vexfile.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejh...
Effective URL:
https://vexfile.com/download/U7CB3Gcz8V/fad00
Submission: On February 15 via manual (February 15th 2024, 7:56:44 am UTC) from UA — Scanned from DE

Summary HTTP 72 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 21 domains to perform 72 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is vexfile.com.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2024. Valid for: 3 months.

This is the only time vexfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::6815:3192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
3	172.67.181.222 172.67.181.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
7	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 22	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:20:... 2606:4700:20::ac43:4624	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2606:4700:303... 2606:4700:3035::ac43:cc3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:b1d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:86c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
72	18

1 2606:4700:3035::6815:3192 (United States)

ASN13335 (CLOUDFLARENET, US)

stampcomparison.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.174.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

nostop.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.bubblewaves.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.181.222 (United States)

ASN13335 (CLOUDFLARENET, US)

ok.battletrain.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

beevakum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vexfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nsjyfpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4624 (United States)

ASN13335 (CLOUDFLARENET, US)

cmp.setupcmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

deehalig.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:cc3e (United States)

ASN13335 (CLOUDFLARENET, US)

ctrtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:b1d6 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:86c (United States)

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	vexfile.com 1 redirects vexfile.com	5 MB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 24293
7	setupcmp.com cmp.setupcmp.com — Cisco Umbrella Rank: 75670	146 KB
7	beevakum.net beevakum.net — Cisco Umbrella Rank: 170539	41 KB
3	nsjyfpo.com nsjyfpo.com	112 KB
3	deehalig.net deehalig.net — Cisco Umbrella Rank: 336375	15 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213	164 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 6305	299 KB
3	gstatic.com fonts.gstatic.com	69 KB
3	battletrain.xyz ok.battletrain.xyz	5 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10450	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	4 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	pubtrky.com pubtrky.com — Cisco Umbrella Rank: 31980	408 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 31662	528 B
1	ctrtrk.com ctrtrk.com — Cisco Umbrella Rank: 35760	659 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 40496	126 KB
1	bubblewaves.online 1 redirects trk.bubblewaves.online	2 KB
1	go2cloud.org nostop.go2cloud.org — Cisco Umbrella Rank: 339774	523 B
1	stampcomparison.xyz stampcomparison.xyz	1 KB
72	21

	Domain	Requested by
19	vexfile.com	1 redirects ok.battletrain.xyz vexfile.com deehalig.net
9	jouteetu.net	deehalig.net
7	cmp.setupcmp.com	vexfile.com cmp.setupcmp.com
7	beevakum.net	ok.battletrain.xyz beevakum.net stampcomparison.xyz
3	nsjyfpo.com	vexfile.com nsjyfpo.com
3	deehalig.net	vexfile.com deehalig.net
3	securepubads.g.doubleclick.net	vexfile.com securepubads.g.doubleclick.net
3	pro.fontawesome.com	vexfile.com pro.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ok.battletrain.xyz	stampcomparison.xyz ok.battletrain.xyz
2	counter.yadro.ru	1 redirects vexfile.com
2	cdn.jsdelivr.net	vexfile.com stpd.cloud
2	my.rtmark.net	stampcomparison.xyz deehalig.net
2	fonts.googleapis.com	ok.battletrain.xyz vexfile.com
1	pubtrky.com	nsjyfpo.com
1	youradexchange.com	nsjyfpo.com
1	ctrtrk.com	nsjyfpo.com
1	stpd.cloud	vexfile.com
1	trk.bubblewaves.online	1 redirects
1	nostop.go2cloud.org	stampcomparison.xyz
1	stampcomparison.xyz
72	21

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
setupad.com
yiejvik.com

Subject Issuer	Validity	Valid
stampcomparison.xyz GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.go2cloud.org Amazon RSA 2048 M02	`2024-01-22` - `2025-02-19`	a year	crt.sh
battletrain.xyz GTS CA 1P5	`2024-01-15` - `2024-04-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
beevakum.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
vexfile.com GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
stpd.cloud E1	`2024-01-10` - `2024-04-09`	3 months	crt.sh
setupcmp.com GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
deehalig.net R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
nsjyfpo.com GTS CA 1P5	`2024-02-02` - `2024-05-02`	3 months	crt.sh
jouteetu.net R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
ctrtrk.com GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
pubtrky.com GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://vexfile.com/download/U7CB3Gcz8V/fad00
Frame ID: 8E0B55E44E99387C265CB8532C22001C
Requests: 69 HTTP requests in this frame

Frame: https://ctrtrk.com/ut/ctr.php
Frame ID: 883D4BE59B4F59EB3699F61B257A758D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download AndraxV9.js - Step 2 - VexFile.com

Page URL History Show full URLs

https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3d... Page URL
http://trk.bubblewaves.online/aff_c?source=1865&offer_id=35&aff_click_id=&aff_id=1865&aff_sub=14230&aff_su... HTTP 302
https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php... Page URL
https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw HTTP 302
https://vexfile.com/download/U7CB3Gcz8V/fad00 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

72
Requests

99 %
HTTPS

67 %
IPv6

21
Domains

21
Subdomains

18
IPs

5
Countries

6073 kB
Transfer

8462 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://setupad.com/?utm_source=vexfile.com&utm_medium=CMP&utm_campaign=promo

Search URL Search Domain Scan URL

URL: https://yiejvik.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&s1=14230&s2=40560&s3=6&title=AndraxV9.js&source=testoffer Page URL
http://trk.bubblewaves.online/aff_c?source=1865&offer_id=35&aff_click_id=&aff_id=1865&aff_sub=14230&aff_sub2=40560&aff_sub3=6&aff_sub4=&aff_sub5=&aff_unique1=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&aff_unique2=1865&aff_unique3=AndraxV9.js&name=AndraxV9.js&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw HTTP 302
https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5= Page URL
https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw HTTP 302
https://vexfile.com/download/U7CB3Gcz8V/fad00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://trk.bubblewaves.online/aff_c?source=1865&offer_id=35&aff_click_id=&aff_id=1865&aff_sub=14230&aff_sub2=40560&aff_sub3=6&aff_sub4=&aff_sub5=&aff_unique1=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&aff_unique2=1865&aff_unique3=AndraxV9.js&name=AndraxV9.js&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw HTTP 302
https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=

Request Chain 45

https://counter.yadro.ru/hit?t50.5;rhttps%3A//ok.battletrain.xyz/;s1600*1200*24;uhttps%3A//vexfile.com/download/U7CB3Gcz8V/fad00;hDownload%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com;0.001545423281593017 HTTP 302
https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//ok.battletrain.xyz/;s1600*1200*24;uhttps%3A//vexfile.com/download/U7CB3Gcz8V/fad00;hDownload%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com;0.001545423281593017

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 lu39oi Show response
stampcomparison.xyz/ 3 KB
1 KB 334ms
249ms Document
text/html 2606:4700:3035::6815:3192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&s1=14230&s2=40560&s3=6&title=AndraxV9.js&source=testoffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.27
Resource Hash: 75897f40c29a1ca70013653851e4942094b2efe876200053bdb1c489d4619979

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 855bfedaec2b92c3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 07:56:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcsHryLISryYV9BbX0fxoFPebJneJZhm%2FYAfBg4Mpgo4%2BhTj4O8jYHnXD%2FAHT%2FIwOmB4s1eOKShL6m3G72shH99HKkZVMBeL1xiv4sEHhuDjpHd6IcDb%2FcG%2FBn78bVAcc%2BBqt2sG0iWT0bE37HZ0tKoI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.27

GET
H/1.1 200
OK aff_i
nostop.go2cloud.org/ 43 B
523 B 123ms
32ms Image
image/gif 52.210.174.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nostop.go2cloud.org/aff_i?offer_id=35&aff_id=1865&aff_sub=14230&aff_sub2=40560&aff_sub3=6&aff_sub4=&aff_sub5=&source=1865&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Chrome&adv_sub4=&adv_sub3=&adv_sub2=stampcomparison.xyz
Requested by: Host: stampcomparison.xyz
URL: https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&s1=14230&s2=40560&s3=6&title=AndraxV9.js&source=testoffer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stampcomparison.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Feb 2024 07:56:39 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 1025f805adf7893834b94d7c6c1dca
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: aca2f85c10ac5a2a6198ebe919adda99
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/ Show response
ok.battletrain.xyz/ee2/
Redirect Chain

http://trk.bubblewaves.online/aff_c?source=1865&offer_id=35&aff_click_id=&aff_id=1865&aff_sub=14230&aff_sub2=40560&aff_sub3=6&aff_sub4=&aff_sub5=&aff_unique1=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%...
https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14...

6 KB
3 KB

309ms
213ms

Document
text/html

172.67.181.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
Requested by: Host: stampcomparison.xyz
URL: https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&s1=14230&s2=40560&s3=6&title=AndraxV9.js&source=testoffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.181.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 352db1fa8ae92654d21618717c238d356603991d312706d6462d76a11791ca13

Request headers

Referer: https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&s1=14230&s2=40560&s3=6&title=AndraxV9.js&source=testoffer
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 855bfedefa4866da-AMS
content-encoding: br
content-type: text/html
date: Thu, 15 Feb 2024 07:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtrQEcBIywMT%2FjM8Den3F8dnrQzAqz7mrrTvT4sNbxoV05v3sPHurzI%2BrCd%2B%2BS7w%2F8yuNKyhKT6%2FL2eU9FbNFnrdKXf8aFeo3ZcESNUQOkxQJKzoiuRJIyJn3Vsm2eN7b%2BSZn9k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 438
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 15 Feb 2024 07:56:40 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102aeb4705c9cfb3744b3b09405d29
X-Request-Id: 35a0a963a45622934709801b2914dd66
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 402 B
721 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fredoka+One

Requested by

Host: ok.battletrain.xyz
URL: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca76180c2133d7d13de82a1b213bb4d0d1556d2cfd8c5fea78032f3724ec951f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok.battletrain.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 07:32:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Feb 2024 07:56:40 GMT

GET
H2 200 icons.css
ok.battletrain.xyz/ee2/ 1 KB
714 B 209ms
208ms Stylesheet
text/css 172.67.181.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ok.battletrain.xyz/ee2/icons.css
Requested by: Host: ok.battletrain.xyz
URL: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.181.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15d7dddb9141d182250dde30a83b2c1c18796c175468d1b0de7aa9b5924c6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 14 Jul 2019 19:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d2b7faf-46a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6nbniggRWhGw1MtXunh0mjkfFCb%2Fo1c0ENixjTTbjpjBny46RNpWfIRObd%2BuN2VPg9G2kUorj5yATPmCIpDpKiO2sKlytg8ptvg7lgN3UEopoV2Zm8bGUcO9ChX2LnUL1F%2FHpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 855bfee04baa66da-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag.min.js Show response
beevakum.net/pfe/current/ 14 KB
6 KB 49ms
13ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://beevakum.net/pfe/current/tag.min.js?z=2719059&ymid=102aeb4705c9cfb3744b3b09405d29&var=1865
Requested by: Host: ok.battletrain.xyz
URL: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 429a3d1aacb01159ca3622c9d53df69dcc827e678aa49ebc281a8b5cd91cff91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok.battletrain.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:04:19 GMT
server: nginx
etag: W/"65cce483-386a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 1543246333.woff
ok.battletrain.xyz/ee2/ 1 KB
2 KB 210ms
210ms Font
application/font-woff 172.67.181.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ok.battletrain.xyz/ee2/1543246333.woff
Requested by: Host: ok.battletrain.xyz
URL: https://ok.battletrain.xyz/ee2/icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ok.battletrain.xyz/ee2/icons.css
Origin: https://ok.battletrain.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 14 Jul 2019 19:17:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d2b7fae-478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRFZfNCQar0I0OKTMN%2BegZ2bnVTaiQYdYT8ihgUSSawYxPyWplcnuJl0DZ%2F9BFhyzHMVhNCIe6ImCbr2cufYH3Y844mjFH32XoRdmTT8ylW7yPkOf4NC%2BsBZ7tK4VcOSTAXMWDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 855bfee19b899113-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v14/ 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fredoka+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ok.battletrain.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:17:34 GMT
x-content-type-options: nosniff
age: 167946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15596
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:17:34 GMT

GET
H2 200 universal.min.js Show response
beevakum.net/pfe/current/ 86 KB
33 KB 37ms
12ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://beevakum.net/pfe/current/universal.min.js?v=3.1.484
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/tag.min.js?z=2719059&ymid=102aeb4705c9cfb3744b3b09405d29&var=1865
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6f27461da8de19f27e71256239f3ffe714f4523d68693f09bcbc0f33f0eb10db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok.battletrain.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:04:19 GMT
server: nginx
etag: W/"65cce483-1583b"
content-type: application/javascript
access-control-allow-origin: https://ok.battletrain.xyz
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
beevakum.net/ 908 B
1 KB 17ms
17ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beevakum.net/zone?pub=0&zone_id=2719059&is_mobile=false&domain=ok.battletrain.xyz&var=1865&ymid=102aeb4705c9cfb3744b3b09405d29&var_3=&tg=0&sw=3.1.484&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: beevakum.net
URL: https://beevakum.net/pfe/current/tag.min.js?z=2719059&ymid=102aeb4705c9cfb3744b3b09405d29&var=1865

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

541eb448d5b7d1d6673c38e7003488491fbce160f334a6247adebafcb2e51d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok.battletrain.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 5c09088dbf406c85b74ab4a14436eb3d
date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 908

OPTIONS
H2 200 custom
beevakum.net/ Frame 0
0 12ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://beevakum.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ok.battletrain.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ok.battletrain.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 15 Feb 2024 07:56:40 GMT
server: nginx

POST
H2 200 custom
beevakum.net/ 39 B
333 B 13ms
12ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beevakum.net/custom

Requested by

Host: stampcomparison.xyz
URL: https://stampcomparison.xyz/lu39oi?o=35&url=https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&s1=14230&s2=40560&s3=6&title=AndraxV9.js&source=testoffer

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ok.battletrain.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 0aaa782b2bb7cfaf54cbf55c62b73721
date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
beevakum.net/ Frame 0
0 12ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://beevakum.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ok.battletrain.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ok.battletrain.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 15 Feb 2024 07:56:40 GMT
server: nginx

POST
H2 200 custom
beevakum.net/ 39 B
333 B 12ms
12ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beevakum.net/custom

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ok.battletrain.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: e5e68bb0e5994db4eee85c2c7151ae47
date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H2

200

Primary Request fad00 Show response
vexfile.com/download/U7CB3Gcz8V/
Redirect Chain

https://vexfile.com/dw.php?t=aHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw
https://vexfile.com/download/U7CB3Gcz8V/fad00

12 KB
4 KB

47ms
46ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Requested by: Host: ok.battletrain.xyz
URL: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbd1c7469190c55700b080de33db8606a2ffec17570d2697c53c2ab85e05536

Request headers

Referer: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 855bfee2d9d1bb35-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 07:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6vaoDU8O2yJUCgy2xDfGKQniAhz7w%2F1Hu5R36CUXXkZfAc0y2jUCjDZHjQeCkAkeDSbTANxcrFXEkXPf7EEBuE8FKeU43zeQ1c2P9ohdrMaDTTjw2HQSCq60XS58sYIBYsxMslEjgfaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 855bfee2b9a0bb35-FRA
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 07:56:40 GMT
location: https://vexfile.com/download/U7CB3Gcz8V/fad00
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvHT5E6fjjZLM4PqgbZiGfUZuBdYtFl9BY%2BJdaxj0%2F607ZHhAoca9qU4VTm7IsjtlFgpJ%2FttQ45%2BI8MFYW0ZxP5hXGIeU0V94EdxcwI8s0%2FkGM%2FK%2BR5sKeuh%2BFfEKIt9w1ySUcApE99bHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 gid.js
my.rtmark.net/ 65 B
547 B 50ms
15ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=df6ba36318834947adff600b0081bac3&zoneId=2719059&checkDuplicate=true&ymid=102aeb4705c9cfb3744b3b09405d29&var=1865

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok.battletrain.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ok.battletrain.xyz
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.0/css/ 153 KB
29 KB 76ms
33ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
server: cloudflare
x-amz-request-id: 1ABXPERJWMB9XC1W
age: 6668545
etag: W/"aa1272633e7e552395d147a499bad186"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 855bfee37e4236dc-FRA
x-amz-id-2: 50KUbgfoaGB/7VUCZM2kHFiwBKhqg3DzYycIdqOGXmN5gf9hIcIZTntU6rkT+lGwWN2MiqLo8zA=

GET
H3 200 bootstrap.min.css
vexfile.com/alt/css/ 227 KB
33 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/css/bootstrap.min.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c123551432f10a965b8a9f706d3a8f9ed36e1564620f520de64cdf5bfe6dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3261
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:48 GMT
server: cloudflare
etag: W/"65534af0-38df9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MGpuzXuZjnOGjPlOKD8pMVSRNqobUckU7FL5wvYhVRaLsdSLGst3PWnFzhHEZWTAXWsJ6PT4dC27UC56is1vCarR5lJujA%2BaqGQzrpeXsGgag9i2u00fUgsCISgv%2B0LbX0r3DNxSXzfeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 855bfee32c816987-FRA
expires: Sat, 16 Mar 2024 07:02:19 GMT

GET
H3 200 aos.css
vexfile.com/alt/css/ 49 KB
3 KB 23ms
21ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/css/aos.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fef4d16009dd3157897c77a8a193e6c6b6d9f28ff7ea85cdc887a3d5dc78cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78823
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:48 GMT
server: cloudflare
etag: W/"65534af0-c5e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRq3gELfx85xxK9Egw%2BCwIVrglVa4PeCBvxMFqxYkBIQWN2Z3UHCbgtsCX8ScPcPCNSOcxRnIRcHi0FElTi3PvfjvmHUv0htBm7eTxabbZ9uvNa3DpBEJTJkQ6GJJtCLQ%2FBYt1AdlfDzkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 855bfee32c826987-FRA
expires: Fri, 15 Mar 2024 10:02:57 GMT

GET
H3 200 slick.css
vexfile.com/alt/css/ 2 KB
1 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/css/slick.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:48 GMT
server: cloudflare
etag: W/"65534af0-767"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYRqvMl3YEIcam4MibpP1SwxpTg5RP5Ek9m%2B9lzGYs1AkPPmA9%2BYfKRqqaVwWFAcYJ0HqvhbLNc19UW5PiwRWEyvjaYRkoQp6pj4%2BEtb0vAs7CDEEiE4PuqYGxV9mSZU926qYdc0obo5eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 855bfee32c836987-FRA
expires: Sat, 16 Mar 2024 07:24:43 GMT

GET
H3 200 style.css
vexfile.com/alt/css/ 25 KB
5 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/css/style.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d2a5a8debedcbcd039c2d8e032ee1ce924c65e07164f86f8e76ea54cc232ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46669
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:48 GMT
server: cloudflare
etag: W/"65534af0-6230"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXrCxOumxQ69yjP%2FAgYx2XKxdlEZ%2FEhEevM0fRBA4hb7QCCD7M1WY5A4TlOjPHHNLyIdo3YPOGeS7H27pv9KmBbouJeSmPZJhW5QmIOzikNFNEvNV6bRdfb0Vqu0EDm5sVG1i5dHy50T7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 855bfee32c846987-FRA
expires: Fri, 15 Mar 2024 18:58:51 GMT

GET
H3 200 responsive.css
vexfile.com/alt/css/ 12 KB
2 KB 39ms
38ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/css/responsive.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eef8ddd4c0a861369641adc7ca252f49f8f38aa2c794e5187cbdecdcd12d406b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78823
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:48 GMT
server: cloudflare
etag: W/"65534af0-3127"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm4IocRmcB3nnT%2FbK14%2BdcQkFClSIigxKhbmi6EJGYSNzmBjCdPeq5j%2B%2FTX5DTzi%2BMjtRprMlUQVgxMfNbEGMa8Ek0x6cqKclAnRWohX4HQJSklPDnXE099Yxsg8ubF7I%2BTSLm2QFhK2xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 855bfee32c866987-FRA
expires: Fri, 15 Mar 2024 10:02:57 GMT

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 42ms
16ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6587842
x-jsd-version: 0.6.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230139-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zZ0JG00cc8pBxDOVpkwqT%2BgFwnAjtdUBhYRSQdiCpthfssx7Z4fTjWW3Pb7%2FitSvC4aQHKw%2B6e3fl3Ar1xLmKftJs5QoJKuoPuUDlk%2BT8E%2BO1V%2FBRXyRQPEJKGboxvUPxJ38AHMZeMi1Vk19V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 855bfee35cb61e32-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 73ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d26b07a8759540a90705c7633f1c6a2ab66f3a24e547bedde04e69dd78e502c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29053
x-xss-protection: 0
server: cafe
etag: 496 / 19768 / 31081119 / config-hash: 6992429126854908617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 07:56:40 GMT

GET
H2 200 6818 Show response
stpd.cloud/saas/ 411 KB
126 KB 194ms
142ms Script
text/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/6818
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b03a6e9e1ec1600b8575f6704f44dec6337d07196d65a405befb7ad0569985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: s-maxage=300
cf-ray: 855bfee4087d906a-FRA
stpdhash: true

GET
H2 200 cmp-stub.js Show response
cmp.setupcmp.com/cmp/cmp/ 1 KB
1 KB 64ms
15ms Script
text/javascript 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.setupcmp.com/cmp/cmp/cmp-stub.js
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 3jfo58Cotbsu8TxBvJOgIw==
age: 1842
x-ms-lease-status: unlocked
last-modified: Tue, 28 Nov 2023 10:43:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KwlH2xrtNZz5YAKxwTuDl59AWrJ%2B4R4%2FPmjVA8ZykLC2uhtVsOC8CaMbgb24hPBL8MzKfFyzPwCsY6LD2YB4hjgnNCjZEZ1pzCiBL7%2FaiFQlH0aJwf5bUqcg%2BiKOvUrr9lPnlkn24SZTDEMmv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: cc782c9f-901e-0024-4cb6-2d85a6000000
access-control-expose-headers: country
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 855bfee37adb37da-FRA

GET
H2 200 cmp-v1.js Show response
cmp.setupcmp.com/cmp/cmp/ 114 KB
32 KB 20ms
18ms Script
text/javascript 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b816d454f16348a3c36024b8f021babf698d02547935526f309ca87e4c01e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: SBZ0uJ8Qxjra8RtTu7ua1Q==
age: 6877
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 07:54:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz6X%2BjJuhV8hLcfjKOg3JF3BIyLiJ%2FOhsoAjAGCOZRSNdstAgDYam6GM4G%2BqEq1LGhDoOHvnPcac3O7B3s5ZyVhvCFbFBlzzBrP19ZWmNNnwNrZ1NT2xrQKy7mrWqEFpAsVMjhxL0evlL2mdlI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 8c120d70-301e-0060-6a08-580f99000000
access-control-expose-headers: country
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 855bfee3bb2737da-FRA

GET
H3 200 logo@2x.png
vexfile.com/alt/images/ 8 KB
8 KB 40ms
39ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/alt/images/logo@2x.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1545c8a0819e532f98768e8be2669754e112b5b8cd6999555df0b6ff98ba5b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916
alt-svc: h3=":443"; ma=86400
content-length: 7925
last-modified: Tue, 14 Nov 2023 10:24:57 GMT
server: cloudflare
etag: "65534af9-1ef5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEWyMyHrG7u7v5312QOAardGTN1%2FTx06y%2B5NFkVGd7yy3IpAxftCdIuPxoVbZJNLYrsu3xe6y7fMhIo%2FkMHrpV4CgYJP0ALK7ozUU31vxAUfo2YQFlxRsdlyEgsoIxC1MNuv4lRRsDnGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 855bfee32c896987-FRA
expires: Sat, 16 Mar 2024 07:24:44 GMT

GET
H3 200 banner-shp.png
vexfile.com/alt/images/ 3 MB
3 MB 25ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/alt/images/banner-shp.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a567da199b248e62e8d3194326b2f4a2dbad814e9b1f510e96e825d1267ddec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249156
alt-svc: h3=":443"; ma=86400
content-length: 3207966
last-modified: Tue, 14 Nov 2023 10:24:54 GMT
server: cloudflare
etag: "65534af6-30f31e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fleR6OgW2isWc%2BOnj%2BhS1cHWaBqYnCtal33bFq%2BPYg%2FZlDCau13Df22QVR3lN%2Fuga%2FWB99tX2HsK9vC6Ecsf8rTdP7VI%2FclKdUntg0zzeFHuPhv%2B%2FlLUYEmxILA%2BvJeFCOgXWAkA55kuwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 855bfee32c8a6987-FRA
expires: Wed, 13 Mar 2024 10:44:04 GMT

GET
H3 200 jquery.js Show response
vexfile.com/alt/js/ 276 KB
81 KB 80ms
80ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/js/jquery.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a051cd343d7193d5804bd7f29fed0632f5f3e52ea64a7041ab0aa0f3dc41432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78822
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:50 GMT
server: cloudflare
etag: W/"65534af2-44e03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mzy%2BJdYhoKOMXEYvi8DuQEVEQ%2FG6ApWTlYjWolFoHLcgyH9jA4hGjYo6%2BGW08LsRSMwzKt2jN42bhTW9lv%2BF%2BllTp6IfKVzq7%2FZo0FlRVp3Smvez8rmMT%2BtiVabdn4q5Z6EB7NTO%2BKxfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee37ce76987-FRA
expires: Fri, 15 Mar 2024 10:02:58 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
vexfile.com/alt/js/ 79 KB
24 KB 46ms
44ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/js/bootstrap.bundle.min.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

243278db80c76a9853019087e9429d86e64dafd302ea3e474e781e2db8bbbcfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:49 GMT
server: cloudflare
etag: W/"65534af1-13b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wLf9L%2Bnn25qZgY8oEq%2FzWVBvReJWv5Xu6o%2FqDyM2kh3EgMA%2BcETfzTIvoz6fLYn6eASIaEYB%2F13SnWFMBPsPtq8wI%2BDigXsDz9FnN5%2BRTouwA9fFJHd5tfNYeUbM2BiO%2BfuddSszutF2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee3bd0d6987-FRA
expires: Sat, 16 Mar 2024 07:24:44 GMT

GET
H3 200 scrollIt.min.js Show response
vexfile.com/alt/js/ 1 KB
1 KB 47ms
46ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/js/scrollIt.min.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6528e8e5cbe450fbb2a902384e0fc67596b1674b137f22baa6abfd593f132e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78821
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:50 GMT
server: cloudflare
etag: W/"65534af2-58b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UolWoRAqDpE9cLNUE7nv1PekFw93c5AocXpH1ycGDaztNcfg%2BGTrysi5pgLWucIB0qvV7tgC14N6XrWGvfzUNozWNkBUQt8UYOVQ5Az%2FdfreG%2FI54C%2F6LzrbALIS90nT8WV6F2oSXJJdNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee3bd0e6987-FRA
expires: Fri, 15 Mar 2024 10:02:59 GMT

GET
H3 200 slick.min.js Show response
vexfile.com/alt/js/ 42 KB
11 KB 48ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/js/slick.min.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78821
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:50 GMT
server: cloudflare
etag: W/"65534af2-a770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lesVjaL5LxxJxPSDjcP6dHWOqehWKKN%2Bv7GlnAzMKFIhNC98D%2FG8Nnq1TxYU8yIQEeTDgDAbmS80AdD2eUaXbkzsUJFzZQhn23enzw9hUGqdMqScr6N%2F7XkXP3wrwnNZm4%2F4OSk%2BJJ7QJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee3bd106987-FRA
expires: Fri, 15 Mar 2024 10:02:59 GMT

GET
H3 200 aos.js Show response
vexfile.com/alt/js/ 18 KB
6 KB 49ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/js/aos.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65fb32d698f81db6f5404785a68784bf138a02787c400552a3628471c1f2c301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78821
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:50 GMT
server: cloudflare
etag: W/"65534af2-48ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xq1oOUigzUHaQ7oLl5V8tBNQYdalnpk9uAMACIaIc%2FXmgo0whBTRMr%2FPH8XUIagAvQX94OWSFvanfcsUwIe%2BqIbhHESh7SCzykD3a0zsUGIUSnSOBdVGGCSQIOnux1ZdzwmVGbMiAaf4Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee3bd116987-FRA
expires: Fri, 15 Mar 2024 10:02:59 GMT

GET
H3 200 custom.js Show response
vexfile.com/alt/js/ 4 KB
1 KB 50ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/alt/js/custom.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bededbb1bb42757ea20e8a7a2328744093e1c6399752abab815cbc4a30a8208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:49 GMT
server: cloudflare
etag: W/"65534af1-ef6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvjB%2Bh6mY8Yb6khJwma%2F8Zem%2FPEaoLN5fDbcjEElwpLeYGsUKABgE%2BERa8Z9MB5wEPl%2FW8fDLUxB9zcy28nkKShJ9zITP0LfIsOmXWXXo31yo7bFcMbv%2BjGM0EaYQD%2BS4gz3Wi35almO2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee3bd126987-FRA
expires: Sat, 16 Mar 2024 07:24:44 GMT

GET
H3 200 a_pp0x1.js Show response
vexfile.com/js/ 2 KB
1 KB 51ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/js/a_pp0x1.js?v=2024021509

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91afa65ae9dce0ceece90f01f8d980d9c3a3152739f8825e5f1207df7a5aa57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 13:02:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6577085f-6c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxTH9edP03k7tsTFAGAi0bYra5OwQHXaeLLfjwxDUcT7mRO8tR0Cit3isyIt6f6NP6TkatDsCT4VjiUj%2BxY8dHrptonAVrvD4P9ZtMfOrWDJyk0U92CYMgT1A6pnk41QgkNWtkimYNsBuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee3bd136987-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Mar 2024 07:56:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 19ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: vexfile.com
URL: https://vexfile.com/alt/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff927b91e08392c3fb51ae171430e5bfb392f3bca8d1db6062bbad7597030272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Feb 2024 07:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 07:56:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Feb 2024 07:56:40 GMT

GET
H3 200 btn-border1.svg
vexfile.com/alt/images/ 651 B
921 B 47ms
46ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/alt/images/btn-border1.svg

Requested by

Host: vexfile.com
URL: https://vexfile.com/alt/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17bd8258a04a3117849f35ef9f32ce06d40b4eda3739efb6621c7d7e87d02d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/alt/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 10:24:57 GMT
server: cloudflare
etag: W/"65534af9-28b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24rBoW7O%2FU%2BKacGVrQ%2FePuM0%2FNb5sankpZiYth3QQ%2B0tsSh3JQ3rwgnjpwH4QsDGljrA4m2tuvkTXax%2BwfXVgC0b6u6yqCLJnDfvs1tQ1xhr39hB77M%2B8U5yTGaYKmMreL%2Fez8r1Ak2eeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 855bfee3bd156987-FRA
expires: Sat, 16 Mar 2024 07:24:44 GMT

GET
H3 200 Noise-Texture.png
vexfile.com/alt/images/ 2 MB
2 MB 47ms
46ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/alt/images/Noise-Texture.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/alt/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ad1557c4ab5241790f536ad1080eda7368e2b0b55369e5c7a43b4a60f3ac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/alt/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916
alt-svc: h3=":443"; ma=86400
content-length: 1806080
last-modified: Tue, 14 Nov 2023 10:24:57 GMT
server: cloudflare
etag: "65534af9-1b8f00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZlJx%2BprjoGr%2BNVrgw6DnUDUE4wswjfcKj3MqNY4nB6iVIjRbpogC0SGOPrMC0z6lbplUugSlkvgdAVJxd7METoRypwO4O51bpyWElzECNVOHvHS5SgkHdhQL8ZXN68J6V7ah73VrYQUfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 855bfee3cd1b6987-FRA
expires: Sat, 16 Mar 2024 07:24:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vexfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:55:56 GMT
x-content-type-options: nosniff
age: 169244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:55:56 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vexfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:14:07 GMT
x-content-type-options: nosniff
age: 146553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 15:14:07 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 120 KB
121 KB 42ms
21ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://vexfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
cf-cache-status: HIT
x-amz-request-id: B2E09ND844CJP5SH
age: 1860383
content-length: 123004
x-amz-id-2: O2WhsjqsIER5AQoP1ZJaQEZ58IVtZwWfjXDOrCnZwFPueBFBtIF3UbIcLXAv+fS4U8zOBgNEQ7bM46J+8nZBYfPhpegyNRUmtCeBfhzjIo8=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "88fd444847dc842d15e229df26571b03"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 855bfee3eea29b98-FRA

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 149 KB
149 KB 57ms
36ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://vexfile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:40 GMT
cf-cache-status: HIT
x-amz-request-id: A8FDVQ8NYTK71SGH
age: 6118544
content-length: 152164
x-amz-id-2: LrL19xKOwUnJH55sQDcD+NxiMittVWWF5PYwIe3J/MavTX4c02JfETJbTbs8lGtauBwqc3+8lhY=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "d4e531cbdfed1cd2094595d8779f28a4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 855bfee3eea69b98-FRA

GET
H2 200 6999.json Show response
cmp.setupcmp.com/cmp/config/ 210 B
842 B 58ms
29ms Fetch
application/octet-stream 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.setupcmp.com/cmp/config/6999.json
Requested by: Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e85139ca7a87928c89e60ba52bc22732d025d7d4542f084cdb616f86d7d074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: aEUVMisivKIzywIUwSwsyg==
content-length: 210
x-ms-lease-status: unlocked
last-modified: Fri, 09 Feb 2024 15:28:46 GMT
server: cloudflare
etag: 0x8DC2983CED32B4B
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpMw9YquJ9P1eRiD%2BAxCvOJcA%2FDAlTp6TM59OTUwKdnykQJApZsFnSyPJUesvMx%2FOuIJNDpsvSUV3hyNQ8qZFq4Q8O4U28c1vrll9X0U%2FetV29qYJ%2Fnopgpokr7hwUSh9jKBHUjkXZZDe%2BHJ6Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 9699baca-b01e-006e-3ee4-5f2629000000
access-control-expose-headers: country
x-ms-version: 2009-09-19
country: DE
cf-ray: 855bfee40a123648-FRA

GET
H2 200 micro.tag.min.js Show response
deehalig.net/pfe/current/ 33 KB
13 KB 54ms
16ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 145a7b44a5f2c3317a559bee3ce95f71afa38b6069a4843d56ad286af32ea0f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:04:19 GMT
server: nginx
etag: W/"65cce483-833a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 utils.js Show response
nsjyfpo.com/script/ 161 KB
50 KB 77ms
30ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsjyfpo.com/script/utils.js
Requested by: Host: vexfile.com
URL: https://vexfile.com/js/a_pp0x1.js?v=2024021509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf87c4f421e8c620595ade56aa4afa6b36eefad0ab75595ac9ca2bedf204ad7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrzCtQgpNQl0ned-mgUJuhkB14xjrvfaa33BxNiF7HwchpIEO0uf0gMy3Uett5knoWfUrUK3OsWZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Feb 2024 12:53:48 GMT
server: cloudflare
etag: W/"b26dc87cbc55131f0f7bb395bea90efe"
vary: Accept-Encoding
x-goog-hash: crc32c=B8ngMA==, md5=sm3IfLxVEx8Pe7OVvqkO/g==
x-goog-generation: 1707224028859520
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymjF%2BUWpGmqIFK%2BvjwnGHCQUyCA%2Box3LEeMBh2MPOCNMkqkRopBYfBxfIvG%2ByiDFU4%2FShOuAbtuP%2FGLsvMo7LC0p8GBA%2FDYMQTL9B6A9FD8dSHQLcD2qWAMb6JsHLWsYgsZWKkAjC970Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 165342
access-control-allow-origin: *
cf-ray: 855bfee4ffce18d4-FRA
expires: Thu, 15 Feb 2024 07:58:56 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t50.5;rhttps%3A//ok.battletrain.xyz/;s1600*1200*24;uhttps%3A//vexfile.com/download/U7CB3Gcz8V/fad00;hDownload%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com;0.001545423...
https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//ok.battletrain.xyz/;s1600*1200*24;uhttps%3A//vexfile.com/download/U7CB3Gcz8V/fad00;hDownload%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com;0.0015454...

140 B
626 B

44ms
44ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//ok.battletrain.xyz/;s1600*1200*24;uhttps%3A//vexfile.com/download/U7CB3Gcz8V/fad00;hDownload%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com;0.001545423281593017

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Feb 2024 07:56:41 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 140
Expires: Tue, 14 Feb 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Feb 2024 07:56:41 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//ok.battletrain.xyz/;s1600*1200*24;uhttps%3A//vexfile.com/download/U7CB3Gcz8V/fad00;hDownload%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com;0.001545423281593017
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 14 Feb 2023 21:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/ 430 KB
135 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js?cb=31081119

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed789f6a4003ddf15eb02f1fc7e0ef1a9462ac6afa9784bdd000678c83e03dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82875
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138518
x-xss-protection: 0
server: cafe
etag: 12880065651029678149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 13 Feb 2025 08:55:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 56 B
67 B 56ms
38ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vexfile.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12e1d5ae23a7d9fa3628758dc44117c86baac079eb9c604b665be8dd11681b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 15 Feb 2024 07:56:41 GMT

GET
H2 200 default-vendors.json Show response
cmp.setupcmp.com/cmp/gvl/ 5 KB
2 KB 16ms
16ms Fetch
application/json 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.setupcmp.com/cmp/gvl/default-vendors.json
Requested by: Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 715394bae3bbddfc9816ab08ae1bf29203e0461b103b5b8abc71157aad4b5994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: sHG9phpOLdN8Ou/SwaClEg==
age: 462555
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 16:30:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOcrup6qnj%2B6%2BkrMLgFOiJWUpFVJpMBRxsUOGmhLo4NBvN1QJOVzAmx9tjwyPVBzfa0qsccDO23bZM0qZWIkGmm3f0EkF6vDlLIVc%2Bm13EvN1Y73aJPh9wfw1abFezLtn39k2JoThh%2B769dXFyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 50783bdd-101e-002a-05af-5bac16000000
access-control-expose-headers: country
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 855bfee4cacd3648-FRA

GET
H2 200 vendor-list.json Show response
cmp.setupcmp.com/cmp/gvl-v3/ 573 KB
71 KB 27ms
27ms XHR
application/json 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.setupcmp.com/cmp/gvl-v3/vendor-list.json
Requested by: Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c640eb697ff6e3d51f043ff0590ee4b007e7ccf6c70069581aa35b3b59e62106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: uSOdgUgEk9EZib2zJhsAvQ==
age: 428743
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 16:30:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASmqDWuFqw3BIgLMb7fY1EOXFNrlhdhe5EKSxT9p8aathMYeOv%2BUX10p%2FhTTOOhUTZgkr9Lk7H3O6T5wacFp4kGkHG8WCuTa00N2rGkLc0eH%2FxYs6BaBogwnnvD%2FYnq6PyVATpfeRSn%2FNRuq4kA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6834e6f8-401e-0045-79fe-5ba6e5000000
access-control-expose-headers: country
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 855bfee51b103648-FRA

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 27ms
16ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240215

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6818

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7554f60186056f0cae22b36f9027cb5a2f8358a5993e0eb906dfeab832e8fce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14147
x-jsd-version: 1.0.1966
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21982-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"637-eAXGia7uhql25MK6mkGwDu5ap8w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qt28%2BhDpjaAatxaPyQ3SdMC%2B60%2B3lxTP%2BjQ%2Fasy3e%2BSfw66iglP%2FR7PSeTfjaW%2F4Bxo%2BxDX0xyK7gOqfKXR6esR6RVtfBgB1PPiCGW3nSScu380s93K%2F4%2FvozR7qjDxMC5dAMWBpdk3RQ54MY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 855bfee54ced9214-FRA

POST
H2 200 custom
jouteetu.net/ 0
0 47ms
13ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions-b296e.js
vexfile.com/ 0
764 B 17ms
17ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/sw-check-permissions-b296e.js?zoneId=6675198

Requested by

Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/download/U7CB3Gcz8V/fad00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78812
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 17:56:46 GMT
server: cloudflare
etag: W/"6564d85e-236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAZn34mdrUharTS0F1eg6x4kdf0s1Au6QfGPEo1JXatLGxFC%2BdBz2HBQA%2FTaLnxciCZ1czdeN2X5IKnPmV0q2Ks5Wo21R%2BNHIpVEreerCI0gbnGeovRWr0njwvJZWFEbId9ZJsNVsvBV1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 855bfee54e686987-FRA
expires: Fri, 15 Mar 2024 10:03:09 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 45ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
deehalig.net/ 0
255 B 14ms
13ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://deehalig.net/zone?&pub=0&zone_id=6675198&is_mobile=false&domain=vexfile.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.484&trace_id=77d3bb87-7382-4088-b6c0-18999b7c397a&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 76f24165b05b49eb5d8b38b1aa189275
date: Thu, 15 Feb 2024 07:56:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://vexfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 56ms
23ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 56ms
24ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 44ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 13ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6675198&checkDuplicate=true&ymid=&var=

Requested by

Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

970c54e90542b8c565438b3b349ba98c59aaede207300d30890cf73880075614

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vexfile.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 ut.js Show response
nsjyfpo.com/script/ 87 KB
30 KB 28ms
28ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsjyfpo.com/script/ut.js?cb=1707983801221
Requested by: Host: nsjyfpo.com
URL: https://nsjyfpo.com/script/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88081c343743aad1158078961d80119501c1f97bbe28ced8a66cae8acc1e0bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoB_FE4p5TSECKzBxexyr8CnF6oG5oKsJcjqSIYwtcWf_tIyMA_1bBJGWrK2akPE175jqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jan 2024 09:11:15 GMT
server: cloudflare
etag: W/"f78273815ffccc0126bd3e83d2813f7c"
vary: Accept-Encoding
x-goog-hash: crc32c=0sa7rw==, md5=94JzgV/8zAEmvT6D0oE/fA==
x-goog-generation: 1705569075555153
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKjZfhSaNX8edYn31KcO%2B%2BhHjzmMTRnf5BLtaotU6AEBeQa6VKTo8nOz7MJY22A%2FxkzU0O2YA6fA%2FRzbId%2Ff5gdje009cKWlxaSvN%2Fu01idWKGyN0SupfGnZdr81nSBW9jhodyMJkEDnsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 89230
access-control-allow-origin: *
cf-ray: 855bfee5a89918d4-FRA
expires: Thu, 15 Feb 2024 08:23:05 GMT

GET
H2 200 suv5.js Show response
nsjyfpo.com/script/ 101 KB
33 KB 29ms
29ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsjyfpo.com/script/suv5.js
Requested by: Host: nsjyfpo.com
URL: https://nsjyfpo.com/script/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6794a5470ad6733dadb01c9ba8b216b2ccb47e1e3cd4e0c1e49b0613241bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqfmfmefhZF1PTO70Q2_G3Kjcnh-12Y04kV_mZ_8UPHUtKME5IOlkxe1OBxskzm3hZBn3U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Feb 2024 12:52:51 GMT
server: cloudflare
etag: W/"aab801f74b48749e74777668f176bc15"
vary: Accept-Encoding
x-goog-hash: crc32c=dVyOEA==, md5=qrgB90tIdJ50d3Zo8Xa8FQ==
x-goog-generation: 1707223971926371
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONZcXeXUjwLXK0cJCz6yW5pBtp7hBXUg8urhZAL1j6DrCuqmMZAOMYUeeJuW9Ye%2FNekcsOE8Q8%2B8d%2F13DrdP61hgM8PGycYWtn1z%2FAXJzbrZbqykgo1sQ66XGhuKAQaUhwdc96KZcuI4MA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 103830
access-control-allow-origin: *
cf-ray: 855bfee5a89c18d4-FRA
expires: Thu, 15 Feb 2024 08:06:16 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 13ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 google-atp-list.json Show response
cmp.setupcmp.com/cmp/gvl/ 151 KB
37 KB 20ms
20ms Fetch
application/json 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.setupcmp.com/cmp/gvl/google-atp-list.json
Requested by: Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a360f0726d5d1dd262f89ef3c5c206c91fadb575c5e1fb0de50d14b29c24337b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: Ll5Mi8szH0kavc8vm6GZUg==
age: 403730
x-ms-lease-status: unlocked
last-modified: Thu, 13 Oct 2022 10:05:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW5cVeXajT8Tr7bKypZBIyRZLeI5vnjh1ZXKsTDzImMoMYWFrEBzgHtP4J7lr48ciW65Pu9vaKQdTr3o6iE%2B7XJjK4BIrIDANYehvxibWbT%2FCG1MhGAVQGngzSW8KdQYupksFVooA1I6HPMc%2FG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a00ca5a8-b01e-0041-0638-5c2be2000000
access-control-expose-headers: country
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 855bfee5bbd23648-FRA

GET
H2 200 setupad_white.svg
cmp.setupcmp.com/cmp/images/ 4 KB
2 KB 21ms
20ms Image
image/svg+xml 2606:4700:20::ac43:4624
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp.setupcmp.com/cmp/images/setupad_white.svg
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/U7CB3Gcz8V/fad00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4624 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a6533eb420441c61f6c38eae014a688ecda4beb1de129e420010774b5f197f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Feb 2024 07:56:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: xYbiTs4bzl22A6DpFUmdxA==
age: 2032
x-ms-lease-status: unlocked
last-modified: Thu, 13 Oct 2022 10:05:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XrmyBRkXI1kRDY06VC%2Fr%2FzvtlvPuZRmuR5uGU%2BUqjaZZcKpMfePu0%2BypkVCG5bTUuyR44HOAHlWw4D0HkQ9U3FAyiqeYXM57oDjITNJHMjB2H2dOnZjinviMOdXFkbiDseyQCbUvrWTtsi3smY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ac9b0211-801e-0028-60e5-1512ae000000
access-control-expose-headers: country
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 855bfee60e3d37da-FRA

GET
H2 200 ctr.php Show response
ctrtrk.com/ut/ Frame 883D 166 B
659 B 168ms
132ms Document
text/html 2606:4700:3035::ac43:cc3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrtrk.com/ut/ctr.php
Requested by: Host: nsjyfpo.com
URL: https://nsjyfpo.com/script/ut.js?cb=1707983801221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cc3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64bebc3700f50d9a617a8353c410e55b7428621f31ed9b1086fa25689861470e

Request headers

Referer: https://vexfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 855bfee658911e32-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 15 Feb 2024 07:56:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfk34KdnMDgDlarNdHUGL0%2FGno6KyayjqKhVRWvV91o4gt4EX3Pc6VkBYBzdUHrbaW72xnWGb8Mg%2BwYW84CaLSRZ96472jfDqrVXLVhC5iaQpv8O754ImItLdtlw4xihR9rlBaQge8NK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

GET
H2 203 suurl5.php Show response
youradexchange.com/script/ 1 B
528 B 192ms
139ms Fetch
text/html 2606:4700:3033::ac43:b1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=7780286&chmob=%3F0&cbur=0.771158100103031&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Download%20AndraxV9.js%20-%20Step%202%20-%20VexFile.com&cbpage=https%3A%2F%2Fvexfile.com%2Fdownload%2FU7CB3Gcz8V%2Ffad00&cbref=https%3A%2F%2Fok.battletrain.xyz%2F&cbdescription=&cbkeywords=&cbcdn=nsjyfpo.com&ts=1707983801313&srs=9ed9e75c3e8d5c4beeaae86c90357e2f&atv=42.0-sw-adbl-suv5&abtg=1
Requested by: Host: nsjyfpo.com
URL: https://nsjyfpo.com/script/suv5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYJiFUb1beB3C2P8QpodUQMPjumjDlJjWgYTwgC%2F5ymQhfvDiagKRGlt44gxHlcUrZqUV4uLmxpp%2F0sDuFPskjgN3F4dUkZ5NDhYguBvkCtFOp0Bt%2FVZO96hxSD1jTReul8IYQoNPeLltrL4WY4U4%2FQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cf-ray: 855bfee69d692285-CDG
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 204 hb.php
pubtrky.com/ut/ 0
408 B 438ms
135ms Ping
text/plain 2606:4700:3034::6815:86c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.6431273440966037&v=1
Requested by: Host: nsjyfpo.com
URL: https://nsjyfpo.com/script/ut.js?cb=1707983801221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:86c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Thu, 15 Feb 2024 07:56:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o37DS75duKt3RVjIayTYXdyS953%2BFgMfNv0hEUHwfo8C8TkiDG4yGlpU0cUUw3jWaELCRDQCodZ7FN55EZ8KIwgyn68szATctIw6KHuX3S7BSdVF4GXLjPisfYcmrwPpdBzCRfrxIpn%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 855bfee82abe22bc-CDG
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 12ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 13ms
13ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
deehalig.net/ 799 B
1 KB 39ms
13ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://deehalig.net/zone?&pub=0&zone_id=6675198&is_mobile=false&domain=vexfile.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.484&trace_id=77d3bb87-7382-4088-b6c0-18999b7c397a&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

00eec6c97c435baaf4d8aa1d3666eced4c7db8a046000b3c4cfc52d756e9d1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 01c0e5e022d3d00d007520e99abd7930
date: Thu, 15 Feb 2024 07:56:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vexfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 799

POST
H2 200 custom
jouteetu.net/ 0
0 12ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deehalig.net
URL: https://deehalig.net/pfe/current/micro.tag.min.js?z=6675198&sw=/sw-check-permissions-b296e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexfile.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 03:11:59	Name: ID Value: df6ba36318834947adff600b0081bac3
vexfile.com/	1970-01-20 18:26:31	Name: XSRF-TOKEN Value: eyJpdiI6ImpUcjZPM0VuOEZ4d0lDdnoyOFBOWUE9PSIsInZhbHVlIjoiNTlidEFhalwvQUdUZEVER2pDS050NEQ0UitLVnlObzg5NWpNblwvSmdHN2MwaEVERERXY2xDVUJtemhFQTROdDdFIiwibWFjIjoiODY2YTcwNWU5MzJhMzcwZDJkN2YwN2M3M2MxODVmMmM2Zjc5MGViNGNiYzY2ZTYwOWMyZWFlOGU3Y2FkM2M1MiJ9
vexfile.com/	1970-01-20 18:26:31	Name: vexfilecom_session Value: eyJpdiI6IitTbk1zVUhITkRrK0lJaEhwRzhYRnc9PSIsInZhbHVlIjoiQ1JJN1NLSVZCeWZwZkI1TXZDcE56M3BMSlRhcysyWEdIZjBIZkhcL21DSWwxM25MVjZKU1BFSVN1T0xkWmRiWHMiLCJtYWMiOiJmZWFkMGRhZjUxZjZlMzA4OTkyMmU5MjVmZDY3ZTc3NTYwZjRiM2ZjNjEyODkzNWE0MDg4MGU4YmU5ZTQ5NzI5In0%3D
vexfile.com/	1970-01-20 18:26:25	Name: stpdOrigin Value: {"origin":"referral"}
.yadro.ru/	1970-01-21 03:11:20	Name: FTID Value: 1bpSEv1c_U8k1bpSEv001R3i
.yadro.ru/	1970-01-21 03:11:20	Name: VID Value: 2B-KCK0rjK8k1bpSEv001R46
ctrtrk.com/	1970-01-21 04:02:23	Name: uniqid Value: 47e6721f-7ebc-4c0c-9056-160382d0e850

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ok.battletrain.xyz/ee2/?c=102aeb4705c9cfb3744b3b09405d29&url=https%3A%2F%2Fvexfile.com%2Fdw.php%3Ft%3DaHR0cHM6Ly92ZXhmaWxlLmNvbS9kb3dubG9hZC9VN0NCM0djejhWL2ZhZDAw&a=1865&t=AndraxV9.js&s1=14230&s2=40560&s3=6&s4=&s5= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vexfile.com/download/U7CB3Gcz8V/fad00 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vexfile.com/download/U7CB3Gcz8V/fad00 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vexfile.com/download/U7CB3Gcz8V/fad00 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vexfile.com/download/U7CB3Gcz8V/fad00 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vexfile.com/download/U7CB3Gcz8V/fad00 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vexfile.com/download/U7CB3Gcz8V/fad00 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beevakum.net
cdn.jsdelivr.net
cmp.setupcmp.com
counter.yadro.ru
ctrtrk.com
deehalig.net
fonts.googleapis.com
fonts.gstatic.com
jouteetu.net
my.rtmark.net
nostop.go2cloud.org
nsjyfpo.com
ok.battletrain.xyz
pro.fontawesome.com
pubtrky.com
securepubads.g.doubleclick.net
stampcomparison.xyz
stpd.cloud
trk.bubblewaves.online
vexfile.com
youradexchange.com
139.45.195.8
139.45.197.250
139.45.197.251
172.67.181.222
2606:4700:20::ac43:4624
2606:4700:3033::ac43:b1d6
2606:4700:3034::6815:86c
2606:4700:3035::6815:3192
2606:4700:3035::ac43:cc3e
2606:4700:4400::6812:2844
2606:4700::6810:5514
2606:4700::6812:1e31
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::200a
2a06:98c1:3121::3
52.210.174.128
88.212.201.198
00eec6c97c435baaf4d8aa1d3666eced4c7db8a046000b3c4cfc52d756e9d1cc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0e6528e8e5cbe450fbb2a902384e0fc67596b1674b137f22baa6abfd593f132e
0fbd1c7469190c55700b080de33db8606a2ffec17570d2697c53c2ab85e05536
12e1d5ae23a7d9fa3628758dc44117c86baac079eb9c604b665be8dd11681b15
13e85139ca7a87928c89e60ba52bc22732d025d7d4542f084cdb616f86d7d074
145a7b44a5f2c3317a559bee3ce95f71afa38b6069a4843d56ad286af32ea0f7
1545c8a0819e532f98768e8be2669754e112b5b8cd6999555df0b6ff98ba5b95
1b816d454f16348a3c36024b8f021babf698d02547935526f309ca87e4c01e52
1f6794a5470ad6733dadb01c9ba8b216b2ccb47e1e3cd4e0c1e49b0613241bec
243278db80c76a9853019087e9429d86e64dafd302ea3e474e781e2db8bbbcfb
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a
352db1fa8ae92654d21618717c238d356603991d312706d6462d76a11791ca13
429a3d1aacb01159ca3622c9d53df69dcc827e678aa49ebc281a8b5cd91cff91
541eb448d5b7d1d6673c38e7003488491fbce160f334a6247adebafcb2e51d70
64bebc3700f50d9a617a8353c410e55b7428621f31ed9b1086fa25689861470e
65fb32d698f81db6f5404785a68784bf138a02787c400552a3628471c1f2c301
6bededbb1bb42757ea20e8a7a2328744093e1c6399752abab815cbc4a30a8208
6f27461da8de19f27e71256239f3ffe714f4523d68693f09bcbc0f33f0eb10db
6fef4d16009dd3157897c77a8a193e6c6b6d9f28ff7ea85cdc887a3d5dc78cf7
715394bae3bbddfc9816ab08ae1bf29203e0461b103b5b8abc71157aad4b5994
7554f60186056f0cae22b36f9027cb5a2f8358a5993e0eb906dfeab832e8fce1
75897f40c29a1ca70013653851e4942094b2efe876200053bdb1c489d4619979
7ed789f6a4003ddf15eb02f1fc7e0ef1a9462ac6afa9784bdd000678c83e03dc
80a6533eb420441c61f6c38eae014a688ecda4beb1de129e420010774b5f197f
83ad1557c4ab5241790f536ad1080eda7368e2b0b55369e5c7a43b4a60f3ac66
88081c343743aad1158078961d80119501c1f97bbe28ced8a66cae8acc1e0bec
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a051cd343d7193d5804bd7f29fed0632f5f3e52ea64a7041ab0aa0f3dc41432
8d2a5a8debedcbcd039c2d8e032ee1ce924c65e07164f86f8e76ea54cc232ca7
90b03a6e9e1ec1600b8575f6704f44dec6337d07196d65a405befb7ad0569985
970c54e90542b8c565438b3b349ba98c59aaede207300d30890cf73880075614
a17bd8258a04a3117849f35ef9f32ce06d40b4eda3739efb6621c7d7e87d02d7
a360f0726d5d1dd262f89ef3c5c206c91fadb575c5e1fb0de50d14b29c24337b
a4c123551432f10a965b8a9f706d3a8f9ed36e1564620f520de64cdf5bfe6dc9
a567da199b248e62e8d3194326b2f4a2dbad814e9b1f510e96e825d1267ddec1
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bf87c4f421e8c620595ade56aa4afa6b36eefad0ab75595ac9ca2bedf204ad7d
c640eb697ff6e3d51f043ff0590ee4b007e7ccf6c70069581aa35b3b59e62106
c91afa65ae9dce0ceece90f01f8d980d9c3a3152739f8825e5f1207df7a5aa57
ca76180c2133d7d13de82a1b213bb4d0d1556d2cfd8c5fea78032f3724ec951f
cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d26b07a8759540a90705c7633f1c6a2ab66f3a24e547bedde04e69dd78e502c9
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
e15d7dddb9141d182250dde30a83b2c1c18796c175468d1b0de7aa9b5924c6d8
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
eef8ddd4c0a861369641adc7ca252f49f8f38aa2c794e5187cbdecdcd12d406b
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
ff927b91e08392c3fb51ae171430e5bfb392f3bca8d1db6062bbad7597030272

vexfile.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

67 %IPv6

21 Domains

21 Subdomains

18 IPs

5 Countries

6073 kBTransfer

8462 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vexfile.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

67 %
IPv6

21
Domains

21
Subdomains

18
IPs

5
Countries

6073 kB
Transfer

8462 kB
Size

7
Cookies

72 HTTP transactions
0 data transactions