0.4103
status
200
request_came_from_shield
HHN
server-timing
HIT, fastly;desc="Edge time";dur=0, MISS-CLUSTER, fastly;desc="Edge time";dur=12
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Tue, 12 May 2020 13:13:14 GMT
date
Tue, 16 Jun 2020 05:01:27 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
26.23c61f44.chunk.js
fex.net/client/desktop/static/js/
1 MB
403 KB
Script
General
Full URL
https://fex.net/client/desktop/static/js/26.23c61f44.chunk.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9dbe2b3eb373924213f8b7889e33731c396411beaa4617ee6619f8b047a10a7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
server
nginx/1.12.2
etag
W/"5ede9dcb-172dc6"
strict-transport-security
max-age=31536000, max-age=31536000
content-type
application/javascript
status
200
cache-control
max-age=43200
x-xss-protection
1; mode=block
expires
Tue, 16 Jun 2020 17:01:27 GMT
main.db3015a5.chunk.js
fex.net/client/desktop/static/js/
1 MB
265 KB
Script
General
Full URL
https://fex.net/client/desktop/static/js/main.db3015a5.chunk.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
7cea1770ae29be0bc618647d9fc699e438aebb1bc4d89071e24531aaa5cc9591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
server
nginx/1.12.2
etag
W/"5ede9dcb-13ea20"
strict-transport-security
max-age=31536000, max-age=31536000
content-type
application/javascript
status
200
cache-control
max-age=43200
x-xss-protection
1; mode=block
expires
Tue, 16 Jun 2020 17:01:27 GMT
tag.js
mc.yandex.ru/metrika/
359 KB
91 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0b433c0f8b949b33e1296f58020be5649d9e85d60ef6f3f2df2dae37c3c34ba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Jun 2020 05:01:27 GMT
Content-Encoding
br
Last-Modified
Wed, 10 Jun 2020 15:32:49 GMT
Server
nginx/1.14.2
ETag
"5ee0fd21-16bee"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93166
Expires
Tue, 16 Jun 2020 06:01:27 GMT
1
mc.yandex.ru/watch/61504924/
Redirect Chain
  • https://mc.yandex.ru/watch/61504924?wmode=7&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592283685730%3As%3A1600x1200x24%3Ask%3A1%3Ahd...
  • https://mc.yandex.ru/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592283685730%3As%3A1600x1200x24%3Ask%3A1%3A...
152 B
695 B
XHR
General
Full URL
https://mc.yandex.ru/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592283685730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200616070127%3Aet%3A1592283688%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1571120682891%3Arqn%3A1%3Arn%3A601313731%3Ahid%3A455560197%3Ads%3A1531%2C100%2C46%2C2%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A28175%3Ahl%3A2%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592283688%3Au%3A159228368826167425%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e8dfcdd63d1a744a0ae108c9cc103c7d97969fc8e79908ef0d9c23be9cf6178b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Jun 2020 05:01:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16-Jun-2020 05:01:28 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fex.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Tue, 16-Jun-2020 05:01:28 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Jun 2020 05:01:28 GMT
Last-Modified
Tue, 16-Jun-2020 05:01:28 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://fex.net
Strict-Transport-Security
max-age=31536000
Location
/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592283685730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200616070127%3Aet%3A1592283688%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1571120682891%3Arqn%3A1%3Arn%3A601313731%3Ahid%3A455560197%3Ads%3A1531%2C100%2C46%2C2%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A28175%3Ahl%3A2%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592283688%3Au%3A159228368826167425%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 16-Jun-2020 05:01:28 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/26.23c61f44.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
1310
date
Tue, 16 Jun 2020 04:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 16 Jun 2020 06:39:38 GMT
js
www.googletagmanager.com/gtag/
83 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-134700492-1
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/26.23c61f44.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0681544adb9cc61f85ddcb26b17ca5f3d2f6034e8e378db69e587737240bfc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:28 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33234
x-xss-protection
0
last-modified
Tue, 16 Jun 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Jun 2020 05:01:28 GMT
translations.json
fex.net/client/desktop/locales/en/
163 KB
33 KB
Fetch
General
Full URL
https://fex.net/client/desktop/locales/en/translations.json
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/26.23c61f44.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ce7f086853eb1fc61de4c63cdf5ee23f0b3a5006536cd5356f91e2d20b2d43cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
server
nginx/1.12.2
etag
W/"5ede9dcb-28cda"
strict-transport-security
max-age=31536000, max-age=31536000
content-type
application/json
status
200
x-xss-protection
1; mode=block
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Jun 2020 05:01:28 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 16 Jun 2020 06:01:28 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=257018139&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20Fi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_gid=1351031652.1592283688&gjid=905635160&_v=j82&z=1075127073
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_v=j82&z=1075127073
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_v=j82&z=1075127073&slf_rd=1&random=2360865077
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_v=j82&z=1075127073&slf_rd=1&random=2360865077
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=655156678&_v=j82&z=1075127073&slf_rd=1&random=2360865077
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anonymous
api.fex.net/api/v1/config/
3 KB
3 KB
Fetch
General
Full URL
https://api.fex.net/api/v1/config/anonymous
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.db3015a5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b835e0c970938260304c84460d4102ef596abb10345eb906ced979ce3b289f2a

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Jun 2020 05:01:28 GMT
server
nginx/1.12.2
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fex.net
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow, noindex, nofollow
content-length
2564
10.894eb50e.chunk.js
fex.net/client/desktop/static/js/
2 KB
1 KB
Script
General
Full URL
https://fex.net/client/desktop/static/js/10.894eb50e.chunk.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
4e9c00112282e2170be5913ca1b42b2aff0ad3579df00e28f8faebb8d9e43ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jun 2020 20:21:31 GMT
server
nginx/1.12.2
etag
W/"5ede9dcb-79b"
strict-transport-security
max-age=31536000, max-age=31536000
content-type
application/javascript
status
200
cache-control
max-age=43200
x-xss-protection
1; mode=block
expires
Tue, 16 Jun 2020 17:01:28 GMT
hit
c.hit.ua/
313 B
591 B
Script
General
Full URL
https://c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=-120&w=1600&h=1200&d=24&r=&u=https%3A//fex.net/get/043836459638/1034929369&0.9700550166765687
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.db3015a5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
1f3b9c2e38b2e278bed30abcd3b7f87370c265923594b718e1a24b9d07f2004a

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:29 GMT
server
nginx/1.17.9
p3p
policyref="/w3c/p3p.xml", CP="UNI"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
application/x-javascript
expires
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=257018139&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&dp=%2Fget%2F043836459638%2F1034929369&ul=en-us&de=UTF-8&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_gid=1351031652.1592283688&gjid=1378065014&_v=j82&z=2023000565
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_v=j82&z=2023000565
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_v=j82&z=2023000565&slf_rd=1&random=3396547651
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_v=j82&z=2023000565&slf_rd=1&random=3396547651
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134700492-1&cid=1383704889.1592283688&jid=217441088&_v=j82&z=2023000565&slf_rd=1&random=3396547651
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
96 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=257018139&t=pageview&_s=2&dl=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUAB~&jid=&gjid=&cid=1383704889.1592283688&tid=UA-134700492-1&_gid=1351031652.1592283688&gtm=2ou640&cd2=1592283688275.99o9vcyu&cd3=anonymous&z=1120300623
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 09:37:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
415452
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
Origin
https://fex.net

Response headers

date
Tue, 09 Jun 2020 03:22:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:45 GMT
server
sffe
age
610730
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
expires
Wed, 09 Jun 2021 03:22:38 GMT
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
Origin
https://fex.net

Response headers

date
Sat, 13 Jun 2020 02:28:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:36 GMT
server
sffe
age
268356
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13848
x-xss-protection
0
expires
Sun, 13 Jun 2021 02:28:52 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
Origin
https://fex.net

Response headers

date
Tue, 09 Jun 2020 21:59:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:48 GMT
server
sffe
age
543726
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14096
x-xss-protection
0
expires
Wed, 09 Jun 2021 21:59:22 GMT
4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
fonts.gstatic.com/s/ubuntu/v14/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
Origin
https://fex.net

Response headers

date
Thu, 11 Jun 2020 02:36:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:43 GMT
server
sffe
age
440709
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8128
x-xss-protection
0
expires
Fri, 11 Jun 2021 02:36:19 GMT
0c34d1aa.js
aj1913.online/
35 KB
13 KB
Script
General
Full URL
https://aj1913.online/0c34d1aa.js?allpages
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/26.23c61f44.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
1c31deb324c3ca989b65531a955466cabe9c7fec6bb49f35fced9eb97a0eaf31

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:28 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"0306f4840eb0a029623095f034465ba76"
vary
Accept-Encoding
content-type
application/javascript
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0049bdbe0c706b8ee38a3682a98e86c07d6049da7ff974b51430bbd0b8b44f60

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
0c34d1aa.js
aj1913.online/
35 KB
13 KB
Script
General
Full URL
https://aj1913.online/0c34d1aa.js?NotFoundPage
Requested by
Host: fex.net
URL: https://fex.net/client/desktop/static/js/26.23c61f44.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4976dc9ecb05566c9979e6e17a04930eca5d7a4c8ba3b8ce27c311a0795b02ad

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:28 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"0010735d28059f0dc0000eb797cf96950"
vary
Accept-Encoding
content-type
application/javascript
z7pheFEmrnq-Flf8isMbSE--qGgvJ5pWQSdLhLvrIssBYbl18BRQ-GPEP62mw7c7hpU1izuuciOOZV1EhgqC2WYEb6XJ1V7h-EZ6pPp82xnLE-M6FqwdWzg5gZykEZaEodkENML-zufouaFf1fleunuXC6XTvNgxLxqK184SAh5PwjqXSaVbUl5dZ5Ncil2yJvNq2...
aj1913.online/
931 B
1 KB
XHR
General
Full URL
https://aj1913.online/z7pheFEmrnq-Flf8isMbSE--qGgvJ5pWQSdLhLvrIssBYbl18BRQ-GPEP62mw7c7hpU1izuuciOOZV1EhgqC2WYEb6XJ1V7h-EZ6pPp82xnLE-M6FqwdWzg5gZykEZaEodkENML-zufouaFf1fleunuXC6XTvNgxLxqK184SAh5PwjqXSaVbUl5dZ5Ncil2yJvNq2Z0Ft7nobX_SI1U6ljgeTfzier0BFg7fQM97dcKONYgmty0YFDBm_MxVcP2DwIcWOmFLuaMb5-p-mnG5C2LcngWW-EeDRF-rDGMa6BSjhNRjX0NQGWy_c-R-qouQBKefq3refuRf8pOmz1c50h2f3cut0zjP4JJiera2Cn1qRlCOAKSOEXAnuowvNIQyWhSDguOchkAmz1CHxgst2QmrdvLCRK_Rb3KnWfoYfOCcm0cM8v_CduBnn_MqHQT9gpc803PSm9g?
Requested by
Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2abc7d97153ea47acc4f6e534f32a4b76508abf219b8298c5b48b4a752cd5e82

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:29 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://fex.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
931
expires
0
zYFPGacOsuy-w2LGGpJF9TVjInxB1BGyXQ30sPspyB96Y7tYg_r2MjYVCbQw2djWFY0UjrWC0lSLTK5etLzayKmO00Oodr4we_y490986OfFBK_ulQxeGgZJRfZ6BSm669FTGbCbGQqIBRqvrDQxK-G8seMsPHKRRZKnhWCs7wwH-Qizts6CEL7U1Niu5Yw3c0Jrd...
aj1913.online/
931 B
1 KB
XHR
General
Full URL
https://aj1913.online/zYFPGacOsuy-w2LGGpJF9TVjInxB1BGyXQ30sPspyB96Y7tYg_r2MjYVCbQw2djWFY0UjrWC0lSLTK5etLzayKmO00Oodr4we_y490986OfFBK_ulQxeGgZJRfZ6BSm669FTGbCbGQqIBRqvrDQxK-G8seMsPHKRRZKnhWCs7wwH-Qizts6CEL7U1Niu5Yw3c0JrdFIg77H2YfLul6L4ITDm9Q_9xQOnU5CvPVN8trjSND6AcNqhoreMkLoXkw14jodvAQ7NaJRJU4QIZYN4JRPOzid8ilHf1pcp_G5Zn-bPx0ilurFl3Wr_bchnUTiMAH_pnbfHu_yJTyvb2AriKSqBjYiqcoeE5gJdGvJ1rCC3EUVuFpPJoWLW16kza212ULlbW_3Mi2ur_HE6Xd7fal5e0ysrnOUHtHBHJRnuLZGjJOrUXvUoEhJlOQGARVvFros8wi6Xyqg?
Requested by
Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
093b23213dd68441eaa26d591631bfd3d87c982846169952d04e8769b4f47751

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:28 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://fex.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
931
expires
0
zr5npxMeP_u0EfqUCcwZPVJADhnLgGD9DuR3fl8YYDqm8aHjR-PRpzAsmiut4VllvkBhaAhUgKVSEfHSse9g8jb1RxD-R8awERr_aevIuSETkkyycupKSsXVuZOcOIHkzXSwEC5AgJq1GNHc6L9iTszXCMqMMmwWzCfjU_WENAknzLtfbAumU_AcjUVLQww5cEucA...
aj1913.online/
39 KB
14 KB
XHR
General
Full URL
https://aj1913.online/zr5npxMeP_u0EfqUCcwZPVJADhnLgGD9DuR3fl8YYDqm8aHjR-PRpzAsmiut4VllvkBhaAhUgKVSEfHSse9g8jb1RxD-R8awERr_aevIuSETkkyycupKSsXVuZOcOIHkzXSwEC5AgJq1GNHc6L9iTszXCMqMMmwWzCfjU_WENAknzLtfbAumU_AcjUVLQww5cEucAcbsl05x2JdID8GktT3nQxZLE8n-icB58m1qqAllChPiTV77L4GLwv_fGD6gE1zFynmZzK3fuXL0yHzKfsC6xgVE2kVfwdoDjT3vbh_enddM4AY6b2vfjY-LNDf5aPpfZIEW_CKU-XwYXGQHdWwupF4xoYWcXm4wdcgjUIiCt1GG-ZOePY0oLHAR8TAX3ImBa4V1GnvmC_GR_5BA5PAR6CDh3tbYxG1ZACPZ8rO6FLWYDegXAzs76pn6GQZo7o80x1KKh9g?
Requested by
Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4c8723a242d8a2e04d48f38e84c0b197243ca01ce8cca603899ed328f5280b62

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://fex.net
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D0A9
109 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8328672b002bd0c8ae6be67cea4f06f2de546cfe43374dcda5aca365989b8e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
40197
x-xss-protection
0
server
cafe
etag
4799785443895092970
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Jun 2020 05:01:29 GMT
zsTtsKW1_YvQAmPLy2ZsEszLXvjiS6z7dOlfxz4UenxhNzfcQrYAWkqM8cNVXWz8fjbFJjy1l_YiOCAHwKTu4UIo7rEMNQUQyfzByOgOrvZQzRB-VVT3kpP0FgMHyW5tf0q1ywGqxFUR6ZgWjwl-cx3ovBq3ofFvqyiWSq7HbJa_PNaHDRxHfgj6BtDSuljh7WyvI...
aj1913.online/ Frame D0A9
49 B
350 B
Image
General
Full URL
https://aj1913.online/zsTtsKW1_YvQAmPLy2ZsEszLXvjiS6z7dOlfxz4UenxhNzfcQrYAWkqM8cNVXWz8fjbFJjy1l_YiOCAHwKTu4UIo7rEMNQUQyfzByOgOrvZQzRB-VVT3kpP0FgMHyW5tf0q1ywGqxFUR6ZgWjwl-cx3ovBq3ofFvqyiWSq7HbJa_PNaHDRxHfgj6BtDSuljh7WyvI1t_75Y03aFdtLBaHzgjs3rvElCB7pRZqSryoxyaIIc04p3pyyTKhpTn4DoxbgF0Olfn8JJVB55yJHxncuhkiNsGmDmSB8bJz6f9ebPzs3zaJrYZRn_mpFQjYSxI?DC=DO
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:29 GMT
last-modified
Wed, 27 May 2020 08:58:54 GMT
etag
W/"49-1590569934000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame D0A9
109 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fex.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D0A9
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fex.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/ Frame D0A9
218 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83998
x-xss-protection
0
server
cafe
etag
419886144849044271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jun 2020 05:01:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/ Frame A4C1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200610/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 10 Jun 2020 22:00:32 GMT
expires
Wed, 24 Jun 2020 22:00:32 GMT
content-type
text/html; charset=UTF-8
etag
12274286891180784318
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4510
x-xss-protection
0
cache-control
public, max-age=1209600
age
457257
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 1217
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=600&slotname=3594821738&adk=2031901507&adf=3279755396&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283689770&bpp=15&bdt=45&idt=64&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=5&pv=2&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=951233884&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=120&ady=114&biw=1600&bih=1200&isw=300&ish=600&ifk=1196825584&scr_x=0&scr_y=0&eid=36998751%2C42530473%2C42530475%2C44717727&oid=3&pvsid=1360368446984068&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.9cwfwfwxyhgp&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8564894658009468&output=html&h=600&slotname=3594821738&adk=2031901507&adf=3279755396&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283689770&bpp=15&bdt=45&idt=64&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=5&pv=2&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=951233884&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=120&ady=114&biw=1600&bih=1200&isw=300&ish=600&ifk=1196825584&scr_x=0&scr_y=0&eid=36998751%2C42530473%2C42530475%2C44717727&oid=3&pvsid=1360368446984068&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.9cwfwfwxyhgp&fsb=1&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Jun 2020 05:01:30 GMT
server
cafe
content-length
22346
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 16-Jun-2020 05:16:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Jun 2020 05:01:30 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame D0A9
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200610&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a489338d3b131992bb1087464fa75f9acba283c079d6cd2476f081a28c63a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5512
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame D0A9
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591975235565162"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
expires
Tue, 16 Jun 2020 05:01:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 78FD
109 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6abe8b01dcfb7b666c7986f5589f4010e1855cfe61778fa2b5aebcc01abd46f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
40197
x-xss-protection
0
server
cafe
etag
2771208898433665754
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Jun 2020 05:01:29 GMT
zDx4fUgH5Yv25SFljIvn5EzJs55dGRPR4-RUgSS5xSnu44eHY3iLuKMie5iDyPApFL42QYnHvTxnr9fo-dFU7DPPTd1W_r4ag0zElLAlNS6ZUIb8CLHnF_hPweEkpHygObIcqLSbYScvWsa3c1XI4dv6U1frjtb8Ck9eP3hfxwwo2tckFfCQmH2mCw53myAvw1ZAa...
aj1913.online/ Frame 78FD
49 B
350 B
Image
General
Full URL
https://aj1913.online/zDx4fUgH5Yv25SFljIvn5EzJs55dGRPR4-RUgSS5xSnu44eHY3iLuKMie5iDyPApFL42QYnHvTxnr9fo-dFU7DPPTd1W_r4ag0zElLAlNS6ZUIb8CLHnF_hPweEkpHygObIcqLSbYScvWsa3c1XI4dv6U1frjtb8Ck9eP3hfxwwo2tckFfCQmH2mCw53myAvw1ZAazt7YQXlDsR6naGg6PEY0nGC24pdIo2oaoMrsS1nAcuUpoeK3iKKvNiZ4I3WGQ8sF9Lv4yf38KPOjqlUrsAtF74-9jR7BZLE0LHxxDAayqf8vTBhqOF2KHj4xcwo?DC=DO
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:29 GMT
last-modified
Wed, 27 May 2020 08:58:54 GMT
etag
W/"49-1590569934000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D0A9
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Tue, 16 Jun 2020 05:01:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1C54
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Tue, 16 Jun 2020 02:27:00 GMT
expires
Wed, 16 Jun 2021 02:27:00 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9269
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 78FD
109 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fex.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 78FD
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fex.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/ Frame 78FD
218 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83998
x-xss-protection
0
server
cafe
etag
18154689148218973145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jun 2020 05:01:29 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 038D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=600&slotname=3594821738&adk=2031901507&adf=3279755399&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283689930&bpp=5&bdt=60&idt=56&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=5&pv=1&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=803496692&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=114&biw=1600&bih=1200&isw=300&ish=600&ifk=1196825584&scr_x=0&scr_y=0&eid=42530473%2C42530475&oid=3&pvsid=2501696130670708&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.mxer901zi05e&fsb=1&dtd=74
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8564894658009468&output=html&h=600&slotname=3594821738&adk=2031901507&adf=3279755399&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283689930&bpp=5&bdt=60&idt=56&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=5&pv=1&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=803496692&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=114&biw=1600&bih=1200&isw=300&ish=600&ifk=1196825584&scr_x=0&scr_y=0&eid=42530473%2C42530475&oid=3&pvsid=2501696130670708&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.mxer901zi05e&fsb=1&dtd=74
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Jun 2020 05:01:30 GMT
server
cafe
content-length
21779
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 16-Jun-2020 05:16:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Jun 2020 05:01:30 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 78FD
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200609&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610fc71ee11696993802b67c8862489e4eb6080a276c78b0733daff225e56a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5605
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame 78FD
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591975235565162"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
expires
Tue, 16 Jun 2020 05:01:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 78FD
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Tue, 16 Jun 2020 05:01:30 GMT
zyuFROjH6o8wigs9Vd1ZCeYM_b04lS4Z3Y0FmzrEWwnF_-OaAcqK84YGmcP476STxUQE7UrAYw0YQ9kS7JEzqJRHuk_kUavRAgYEzG9rAD74yiITye_XXRTMri04BeMys3yFhtl9ayGg72NYOiMCG1-LedKRRCb4CvzqU7pM3xr6xY-NA5GAkl5n3AIu8R6l4F_7s...
aj1913.online/
43 B
615 B
Image
General
Full URL
https://aj1913.online/zyuFROjH6o8wigs9Vd1ZCeYM_b04lS4Z3Y0FmzrEWwnF_-OaAcqK84YGmcP476STxUQE7UrAYw0YQ9kS7JEzqJRHuk_kUavRAgYEzG9rAD74yiITye_XXRTMri04BeMys3yFhtl9ayGg72NYOiMCG1-LedKRRCb4CvzqU7pM3xr6xY-NA5GAkl5n3AIu8R6l4F_7spwlGJx3Z49k2GT2oykxe41nzSTHWXp551E-4RgbxWu0sDo0f2SkAeZNTz0hAP-8go9X9Gtk7KkpJ9x4WDXYVYnEz4ui1p1EzPMAqKtmaWZgHNK57S3p8JpfukjKvgE-hZo4MBUllkn0vl1hS?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:29 GMT
last-modified
Wed, 27 May 2020 08:58:50 GMT
etag
W/"43-1590569930000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 9220
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Tue, 16 Jun 2020 02:27:00 GMT
expires
Wed, 16 Jun 2021 02:27:00 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9270
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame D0A9
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200610&jk=1360368446984068&bg=!YWKlYnpYXRzSuOEewyoCAAAAbFIAAAAOmQGAR-YPWOW9tAnn8HuSL1DsquTBqILzuxfJnz-0kyU5bglG5OlAjcAdYlNVkz7fwCUpWBj4vWMxfzs6-VXA4hjmsmUVALWij4xwOK8VWtnr02-GVsmeCUKif2eNHS5kKsDN6x4Jv_gwkrDFMTS_0ACREvm1LA3P1X8jkTglZTZv-ZXtDGIGIWrQ41UASI6nsSHo4akL3GmjhYoYcyvjJBnortYyfq6CqZfVsiinRhoHrkdF1X38hiCfmuuRnv23eynqJHAlhUVVxcFTag752TuzogznnD-eMB4-rDaqcdcISgGM-GlDp-pmkiTSBADIuUP_-BMg5gkN-RyIFlTjjntz2OlJlU-XXCjuH1HTJ7jcgo1fZnqZ1r1TkcgMuA7P7aheuXuPmU9VqK6y_E4LANNKpkd_YuUkaq_mQ3GT6WCYKywTRhkZyk8p51ygxwPeXPrWeXeui033jfpBTb_7vp38vL82S70YzrrQPeRz2UqCs36xOLD1V0vmp3MjQL_0KyF7
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame CD68
109 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6abe8b01dcfb7b666c7986f5589f4010e1855cfe61778fa2b5aebcc01abd46f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
40197
x-xss-protection
0
server
cafe
etag
2771208898433665754
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Jun 2020 05:01:30 GMT
integrator.js
adservice.google.de/adsid/ Frame CD68
109 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fex.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CD68
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fex.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/ Frame CD68
218 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83998
x-xss-protection
0
server
cafe
etag
18154689148218973145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jun 2020 05:01:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 78FD
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200609&jk=2501696130670708&bg=!-vml-eFYSNBQtFLTQiQCAAAAWlIAAAARmQGAEfs7KoyA7ay3QEQ10AzJ5cZMrOBAvVve88_jZjGMRBXHQZcr3y2voKDEf4ZoAaU8Wn-NKmfX5srZrqjJw3sA1TzTMZOQ1vysYYlGtGzC4Ow1z-vcXH8oo84N-ROV7fcnTNFTH6e9WIccB10vsemU3bVnediFkjgFfRfXAPMoMuFnJ_Fa8yDTF7yo9ARnOaWf2QR_yOUmkzMIIR4716502yF47mLodITtDMAvDJ1UjUYVDxlaL0XLoEoDNpq66_fp7lDXzFB7xnbSRchjMDHe7_jd9jMjrKtsW9t_YqYDpHqwI-8fabT4CtQIzMbQ0nR7MNWQjczrapNGmF9DrmmgKrG0_vfUKWGhvngZAOxaVuvjy11lkdKP98WJz3Zc2fq6ndTcX3zoLfpu5B9SQiSV7oS4W4U8xAm21G_s_WbXqVg4Voo9PLJqo46CK3EDJOLVBHsWvELlcgMra94d2N6FyXZUgSR0hz1Tgj7Uqo-lzsIoggj8v6fai9yYVpmuFBxB
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2FFA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=200&slotname=7672271343&adk=1928804621&adf=3279755398&w=1200&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x200&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283690152&bpp=1&bdt=79&idt=111&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=1&pv=1&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=293581811&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3960015391&scr_x=0&scr_y=0&eid=42530473%2C42530475&oid=3&pvsid=1628618054148613&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.zhlcap5n91tc&fsb=1&dtd=236
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8564894658009468&output=html&h=200&slotname=7672271343&adk=1928804621&adf=3279755398&w=1200&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x200&url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&ea=0&flash=0&wgl=1&adsid=NT&dt=1592283690152&bpp=1&bdt=79&idt=111&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&correlator=4290318046477&frm=23&ife=1&pv=1&ga_vid=1383704889.1592283688&ga_sid=1592283690&ga_hid=293581811&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3960015391&scr_x=0&scr_y=0&eid=42530473%2C42530475&oid=3&pvsid=1628618054148613&pem=76&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.zhlcap5n91tc&fsb=1&dtd=236
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmHQTnGBxrQ6hYKP4kidwkHI0E4IXVc9MlAhrA7979UdTpcXlQ56BLxdBrO
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Jun 2020 05:01:30 GMT
server
cafe
content-length
205
x-xss-protection
0
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame CD68
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200609&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d98466b73a37c91e0df6489cbca8cf0e6cea725d61159f6ce055ab5c80127042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5589
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame CD68
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591975235565162"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
expires
Tue, 16 Jun 2020 05:01:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CD68
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Tue, 16 Jun 2020 05:01:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 46D7
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fex.net/get/043836459638/1034929369
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fex.net/get/043836459638/1034929369

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Tue, 16 Jun 2020 02:27:00 GMT
expires
Wed, 16 Jun 2021 02:27:00 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9270
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
61504924
mc.yandex.ru/webvisor/
43 B
530 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/61504924?wmode=0&rn=580671447&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&wv-type=3&wv-hit=455560197&wv-part=1&browser-info=ti%3A8%3Aet%3A1592283688%3Aw%3A1600x1200%3Av%3A1877%3Az%3A120%3Ai%3A20200616070127%3Abt%3A1%3Ast%3A1592283691%3Au%3A159228368826167425
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 16 Jun 2020 05:01:30 GMT
Last-Modified
Tue, 16-Jun-2020 05:01:30 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://fex.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 16-Jun-2020 05:01:30 GMT
61504924
mc.yandex.ru/webvisor/
43 B
530 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/61504924?wmode=0&rn=230720515&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&wv-type=3&wv-hit=455560197&wv-part=1&browser-info=ti%3A8%3Aet%3A1592283689%3Aw%3A1600x1200%3Av%3A1877%3Az%3A120%3Ai%3A20200616070127%3Ast%3A1592283691%3Au%3A159228368826167425
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 16 Jun 2020 05:01:30 GMT
Last-Modified
Tue, 16-Jun-2020 05:01:30 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://fex.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 16-Jun-2020 05:01:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD68
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200609&jk=1628618054148613&bg=!wsGlwdlYzbKXVQdc8ZACAAAAnFIAAAAQmQGAgHUDityw5OGgwvJMUZBTXDB1qB_EoA82QDy8sneF4P9J4Hh8JVaOK_E1oNhCN_XXEftXIBdySeSjYD2sV1sTVFxxscIFTeReuCeTbFZPJQaKysVgAXW9VPFOQ7aSdwKYKa6Su3-MwUc7PEjwAROCOfyfkV3KNSJyU8HDEsJHL3vvLeK9bNO9jgtS5yChkafPaq06azD-v_rJVh6k2kipULT942Z4_HTv-OyPDPl7l_pUyoFfDzw-CJe7iF91S59qR3rqt_3wS3AKlV4m6ynwzt3sGkfYO5WYOXtBv5qbZx4JA04aH4fZOPLV2eA5UfuUf1MwUCzCHLnM5aFHEp4sx9-FMZ5JmWTIDnJSiX5aY9ZP5ihXV76E7q-t9qaYDqZlW-uEHX-QggecZ5T4UabLPnxDucChrEbF_0TkFsuh98kqAS3kgbxRzvvicFcmzb2n16rDc2UuGztCEI-5XxkaHpJHv18d1_80n402zp9OhhYcMbvG_2lsdSOtNro8VhJA
Requested by
Host: fex.net
URL: https://fex.net/get/043836459638/1034929369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jun 2020 05:01:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
61504924
mc.yandex.ru/webvisor/
43 B
530 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/61504924?wmode=0&rn=745805190&page-url=https%3A%2F%2Ffex.net%2Fget%2F043836459638%2F1034929369&wv-type=3&wv-hit=455560197&wv-part=2&browser-info=ti%3A8%3Aet%3A1592283691%3Aw%3A1600x1200%3Av%3A1877%3Az%3A120%3Ai%3A20200616070127%3Abt%3A1%3Ast%3A1592283693%3Au%3A159228368826167425
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fex.net/get/043836459638/1034929369
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 16 Jun 2020 05:01:32 GMT
Last-Modified
Tue, 16-Jun-2020 05:01:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://fex.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 16-Jun-2020 05:01:32 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| ym object| webpackJsonp object| Ya object| yaCounter61504924 number| __mobxInstanceCount object| __mobxGlobals function| setImmediate function| clearImmediate object| __core-js_shared__ string| GoogleAnalyticsObject function| ga object| dataLayer object| intlTelInputUtils object| VK object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| clearUserSettings object| pljssglobal undefined| pljssglobalid function| Playerjs function| Hls object| hitua string| txt function| postscribe object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| area51 object| that number| elMax

9 Cookies

Domain/Path Name / Value
.fex.net/ Name: _gat
Value: 1
.fex.net/ Name: _ym_visorc_61504924
Value: w
.fex.net/ Name: _gat_gtag_UA_134700492_1
Value: 1
.fex.net/ Name: _ym_uid
Value: 159228368826167425
.fex.net/ Name: _gid
Value: GA1.2.1351031652.1592283688
.fex.net/ Name: _ym_d
Value: 1592283688
.fex.net/ Name: _ga
Value: GA1.2.1383704889.1592283688
.fex.net/ Name: _ym_isad
Value: 2
fex.net/get/043836459638 Name: b
Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
aj1913.online
api.fex.net
c.hit.ua
cdn.plrjs.com
cdn.polyfill.io
fex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
176.9.79.204
194.106.216.70
212.124.124.19
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2001
2a00:1450:4001:821::2002
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9b
2a02:6b8::1:119
2a04:4e42:1b::621
89.184.81.35
0049bdbe0c706b8ee38a3682a98e86c07d6049da7ff974b51430bbd0b8b44f60
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4
093b23213dd68441eaa26d591631bfd3d87c982846169952d04e8769b4f47751
0b433c0f8b949b33e1296f58020be5649d9e85d60ef6f3f2df2dae37c3c34ba4
1c31deb324c3ca989b65531a955466cabe9c7fec6bb49f35fced9eb97a0eaf31
1f3b9c2e38b2e278bed30abcd3b7f87370c265923594b718e1a24b9d07f2004a
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
2abc7d97153ea47acc4f6e534f32a4b76508abf219b8298c5b48b4a752cd5e82
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
44d59ca1ae59a9936a7c29a788593fedae3ddb7dd047c65634de9d5ec3b71de5
4976dc9ecb05566c9979e6e17a04930eca5d7a4c8ba3b8ce27c311a0795b02ad
4c8723a242d8a2e04d48f38e84c0b197243ca01ce8cca603899ed328f5280b62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9c00112282e2170be5913ca1b42b2aff0ad3579df00e28f8faebb8d9e43ce6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
610fc71ee11696993802b67c8862489e4eb6080a276c78b0733daff225e56a4d
61c2a1b9036ec29f0d41112a6cfd98b1d492079ceddf77508287e87e35e3254b
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
6abe8b01dcfb7b666c7986f5589f4010e1855cfe61778fa2b5aebcc01abd46f6
7cea1770ae29be0bc618647d9fc699e438aebb1bc4d89071e24531aaa5cc9591
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
9a489338d3b131992bb1087464fa75f9acba283c079d6cd2476f081a28c63a12
9dbe2b3eb373924213f8b7889e33731c396411beaa4617ee6619f8b047a10a7e
a0681544adb9cc61f85ddcb26b17ca5f3d2f6034e8e378db69e587737240bfc6
a57c8c5c24061a8a0917bfb02a78873cf90df198a68ba0beddb9d502d789fc56
ace891d6f2f03389618bfc970cb59222be4924252d7b38e49bda0e3422e8b08c
b835e0c970938260304c84460d4102ef596abb10345eb906ced979ce3b289f2a
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
ce7f086853eb1fc61de4c63cdf5ee23f0b3a5006536cd5356f91e2d20b2d43cb
d98466b73a37c91e0df6489cbca8cf0e6cea725d61159f6ce055ab5c80127042
dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8328672b002bd0c8ae6be67cea4f06f2de546cfe43374dcda5aca365989b8e1
e8dfcdd63d1a744a0ae108c9cc103c7d97969fc8e79908ef0d9c23be9cf6178b
ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629