exey.io Open in urlscan Pro
2606:4700:20::681a:937 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://exe.io/rKx2A
Effective URL:
https://exey.io/rKx2A
Submission: On July 16 via manual (July 16th 2022, 2:41:30 am UTC) from MX — Scanned from DE

Summary HTTP 136 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 29 domains to perform 136 HTTP transactions. The main IP is 2606:4700:20::681a:937, located in United States and belongs to CLOUDFLARENET, US. The main domain is exey.io. The Cisco Umbrella rank of the primary domain is 334356.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2022. Valid for: a year.

This is the only time exey.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::681a:267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:937	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	107.23.117.246 107.23.117.246	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:211... 2600:9000:211e:bc00:18:306b:ddc0:21	16509 (AMAZON-02) (AMAZON-02)
1	23.109.82.10 23.109.82.10	7979 (SERVERS-COM) (SERVERS-COM)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3038::6815:eb0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
13	65.108.0.253 65.108.0.253	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	65.9.25.54 65.9.25.54	16509 (AMAZON-02) (AMAZON-02)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
9	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	209.205.197.154 209.205.197.154	55081 (24SHELLS) (24SHELLS)
1	2606:4700:303... 2606:4700:3033::6815:16a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	51.79.72.199 51.79.72.199	16276 (OVH) (OVH)
4	139.45.197.155 139.45.197.155	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401b:808::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400e:8::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:15::6	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::71	15169 (GOOGLE) (GOOGLE)
136	39

1 2606:4700:20::681a:267 (United States)

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:937 (United States)

ASN13335 (CLOUDFLARENET, US)

exey.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.117.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-117-246.compute-1.amazonaws.com

platform.pubfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:211e:bc00:18:306b:ddc0:21 (United States)

ASN16509 (AMAZON-02, US)

d192r5l88wrng7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.10 (Netherlands)

ASN7979 (SERVERS-COM, US)

nh.eugeniecor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3038::6815:eb0a (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 65.108.0.253 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.0.108.65.clients.your-server.de

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.25.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-25-54.zag50.r.cloudfront.net

ufundentofi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ertyvaluation.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:16a9 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.72.199 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns567735.ip-51-79-72.net

h5.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.155 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401b:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:8::a (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rr5---sn-5hneknee.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:15::6 (Ireland)

ASN15169 (GOOGLE, US)

rr1---sn-5hne6nzy.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::71 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

s.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 20670 analytics.vdo.ai — Cisco Umbrella Rank: 19155 targeting.vdo.ai — Cisco Umbrella Rank: 23175 h5.vdo.ai — Cisco Umbrella Rank: 24464	452 KB
16	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	21 KB
15	googlesyndication.com 16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166 ade.googlesyndication.com — Cisco Umbrella Rank: 283	43 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231 pubads.g.doubleclick.net — Cisco Umbrella Rank: 488 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 ad.doubleclick.net — Cisco Umbrella Rank: 217	176 KB
9	in-page-push.com in-page-push.com — Cisco Umbrella Rank: 121244	38 KB
5	ufundentofi.xyz ufundentofi.xyz	6 KB
5	cloudfront.net d192r5l88wrng7.cloudfront.net	230 KB
4	cdnativepush.com static.cdnativepush.com — Cisco Umbrella Rank: 24301	10 KB
4	google.com accounts.google.com — Cisco Umbrella Rank: 126 adservice.google.com — Cisco Umbrella Rank: 103	671 B
4	ertyvaluation.lol ertyvaluation.lol	2 KB
4	freychang.fun freychang.fun — Cisco Umbrella Rank: 23075	202 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	62 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 imasdk.googleapis.com — Cisco Umbrella Rank: 439	331 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 107 s.youtube.com — Cisco Umbrella Rank: 551	53 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	113 KB
3	exey.io exey.io — Cisco Umbrella Rank: 334356	90 KB
2	googlevideo.com 1 redirects rr5---sn-5hneknee.googlevideo.com — Cisco Umbrella Rank: 53250 rr1---sn-5hne6nzy.googlevideo.com — Cisco Umbrella Rank: 53671	2 MB
2	google.de adservice.google.de — Cisco Umbrella Rank: 6937	914 B
2	pubfuture.com platform.pubfuture.com — Cisco Umbrella Rank: 49093	4 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 19127	477 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 282	17 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10511	538 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 21401	18 KB
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6067	412 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96
1	eugeniecor.com nh.eugeniecor.com — Cisco Umbrella Rank: 486261	1 KB
1	exe.io exe.io — Cisco Umbrella Rank: 394179	988 B
0	h12-media.com Failed tags.h12-media.com Failed
136	29

	Domain	Requested by
16	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com exey.io
13	analytics.vdo.ai	a.vdo.ai
9	in-page-push.com	exey.io in-page-push.com
8	pagead2.googlesyndication.com	exey.io tpc.googlesyndication.com
6	googleads.g.doubleclick.net	exey.io
5	ufundentofi.xyz	d192r5l88wrng7.cloudfront.net
5	a.vdo.ai	exey.io a.vdo.ai
5	d192r5l88wrng7.cloudfront.net	exey.io ufundentofi.xyz
4	ade.googlesyndication.com	exey.io
4	static.cdnativepush.com	exey.io in-page-push.com
4	securepubads.g.doubleclick.net	a.vdo.ai securepubads.g.doubleclick.net
4	ertyvaluation.lol	exey.io
4	freychang.fun	d192r5l88wrng7.cloudfront.net
3	pubads.g.doubleclick.net	imasdk.googleapis.com exey.io
3	h5.vdo.ai	exey.io
3	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com exey.io
3	www.googletagmanager.com	exey.io a.vdo.ai
3	exey.io	exey.io
2	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
2	csi.gstatic.com	imasdk.googleapis.com
2	www.youtube.com	a.vdo.ai www.youtube.com
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
2	accounts.google.com	exey.io
2	fonts.gstatic.com	fonts.googleapis.com
2	platform.pubfuture.com	exey.io platform.pubfuture.com
1	s.youtube.com	exey.io
1	ad.doubleclick.net	exey.io
1	rr1---sn-5hne6nzy.googlevideo.com	exey.io
1	rr5---sn-5hneknee.googlevideo.com	1 redirects
1	fleraprt.com	tzegilo.com
1	s0.2mdn.net	imasdk.googleapis.com
1	16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	my.rtmark.net	in-page-push.com
1	tzegilo.com	in-page-push.com
1	ghb.adtelligent.com	platform.pubfuture.com
1	cdnjs.cloudflare.com	exey.io
1	www.facebook.com	exey.io
1	targeting.vdo.ai	a.vdo.ai
1	nh.eugeniecor.com	exey.io
1	fonts.googleapis.com	exey.io
1	exe.io
0	tags.h12-media.com Failed	platform.pubfuture.com
136	43

This site contains links to these domains. Also see Links.

Domain
pubfuture.com

Subject Issuer	Validity	Valid
exe.io Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-14` - `2023-03-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.pubfuture.com Amazon	`2022-06-23` - `2023-07-23`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
nh.eugeniecor.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2021-08-17` - `2022-09-18`	a year	crt.sh
ufundentofi.xyz Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-24` - `2022-07-23`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
in-page-push.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
cdnativepush.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-01-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://exey.io/rKx2A
Frame ID: 7C1C0CEADF6A9FA60DFADDA66BE868AB
Requests: 95 HTTP requests in this frame

Frame: https://ufundentofi.xyz/UXIyQ1YwEFEuaTBPUGUjIx4PZmQXVwAFMmBLADFjPUoKNCQ/FQVtNT0dRycwIx1cN3g/F0ZmZBdHfxUEZChmKwUeClEHFGEnCwsANjNzcQwcJEU0DgEVXQgAOjRCDwQEM2gQZxs/XnccAQoDFR46J0cLADY7dDkxCDEDexsyGkUPASYKXhshAxFncTofIwI7FB4KeBoFPRkLAgQ1J2oHMQA2SnYTHydjCgBhAQsFBz0odAQPdEB0FhQIMFEWIgc3dxpvFwV0GwQ4FlEVITkUewUuCTFzAT0HQ2cnFzkoURUhOTViETIFNnAROB5CcwgXAgpiFgQUJ2goezo3YQYTZTpwCTIECAoSEwNCdgY9KSV2O28/JgICHRAqRRASBApRDBApKlc7BDwhYy8EBhh0IAAmGmUOBD49ZDs+KSEDFTQGIWsUFRdCZxk8aCdxAhxnIWcwGBAleAkFJkJxIAMlJGFyFyg1cCcEFzVrZmQXJ3MwETQZQhceOiBCEBd3GEEsOCFPZjNuBQsCFDBpGVZz
Frame ID: D3C3449F0CA71855EF97430C66869B33
Requests: 2 HTTP requests in this frame

Frame: https://ufundentofi.xyz/T1Q1OEkuNlZVdi5pVx48PTgIHXsJcQd+LX5tB0p8I2wNTzshMwIWKiM7QFwvPTtbTGchMUEdewkgbwkfHABteQwAPkJKHTcZDXYnDR1tCjEiMHBqCx8tcFEBJzBafgo4FXFfGAoST1d5HxABAQsdEk9yIywBYlUffx1nfQMCOQxKDx4/B1p6NwN3Ugw4N3BqCwYHfFEOfjtbdyAeHXNsImpmc3EbJBpWQSo8AGRXfwQXZFsKNQYGXjMVB1AKAyAFWVxwBQdkXQg1O1loJRkCb2w+egJjbiUWZwRdH3wWXXx4GQJvaxwkHFl+IStnAUEYIjBcdhwVAFNwZCtxB34YDg1ZcSAKAnB8CDgeXVMdLBN0dBsZBlxeAXoTZFUtJg5nSxkGAA1QHxkBYlx6dhV2Qj56H3NuHxUAYFcMOCMDXXsnF2NCEHkETQACAhxRHXsJGlliJRYDe3kaGBZcXXkNHmx/DyAFWVskAi1Gag8bLAZeMxUHb1UfJQUEfjMFZ3d6byUnWlY5chJUSCAeAm9yGiY4RU0/
Frame ID: C4B475DDF154BCF71CACD2A6A02085EE
Requests: 2 HTTP requests in this frame

Frame: https://ufundentofi.xyz/NllmaWhXOwUEV1dkBE8dRDVbTFpwfFQvDAdgVBtdWmFeHhpYPlFHC1o2Ew0ORDYIHUZYPBJMWnAoK1s+eAsuIzl1MCsAPGM6KyIwWhIkWDITayAKA3sPIhNcRBEjJzF5Ll4FPmI6Q1suUA0gITlMMkNbKnA+Uz8JTz4yMTl8Lj8BDFIbCCtZYB8vKyQFNSEvOncqAztRVREfOAd+NSwoDkETLiE+YDYCAiFUHA84GXA1ETo4Wx8nKB9FbD88KXIPLlgZZzE8PiwEHycoEH8yLQI5fgguXS9gLiA/Jm4TIS4DdHxULwx0FyIvO3MxJD8xfhMPWS9wNQUlC2McIzpbG2wfPx9wDzw6UFcLEQ4AbwwkHjl+YFYhBFkWLS4udxgRIAd8IQoKPHExVDgEdxc2EBtQDw0rTQQfJwIlcg8LJ1huGDw/DQULBSsEbDYCAiJ3GyUaBHcfFigOQRMuKC58MwJZOWAcLitZEDMVBgZGZBAiP1ALFFArQg
Frame ID: DA9B1C6757396FE224C1399E27A7B9C4
Requests: 2 HTTP requests in this frame

Frame: https://16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0FAA833D3727B96EDE0B9D57F7ACB089
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Frame ID: 15827E09238A88D06F29A43890130B31
Requests: 28 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Frame ID: 55C885E651C989254333561E1297B673
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: C2460A58DE259C8635BB3A49F1A5954A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Page URL History Show full URLs

https://exe.io/rKx2A Page URL
https://exey.io/rKx2A Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

136
Requests

97 %
HTTPS

69 %
IPv6

29
Domains

43
Subdomains

39
IPs

8
Countries

3920 kB
Transfer

11518 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pubfuture.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://exe.io/rKx2A Page URL
https://exey.io/rKx2A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://rr5---sn-5hneknee.googlevideo.com/videoplayback?expire=1657968082&ei=UiXSYoyLI_yI6dsPvbWyUA&ip=185.213.155.166&id=4d99361550409111&itag=22&source=youtube&requiressl=yes&mh=xL&mm=31&mn=sn-5hneknee&ms=au&mv=m&mvi=5&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.093&lmt=1646599732905985&mt=1657939019&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgAN404-Bl5mc-diXlZ1vJ3ZNXR6c4E0DzQLAzWaIqeNYCIQCthwenxpnArnQA2r0IRpcngdUOypcQBnEDmi-zvr305g==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAIrXU9lSyLGt2YqsJkn_3SJHFrK8wcQHvS9LdSbnmvsoAiEAnbIijfkSuvjWN6L3vj4-jM4Br9dgeqjWJ8losSPJF7E=&cpn=42zl5GLZ26YizJC7 HTTP 302
https://rr1---sn-5hne6nzy.googlevideo.com/videoplayback?expire=1657968082&ei=UiXSYoyLI_yI6dsPvbWyUA&ip=185.213.155.166&id=4d99361550409111&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.093&lmt=1646599732905985&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgAN404-Bl5mc-diXlZ1vJ3ZNXR6c4E0DzQLAzWaIqeNYCIQCthwenxpnArnQA2r0IRpcngdUOypcQBnEDmi-zvr305g==&cpn=42zl5GLZ26YizJC7&redirect_counter=1&rm=sn-5hnesl76&req_id=a8fa4901e80136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=xL&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nzy&ms=au&mt=1657939049&mv=m&mvi=1&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaVFLlpZu6w_au9KtvEaJhEL6YSe6BbNXgcZrDVjJqMgCIH-KBTPQb4dsYbAo-I7f-aouBIGye_juf30dnpDkyfSo

136 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 rKx2A Show response
exe.io/ 195 B
988 B 89ms
58ms Document
text/html 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exe.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51950b2880857df5063b9a5af9b397c9c20ff1dc3eda03872804ac888ae27f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72b760d41e308fe3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Jul 2022 02:41:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgpgNTMPl1BullUwsICv%2BuYMAMswKxLlWoDRsebHyCwwqblDAWjkuH1GxfRbp1CAgFAGNhUtagPeBCzv9y%2Bv6LXdHJdD2DRHGnWmDUZKaYeLDSRHrBOAz%2B6B9rAbxDhjwlcUGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request rKx2A Show response
exey.io/ 127 KB
48 KB 114ms
75ms Document
text/html 2606:4700:20::681a:937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc0ce6c5320e4a82d8adc1933f3898b2ec1da75e891e51a082018bfadad64498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exe.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72b760d4dbae916e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Jul 2022 02:41:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1PMFoN6JDS8onQcHafjIRsk6leOsGRqa1CEykMUrWZ5GbwpQenIeAiyAAhTS58Jl3NKIKgm%2BtPDmzAHcW2joXJudjC%2FJ5J6EZz2ixrtiIBg3%2Bk%2BV5UEKa7H4RWysbetIKznoXk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 134ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f259e1ac72c23752a935508137a234c6411c9abe1f04f9d951003ca60241cdb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 01:26:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:41:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:41:20 GMT

GET
H2 200 continue.css
exey.io/css/ 179 KB
41 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/css/continue.css

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/rKx2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140160
cf-polished: origSize=211643
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 17:25:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imhFwO%2FLETUURrVh8jszH7si%2BtwRmLmO6KJivMHy7QVcL%2Bvoxa9d0OOL3tFct529AmhqrJmr1dB4M1URmR6Tb2e9nITKNL4lGPWgN6y4KOwufKqkp76qt47LIRMKXqshY2Ba2tY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 72b760d55c1b916e-FRA
expires: Mon, 01 Aug 2022 21:58:40 GMT

GET
H2 200 nr.js Show response
exey.io/js/scripts/ 186 B
524 B 20ms
20ms Script
application/javascript 2606:4700:20::681a:937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/js/scripts/nr.js

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26bbadf324d400b12bea32f232b42870889357c483db6c1c4b1baa0202a41539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/rKx2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140160
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Thu, 06 May 2021 10:32:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN%2Fr6BZHvJhRa%2FCDD9kvsncOh7VoPbUUqbQ%2FAGOSYq1w9VwPTZ8H9Y1vWRpBf%2Ba0KvnU1n6dTdystpjSb4exD%2FULRzojimFrUu%2FFONmLSXZ5%2FJqVNgxyR27oIjRMzcqRId6CEa4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 72b760d55c1c916e-FRA
expires: Mon, 01 Aug 2022 21:58:40 GMT

GET
H2 200 623444fe30482400586261c9.js Show response
platform.pubfuture.com/v1/unit/ 3 KB
2 KB 319ms
102ms Script
application/javascript 107.23.117.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.pubfuture.com/v1/unit/623444fe30482400586261c9.js?v=2

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.117.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-117-246.compute-1.amazonaws.com

Software

Resource Hash

4a1d4d06cefd96b2a94b54e21240a9d92ed493c9c13aacd786d5968b43554c49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
etag: W/"a3f-SjjsmxSxeIp+3gJy385/FXFqH/4"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 / Show response
d192r5l88wrng7.cloudfront.net/ 350 KB
114 KB 200ms
171ms Script
text/plain 2600:9000:211e:bc00:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 08486db1aa6c28938348beaf416582c8ca87b416a8d57a693aeefa894e21ee73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 116024
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-id: Kk6JsViCm9v0fduBMbV5GD_JPdL22m11T9nphkDLZ4IjtkQRY5qlkA==

GET
H/1.1 200
OK 29529 Show response
nh.eugeniecor.com/1clkn/ 6 B
1 KB 73ms
16ms Script
application/javascript 23.109.82.10
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://nh.eugeniecor.com/1clkn/29529

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.10 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:41:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 128ms
45ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

817d2291ac8a70e0722d23519544c72faab9c74877596aa0d3f6dc2c641c238a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40293
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:41:20 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-exey-io/ 26 KB
6 KB 61ms
21ms Script
text/javascript 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88122526e6fcc5d0ff32759bec139598601881d3c74157b2d9d3db857aad954f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
x-cache: HIT
vdo-server: Tag2
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 39136538 35798052
last-modified: Sat, 16 Jul 2022 02:41:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmMLiE1uHK%2Bhy%2FCX4skxl1CuP05d3WMN0%2Bw9yCtIbdvgMxh5A828oMkuc7wgLAaIqWYDrxoDM6ZdadQBUCdCetukDpAroi4C3KcVW2U2ivFLzg2YGWK0vyP69XIs4ibdBUhEmkrLyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 72b760d66ba16907-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exey.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 356951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 23:32:09 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v29/ 17 KB
18 KB 172ms
92ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738161904fe560fd83c26e301998e35ac1e87cb40bebd4b190a5f141309d40b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exey.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 18:07:27 GMT
x-content-type-options: nosniff
age: 376433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17816
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:26:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 18:07:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
39 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-39

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

113bf24f50f2c81a18501e8b785d3e8da82dd925462d64691602d128244ee7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40267
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:41:20 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 111ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:20 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 13 KB
2 KB 48ms
20ms XHR
application/json 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=exey.io%2FrKx2A&tag=v-exey-io&domain=exey.io
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a17c7702fe2510541f1dfaf2d03dfa62fad593bb30c02eb8b64ce28c256b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbCNFOEcaJDtg8XygO%2FUc%2Fe3YtPblJM4oaxb9nxk%2BFslnehKpjPT7fQ92q2MMKtXAy03cemq0kT5XaUwkHt0gRpCtfCyS60bFiQfIPxIdYEPbbA6J9wla5bSHhmzkJfmXMz2BIc4ZYokDsTGbnac"}],"group":"cf-nel","max_age":604800}
cf-ray: 72b760d6b9f95c9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 63ms
23ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4301
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 16 Jul 2022 01:29:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzFwwS0XkZ6TdVaUOqTOsggAIkfuDhfrtKcMEC8AUxKejmleyyR5Gy%2BpcN2F8UjrquK7ARM5w2g9rSGl%2BQO0nszQ7nNWRz3yU39b%2FL9cFWjNV%2FFnxPMIvXlR0CvLPkslQG8aZGweDwqaBdJE"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://exey.io
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 72b760d6fac7915e-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
377 B 156ms
116ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce1f63f66d50f36c5c82c2061a86a286426fa8dda0bb88b307ec5e1a51e7355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4AxVwBhO6nTJvo3ota0pyKuyfnhf8Wl%2FSiWcJnjmtRSGKI1rsEP6HvvpOoS0S%2FjIDo%2FHaubWwWfY3aXFM67nsF9l7jaV7d3lknN5kCvQFomjExH%2FYTK%2FQ%2Bc0lx%2BAQm8DkugFjXsXih54Icn"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72b760d6fac8915e-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ufundentofi.xyz/ 0
484 B 189ms
130ms XHR
text/plain 65.9.25.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ufundentofi.xyz/utx?cb=D19aAvDVzlbi&top=exey.io&tid=822524
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-54.zag50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:20 GMT
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11e.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 4fq61c_TRgp7s8I5zAcCqUVDFo8xEi5dEtx60Kvyq-v_TjAjkWIeKg==

GET
H2 200 JgICHRAqRRASBApRDBApKlc7BDwhYy8EBhh0IAAmGmUOBD49ZDs+KSEDFTQGIWsUFRdCZxk8aCdxAhxnIWcwGBAleAkFJkJxIAMlJGFyFyg1cCcEFzVrZmQXJ3MwETQZQhceOiBCEBd3GEEsOCFPZjNuBQsCFDBpGVZz Show response
ufundentofi.xyz/UXIyQ1YwEFEuaTBPUGUjIx4PZmQXVwAFMmBLADFjPUoKNCQ/FQVtNT0dRycwIx1cN3g/F0ZmZBdHfxUEZChmKwUeClEHFGEnCwsANjNzcQwcJEU0DgEVXQgAOjRCDwQEM2gQZxs/XnccAQoDFR46J0cLADY7dDkxCDEDexsyGkUPASYKXhshA... Frame D3C3 3 KB
2 KB 164ms
131ms Document
text/html 65.9.25.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ufundentofi.xyz/UXIyQ1YwEFEuaTBPUGUjIx4PZmQXVwAFMmBLADFjPUoKNCQ/FQVtNT0dRycwIx1cN3g/F0ZmZBdHfxUEZChmKwUeClEHFGEnCwsANjNzcQwcJEU0DgEVXQgAOjRCDwQEM2gQZxs/XnccAQoDFR46J0cLADY7dDkxCDEDexsyGkUPASYKXhshAxFncTofIwI7FB4KeBoFPRkLAgQ1J2oHMQA2SnYTHydjCgBhAQsFBz0odAQPdEB0FhQIMFEWIgc3dxpvFwV0GwQ4FlEVITkUewUuCTFzAT0HQ2cnFzkoURUhOTViETIFNnAROB5CcwgXAgpiFgQUJ2goezo3YQYTZTpwCTIECAoSEwNCdgY9KSV2O28/JgICHRAqRRASBApRDBApKlc7BDwhYy8EBhh0IAAmGmUOBD49ZDs+KSEDFTQGIWsUFRdCZxk8aCdxAhxnIWcwGBAleAkFJkJxIAMlJGFyFyg1cCcEFzVrZmQXJ3MwETQZQhceOiBCEBd3GEEsOCFPZjNuBQsCFDBpGVZz
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-54.zag50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a9458384b5d688a98bdc9f11da0ab99fb5a5c10d3360d43b611da213bee07f3c

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Sat, 16 Jul 2022 02:41:20 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11e.cloudfront.net (CloudFront)
x-amz-cf-id: zeBZ2F5UB9m2_1SYPldUKCi2kirKZ5PKMAFecm_erCrQjcyS5kTBQA==
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 46ms
38ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4301
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 16 Jul 2022 01:29:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOR4fwZvwfLCx%2BN%2FkLHg7iPDAeUGyIozBwoqS1srYVWqtlzx7PGC1Rx0TasB2Fz2GQtD%2BAUo5m8FZ4E2%2FhFodFParXbenQyInTHQXoRYBQY9YQy7SG6yykL%2Ff%2FF8L%2BQQFx%2BS1HmvLIic7w8Z"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://exey.io
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 72b760d6fac9915e-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
397 B 123ms
115ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6133c85c76f320990805d438c5982a507e431397abd281614937f8e889572e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzoKh4rq%2FE2slwe%2FD5M62yYPoKtbI2lomKxdBh6qT3pAev7wJxYktdcQLXp%2B3V0ypMpQXZF4Y7UlqiW0qhvkxi%2FvE%2BbBA%2FjJB%2BNTs6V7WtvnIBQtan6HeSoEK3VAQlddIet5dosA5Dv5Qlx5"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72b760d6faca915e-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ufundentofi.xyz/ 0
484 B 157ms
130ms XHR
text/plain 65.9.25.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ufundentofi.xyz/utx?cb=gn8aIdRyGwfv&top=exey.io&tid=889494
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-54.zag50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:20 GMT
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11e.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: hjTFrk9XQo2xbv_4MgwJP8ZfJsCfjjgjUS5qmljl06zG7cdQNWcp9Q==

GET
H2 200 / Show response
ufundentofi.xyz/T1Q1OEkuNlZVdi5pVx48PTgIHXsJcQd+LX5tB0p8I2wNTzshMwIWKiM7QFwvPTtbTGchMUEdewkgbwkfHABteQwAPkJKHTcZDXYnDR1tCjEiMHBqCx8tcFEBJzBafgo4FXFfGAoST1d5HxABAQsdEk9yIywBYlUffx1nfQMCOQxKDx4/B1p6N... Frame C4B4 3 KB
2 KB 247ms
235ms Document
text/html 65.9.25.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ufundentofi.xyz/T1Q1OEkuNlZVdi5pVx48PTgIHXsJcQd+LX5tB0p8I2wNTzshMwIWKiM7QFwvPTtbTGchMUEdewkgbwkfHABteQwAPkJKHTcZDXYnDR1tCjEiMHBqCx8tcFEBJzBafgo4FXFfGAoST1d5HxABAQsdEk9yIywBYlUffx1nfQMCOQxKDx4/B1p6NwN3Ugw4N3BqCwYHfFEOfjtbdyAeHXNsImpmc3EbJBpWQSo8AGRXfwQXZFsKNQYGXjMVB1AKAyAFWVxwBQdkXQg1O1loJRkCb2w+egJjbiUWZwRdH3wWXXx4GQJvaxwkHFl+IStnAUEYIjBcdhwVAFNwZCtxB34YDg1ZcSAKAnB8CDgeXVMdLBN0dBsZBlxeAXoTZFUtJg5nSxkGAA1QHxkBYlx6dhV2Qj56H3NuHxUAYFcMOCMDXXsnF2NCEHkETQACAhxRHXsJGlliJRYDe3kaGBZcXXkNHmx/DyAFWVskAi1Gag8bLAZeMxUHb1UfJQUEfjMFZ3d6byUnWlY5chJUSCAeAm9yGiY4RU0/
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-54.zag50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 68f2a2fd68b745d460880bcfc4435f6b1bb2cf98721aeaa143a88b62a08ee72a

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Sat, 16 Jul 2022 02:41:20 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11e.cloudfront.net (CloudFront)
x-amz-cf-id: U1qN7_QSwdOQIIZc-tdve3n-u-jMI10YgB2chVP_9u4PFJEbszqwIQ==
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront

GET
H2 200 DQULBSsEbDYCAiJ3GyUaBHcfFigOQRMuKC58MwJZOWAcLitZEDMVBgZGZBAiP1ALFFArQg Show response
ufundentofi.xyz/NllmaWhXOwUEV1dkBE8dRDVbTFpwfFQvDAdgVBtdWmFeHhpYPlFHC1o2Ew0ORDYIHUZYPBJMWnAoK1s+eAsuIzl1MCsAPGM6KyIwWhIkWDITayAKA3sPIhNcRBEjJzF5Ll4FPmI6Q1suUA0gITlMMkNbKnA+Uz8JTz4yMTl8Lj8BDFIbCCtZY... Frame DA9B 3 KB
2 KB 134ms
131ms Document
text/html 65.9.25.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ufundentofi.xyz/NllmaWhXOwUEV1dkBE8dRDVbTFpwfFQvDAdgVBtdWmFeHhpYPlFHC1o2Ew0ORDYIHUZYPBJMWnAoK1s+eAsuIzl1MCsAPGM6KyIwWhIkWDITayAKA3sPIhNcRBEjJzF5Ll4FPmI6Q1suUA0gITlMMkNbKnA+Uz8JTz4yMTl8Lj8BDFIbCCtZYB8vKyQFNSEvOncqAztRVREfOAd+NSwoDkETLiE+YDYCAiFUHA84GXA1ETo4Wx8nKB9FbD88KXIPLlgZZzE8PiwEHycoEH8yLQI5fgguXS9gLiA/Jm4TIS4DdHxULwx0FyIvO3MxJD8xfhMPWS9wNQUlC2McIzpbG2wfPx9wDzw6UFcLEQ4AbwwkHjl+YFYhBFkWLS4udxgRIAd8IQoKPHExVDgEdxc2EBtQDw0rTQQfJwIlcg8LJ1huGDw/DQULBSsEbDYCAiJ3GyUaBHcfFigOQRMuKC58MwJZOWAcLitZEDMVBgZGZBAiP1ALFFArQg
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-54.zag50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 9f1dbb2773e706bbadf684a8c57023f4dcb598ef705fa02ca87af664a4ea01cc

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1212
content-type: text/html
date: Sat, 16 Jul 2022 02:41:20 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11e.cloudfront.net (CloudFront)
x-amz-cf-id: x1xvmJ12LNuEB7ul6EAnZ36ld-Jy8otKhzt_eIPmgcotQBeALKJuVw==
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront

GET
H2 204 SlRRQVZlazIyaxs+Ay0PEiRgAGcyDgJyGwcBPQsVLgUTFQMfP3c1Py5paXNkf2ZlZyYjMGxwcDkgMDUjOWlgZz8kMj58cDxpYG9lfnpjdnh7ciR8Z2wgISAxd2V3MSI+OGxwYH9jaHJveGxhdWVy
ertyvaluation.lol/ 0
503 B 125ms
99ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertyvaluation.lol/SlRRQVZlazIyaxs+Ay0PEiRgAGcyDgJyGwcBPQsVLgUTFQMfP3c1Py5paXNkf2ZlZyYjMGxwcDkgMDUjOWlgZz8kMj58cDxpYG9lfnpjdnh7ciR8Z2wgISAxd2V3MSI+OGxwYH9jaHJveGxhdWVy
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyD8ulseaZrIbzaGYFliK%2FN0lmFSSe9WVFBMeeBQOaci8%2BIKh2UxgnlxqasfZHL1%2FCjCoRFpngrbPfDAS%2F7p0%2B0edcrbBwCi%2BBMntvgKqUOmXr%2B1i1z5Qd8ZSbAgEriWGw%2FYBdiD5ji7ncTgxauSyw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 72b760d73a6b9237-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 101ms
77ms Image
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 186ms
86ms Image
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 293ms
193ms Image
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 204 RnpfZGxFY0JhZAJpXXY2BzULbXNRJBgkLkplWmV1TmdVYnpHYFpp
ertyvaluation.lol/UEJ3VGx/fRQnUQM4IQA+OzZPFisSOBRnCxgYP21ZNhMTPAgYelEgBTR/T2xVZHtDchw5JkplSiM2FiAZI39GcgU+JBhpSiZ/ 0
266 B 138ms
113ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertyvaluation.lol/UEJ3VGx/fRQnUQM4IQA+OzZPFisSOBRnCxgYP21ZNhMTPAgYelEgBTR/T2xVZHtDchw5JkplSiM2FiAZI39GcgU+JBhpSiZ/RnpfZGxFY0JhZAJpXXY2BzULbXNRJBgkLkplWmV1TmdVYnpHYFpp
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJq80KpWsdXZXbtzJ3iaXjvNX5S8uZ9kFQFtIvFqtB%2FtBphVBKd6%2Ba9lkik1jZQ%2FxjKdTUsKqEAnHfL1icsIxNQrSVVqrBiEavz25QjHBHZyWE1Jrn0aN%2FLOYWaX41CUhhLesoItdbXQcEqrgrzc6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 72b760d73a6f9237-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 R1dsRlpoaA81ZxU6HBIXKxFeEQ0KEjZ1ECM2GwQqIWZZLxsQNEoyMyNqVHJpdWFdYCouM1F3YmEkGCcuMiRRd3wuOQopZ2EhUXd0d3ldaGhhIlF3fDMnDSFndnEcMi4ral1wb3BuX39of2dYfm8
ertyvaluation.lol/ 0
265 B 130ms
105ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertyvaluation.lol/R1dsRlpoaA81ZxU6HBIXKxFeEQ0KEjZ1ECM2GwQqIWZZLxsQNEoyMyNqVHJpdWFdYCouM1F3YmEkGCcuMiRRd3wuOQopZ2EhUXd0d3ldaGhhIlF3fDMnDSFndnEcMi4ral1wb3BuX39of2dYfm8
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4mk6ANiUXhsrzVpLADv42a8Gr%2BvirG5oOzHF39fmfAb4HVZeLGxr9vfBEcKevA4KCvaVNJNQqOa7kXsSpkNoRJfTZOTI%2FNn0TFS0AwOdaxQlICFRfLKXVBJd3xhTI3upFq%2FBZzDK8qjoqRf2mo9uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 72b760d73a6e9237-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 126ms
42ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

7f8495f9c073d28c39b5fba3570941fe83294d070b378a40445738bc5337f2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
server: sffe
etag: "1274 / 612 of 1000 / last-modified: 1657923709"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Jul 2022 02:41:20 GMT

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 410 KB
127 KB 51ms
33ms Script
application/javascript 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9b3c3b7235ae01d789176e95612eb5c49b8ee0d029715ea795f91913454ad36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-ray: 72b760d738dcbbc1-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 15:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOBpO4%2FLoYEWtkhyb3ewFef9w%2F%2BQOQ7YDS25%2BN32wuX57X9J3g37VXodv0Ln2dL5RPjbWLsq9YC8YfEuKKb%2F0HvdxzKBqhELjvfh4sVsW%2BtxNkvRG9jyeJSK5sZp4LwieU5J48hVhw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 21941096 21844022
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 373 KB
125 KB 133ms
52ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127042
x-xss-protection: 0
expires: Sat, 16 Jul 2022 02:41:20 GMT

GET
H2 200 / Show response
d192r5l88wrng7.cloudfront.net/ 350 KB
114 KB 191ms
175ms Fetch 2600:9000:211e:bc00:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 058beb8c47d36d9d7e183f66a51560976ee9f48785be292b6280ed9cd6ae1fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 116023
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-id: 9llyJGTxCTtYnhbLJ_A3HbaRT0pdVksxuQXGt2FNQD-r3ecdJeSs1A==

GET
H2 200 3230648 Show response
in-page-push.com/400/ 84 KB
32 KB 76ms
41ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/3230648

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

288c40c782ae0538f74db09ccc353e2f06d05fb1fe24e9a890f99a35d6e3406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: b22d0477c0f452918417cae75b74d037
pragma: no-cache
date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 86 KB
33 KB 129ms
49ms Fetch
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c80a783a997b370058fd8eee1c6882844d2b10f8f708922ab10e0ff53d65bbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34087
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://exey.io
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:41:20 GMT

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 58ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Origin: https://exey.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1965811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ5loltzQehufyYooRKPH9P26xY6ts%2FZ3DgD0bphrCPQpeX9LYTkQ3Hx8b7PTaCHBKiYq9YWLi2xrj76TKaAT0VojF9YtHv3nyl%2B68d8hMyRiqpwNpId7VpEHy9EvkYfU%2FRAxwlOPaGDEt9cJJMjahx5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72b760d7dc4a8ff4-FRA
expires: Thu, 06 Jul 2023 02:41:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 96ms
29ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6312
date: Sat, 16 Jul 2022 00:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 16 Jul 2022 02:56:08 GMT

GET
H/1.1 200
OK geo Show response
ghb.adtelligent.com/ 149 B
412 B 604ms
87ms XHR
application/json 209.205.197.154
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo
Requested by: Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/623444fe30482400586261c9.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 5c80f1a87bc165dc4e1bfd493a6c72b8d1f542cf8b3a932d9eb75fd58b257e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:41:20 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://exey.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 149

GET
H2 200 AkMDVmN0XAZVe3RcBlZodkJABCslAFpAfwJHAFJjd0QVEHB1 Show response
d192r5l88wrng7.cloudfront.net/qM2VNRHJQCiMiTUcMKXlKB1Z/ckMVDz4rHENYOw8lVTc/fTFHQzk+Fg5VaygTXQJwYhddBnB1VFIBL3lGFRAseR9cHyQoHlJAfwJHHVVodkIbEiQqFlwSPmFAAws5YUADVH1qQhZWD2FAAxIkKkQHQH4GVwFVNXJGGkB/dB... Frame DA9B 181 B
461 B 157ms
157ms Script
text/plain 2600:9000:211e:bc00:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/qM2VNRHJQCiMiTUcMKXlKB1Z/ckMVDz4rHENYOw8lVTc/fTFHQzk+Fg5VaygTXQJwYhddBnB1VFIBL3lGFRAseR9cHyQoHlJAfwJHHVVodkIbEiQqFlwSPmFAAws5YUADVH1qQhZWD2FAAxIkKkQHQH4GVwFVNXJGGkB/dBNDFSEhBVYHJi0GFlcLcUEES3-5yVwFVZS8aRwghYUBwQH90HloOKGFAAwIoJxlcTGh2QlANPysfVkB/AkMDVmN0XAZVe3RcBlZodkJABCslAFpAfwJHAFJjd0QVEHB1
Requested by: Host: ufundentofi.xyz
URL: https://ufundentofi.xyz/NllmaWhXOwUEV1dkBE8dRDVbTFpwfFQvDAdgVBtdWmFeHhpYPlFHC1o2Ew0ORDYIHUZYPBJMWnAoK1s+eAsuIzl1MCsAPGM6KyIwWhIkWDITayAKA3sPIhNcRBEjJzF5Ll4FPmI6Q1suUA0gITlMMkNbKnA+Uz8JTz4yMTl8Lj8BDFIbCCtZYB8vKyQFNSEvOncqAztRVREfOAd+NSwoDkETLiE+YDYCAiFUHA84GXA1ETo4Wx8nKB9FbD88KXIPLlgZZzE8PiwEHycoEH8yLQI5fgguXS9gLiA/Jm4TIS4DdHxULwx0FyIvO3MxJD8xfhMPWS9wNQUlC2McIzpbG2wfPx9wDzw6UFcLEQ4AbwwkHjl+YFYhBFkWLS4udxgRIAd8IQoKPHExVDgEdxc2EBtQDw0rTQQfJwIlcg8LJ1huGDw/DQULBSsEbDYCAiJ3GyUaBHcfFigOQRMuKC58MwJZOWAcLitZEDMVBgZGZBAiP1ALFFArQg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 029cd7010edd4015794ab87dd340733701f15fe7a6b6877770710e3aeacbadb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufundentofi.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 184
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-id: 9z660Y4RUjkEQHB-xt9TgWgZEgNrN-9_hn1Mm6wjiIEJrXpci_k0pw==

GET
H2 200 UAsGekpTHkRpSA Show response
d192r5l88wrng7.cloudfront.net/5MVR5ZThSOxcDB0U9HVgAA2ZMVwwXPgoKVkFpLRUAZS1JMl4JPx1VHkUuHVgIFzgYC18MchwLWwxlXwRcU2lNQ0xBOxJYSlk9ARdUXDgQDx5ENUQIV0s9FQlZFGY/UBYBcUtVEEY9FwFXRidcVwhfIFxXCABkV1UdAhZcVw... Frame D3C3 700 B
802 B 163ms
162ms Script
text/plain 2600:9000:211e:bc00:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/5MVR5ZThSOxcDB0U9HVgAA2ZMVwwXPgoKVkFpLRUAZS1JMl4JPx1VHkUuHVgIFzgYC18MchwLWwxlXwRcU2lNQ0xBOxJYSlk9ARdUXDgQDx5ENUQIV0s9FQlZFGY/UBYBcUtVEEY9FwFXRidcVwhfIFxXCABkV1UdAhZcVwhGPRdTDBRnO0AKASxPUREUZk-kESEE4HBJdUz8QER0DEkxWDx9nT0AKAXwSDUxcOFxXexRmSQlRWjFcVwhWMRoOVxhxS1VbWSYWCF0UZj9UCAJ6SUsNAWJJSw0CcUtVS1AyGBdRFGY/UAsGekpTHkRpSA
Requested by: Host: ufundentofi.xyz
URL: https://ufundentofi.xyz/UXIyQ1YwEFEuaTBPUGUjIx4PZmQXVwAFMmBLADFjPUoKNCQ/FQVtNT0dRycwIx1cN3g/F0ZmZBdHfxUEZChmKwUeClEHFGEnCwsANjNzcQwcJEU0DgEVXQgAOjRCDwQEM2gQZxs/XnccAQoDFR46J0cLADY7dDkxCDEDexsyGkUPASYKXhshAxFncTofIwI7FB4KeBoFPRkLAgQ1J2oHMQA2SnYTHydjCgBhAQsFBz0odAQPdEB0FhQIMFEWIgc3dxpvFwV0GwQ4FlEVITkUewUuCTFzAT0HQ2cnFzkoURUhOTViETIFNnAROB5CcwgXAgpiFgQUJ2goezo3YQYTZTpwCTIECAoSEwNCdgY9KSV2O28/JgICHRAqRRASBApRDBApKlc7BDwhYy8EBhh0IAAmGmUOBD49ZDs+KSEDFTQGIWsUFRdCZxk8aCdxAhxnIWcwGBAleAkFJkJxIAMlJGFyFyg1cCcEFzVrZmQXJ3MwETQZQhceOiBCEBd3GEEsOCFPZjNuBQsCFDBpGVZz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f6defbf37470ef48c1f88b19da8714385ccf3739ba911c4df2adafe2b573d359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufundentofi.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 523
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-id: NgH4Tgkz7WbqqSHZMFQvdK63N7WqQT-8B9DlGOTpdzUPzbhdyNT_ZA==

GET
H2 200 stattag.js Show response
tzegilo.com/ 49 KB
18 KB 64ms
22ms Script
application/javascript 2606:4700:3033::6815:16a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3230648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 09:20:35 GMT
server: cloudflare
etag: W/"62a1bb63-c24f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUR30szGmqQ2DBfo%2BVEWmbEBEInPcGV2NpaBhw08%2BUTKECa69feZ3U97he8yKyqQsVcsCykP91QXOi2m707%2Bgf15ukkYWHcBJhI8RaYYe036bmJcBnZ4BtsEFW5akuJTA3zM9%2FgcB7GwMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 72b760d87a36bba3-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin

GET
H3 200 pubads_impl_2022071301.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 92ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071301.js?cb=31068473

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ef4703ba28ef59dcf9b90ce4e11947ef13ed4d0f9c6d40d118565e78d8c0d93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 19:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131288
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jul 2023 19:56:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 465 B
214 B 100ms
39ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=exey.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e27a01e2c64599c618fc3354fd271c734fbd2068f9e663116665543b82416531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0
expires: Sat, 16 Jul 2022 02:41:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 98ms
37ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1363658440&t=timing&_s=1&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.min.js&utl=v-exey-io&utt=132&_u=YEDAAUABCAAAAC~&jid=1245008424&gjid=1526209154&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&_r=1&gtm=2ou7d0&z=1745768243

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exey.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NlZlYWNASWBie0BJYGFoQlcmMysRFTx3fzZSZmVjQ1FzJ3BB Show response
d192r5l88wrng7.cloudfront.net/tZ1VSTXAEOjwrTxM8NnBIX2xmdERBPyEiHhdoFCwADgQEFzo0PD49BRFzJjcUWmV0IREJMm9rFQk2b3xWBjEwcERBISIiG1onOiQIFTk/IRkNcycsTQo6KCQcCzR3fzZSe2JoQld9JSQeAzolPlVVZTw5VVVlY31eV3BhD1... Frame C4B4 866 B
892 B 162ms
162ms Script
text/plain 2600:9000:211e:bc00:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/tZ1VSTXAEOjwrTxM8NnBIX2xmdERBPyEiHhdoFCwADgQEFzo0PD49BRFzJjcUWmV0IREJMm9rFQk2b3xWBjEwcERBISIiG1onOiQIFTk/IRkNcycsTQo6KCQcCzR3fzZSe2JoQld9JSQeAzolPlVVZTw5VVVlY31eV3BhD1VVZSUkHlFhd34yQmdiNUZTfH-d/QAYlIiEVEDAwJhkTcGALRVRifH5GQmdiZRsPIT8hVVUWd39ACzw5KFVVZTUoEww6e2hCVzY6Px8KMHd/NlZlYWNASWBie0BJYGFoQlcmMysRFTx3fzZSZmVjQ1FzJ3BB
Requested by: Host: ufundentofi.xyz
URL: https://ufundentofi.xyz/T1Q1OEkuNlZVdi5pVx48PTgIHXsJcQd+LX5tB0p8I2wNTzshMwIWKiM7QFwvPTtbTGchMUEdewkgbwkfHABteQwAPkJKHTcZDXYnDR1tCjEiMHBqCx8tcFEBJzBafgo4FXFfGAoST1d5HxABAQsdEk9yIywBYlUffx1nfQMCOQxKDx4/B1p6NwN3Ugw4N3BqCwYHfFEOfjtbdyAeHXNsImpmc3EbJBpWQSo8AGRXfwQXZFsKNQYGXjMVB1AKAyAFWVxwBQdkXQg1O1loJRkCb2w+egJjbiUWZwRdH3wWXXx4GQJvaxwkHFl+IStnAUEYIjBcdhwVAFNwZCtxB34YDg1ZcSAKAnB8CDgeXVMdLBN0dBsZBlxeAXoTZFUtJg5nSxkGAA1QHxkBYlx6dhV2Qj56H3NuHxUAYFcMOCMDXXsnF2NCEHkETQACAhxRHXsJGlliJRYDe3kaGBZcXXkNHmx/DyAFWVskAi1Gag8bLAZeMxUHb1UfJQUEfjMFZ3d6byUnWlY5chJUSCAeAm9yGiY4RU0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0ed91330cf63f002e65d8d5c9b46a9cd0af792a460ea2f02797bb14736189c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufundentofi.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 614
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-id: GTPO2f5EUPv9g_qKMkdYULOP_4mgQY2NWEvqjg0RsS6BQyD8J4sizQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
30ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=timing&_s=2&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_ima3.js&utl=v-exey-io&utt=257&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=252608014

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19946
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:20 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 651 KB
180 KB 47ms
47ms Script
application/javascript 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
cf-ray: 72b760d90a2abbc1-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 13:25:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FExcbTEXcxw4ds3sXhhHDKTdAQCCb5JJ3CKCbheVWZkoDeccuS3MXf2ySDIrtBB3r9u9paVJrfgoNfpIK1mX6vlLB7wM24SHAG4bbXyl2HRVApt6Uzaf7rFVB%2BV9euxfI0C%2BXu30Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 21815217 21814395
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v6.24.1.js Show response
a.vdo.ai/core/assets/ 466 KB
131 KB 32ms
31ms Script
application/javascript 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbc9719c72a462df357c3a5209f268d45cd45cc7270c682ebf5724c97cb7364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:20 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-ray: 72b760d90a2cbbc1-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Jun 2022 14:09:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5nNrZumoUrq97P7DK%2BPeYhdC%2Fnv5oKeIrIgruasL08RyRgZxmoB%2FL7X%2Bz1q6RsuwGLfX6RuUBd%2B91YX5%2FrQuJJl2OeBsqXfLAzTIAlapdBAyeZkQ%2FFpfhUjcHvpE5wufN4BgJPPkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 21704026 21572054
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=pageview&_s=3&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=315530404

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19946
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=4&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=244251131

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19946
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
538 B 46ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

923380b51ab7b461e1781bf9c9f0fa2607985477a0888cd8cefdf9f47bf46d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exey.io
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 126ms
45ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=exey.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071301.js?cb=31068473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071301.js?cb=31068473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 576 B
342 B 206ms
205ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1956074018596378&correlator=3198112306890074&eid=31068458%2C31068473%2C42531608%2C44764002%2C21065725&output=ldjh&gdfp_req=1&vrg=2022071301&ptt=17&impl=fif&iu_parts=26001828%3A22675219970%2Cz1_dfp_ron_display_companion_b_pre&enc_prev_ius=%2F0%2F1&prev_iu_szs=234x60%7C300x50%7C300x60%7C300x75%7C320x50%7C400x20%7C450x50%7C468x60%7C728x90&ifi=1&adks=3681295112&sfv=1-0-38&ecs=20220716&fsapi=false&prev_scp=site%3Dexey.io&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1657939281047&dlt=1657939280206&idt=812&adxs=328&adys=223&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fexey.io%2FrKx2A&frm=20&vis=1&psz=945x258&msz=945x0&fws=0&ohw=0&ga_vid=983813616.1657939281&ga_sid=1657939281&ga_hid=1363658440&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071301.js?cb=31068473

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

119de39767e14cb3272b176c2c6046734e740e932dec0c4e9e7d4eb8a2cd4d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exey.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FAA 6 KB
4 KB 254ms
46ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071301.js?cb=31068473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:41:21 GMT
expires: Sun, 16 Jul 2023 02:41:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3230648 Show response
in-page-push.com/500/ 4 KB
2 KB 71ms
71ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3230648?excludes=&oaid=b321a214ac534bc5836c240955e7e748&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fexey.io%2FrKx2A&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d97b12ffe57a1c3cc27e363241bf4a120c85f4e3a1b3306666357b9a06e99dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: bc11d721aa9d289fa65ce0c4898afb0b
pragma: no-cache
date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
in-page-push.com/500/ Frame 0
0 40ms
13ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://exey.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exey.io
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 16 Jul 2022 02:41:21 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 220ms
52ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6c4442649280faf20691f640524bfa6550e83d8db6e24675867e5286d9bf4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 16 Jul 2022 02:41:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=timing&_s=5&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=v-exey-io&utt=301&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=1416626010

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19947
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=timing&_s=6&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=v-exey-io&utt=321&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=1522685945

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19947
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 16560647582262b58af650e93.png
h5.vdo.ai/media_file/v-exey-io/source/uploads/thumbnails/ 686 B
1 KB 306ms
98ms Image
image/png 51.79.72.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.vdo.ai/media_file/v-exey-io/source/uploads/thumbnails/16560647582262b58af650e93.png
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.199 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567735.ip-51-79-72.net
Software: openresty /
Resource Hash: aa710163e37fe5d50f6684f5ec9a10ad1dd6487cb9e7102fe22520230c7bedb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:41:21 GMT
Last-Modified: Fri, 24 Jun 2022 09:59:18 GMT
Server: openresty
ETag: "62b58af6-2ae"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 686
Expires: Sun, 16 Jul 2023 02:41:21 GMT

GET
H2 200 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 82ms
12ms Image
image/png 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
last-modified: Thu, 01 Jul 2021 09:13:54 GMT
server: nginx
etag: "60dd8752-86d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2157

GET
H/1.1 206
Partial Content Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
h5.vdo.ai/media_file/v-exey-io/source/vhs/ 368 KB
0 394ms
194ms Media
video/mp4 51.79.72.199
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exey-io/source/vhs/Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.199 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567735.ip-51-79-72.net
Software: openresty /
Resource Hash

Request headers

Referer: https://exey.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 16 Jul 2022 02:41:21 GMT
Last-Modified: Thu, 26 Mar 2020 14:03:24 GMT
Server: openresty
Access-Control-Allow-Origin: *
ETag: "5e7cb62c-7353fbe"
Content-Type: video/mp4
Content-Range: bytes 0-120930237/120930238
Cache-Control: max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 120930238
Expires: Sun, 16 Jul 2023 02:41:21 GMT

GET
H3 200 bridge3.521.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1582 633 KB
204 KB 119ms
40ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089f8aca1b5c39d6b8675a682df4a0f209f14cf25082fa95217bce18930b0052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 383443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209264
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 16:10:38 GMT
expires: Tue, 11 Jul 2023 16:10:38 GMT
last-modified: Mon, 04 Jul 2022 16:05:25 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 127ms
46ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:41:21 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
32ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:21 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 20ms
20ms Image
image/svg+xml 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
cf-ray: 72b760dbac19bbc1-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGUjgkQnzdhgDqg5lnXJwrLf3qAoi9dqpGk7VDUmnyRLwAitLqfIHxGVijsBDdEHcAwTjAyK0zACUAW2H%2BhuS97ST0b8VySH9vk%2BmbtLMWA1IC50%2FFCvHQiPDEj%2FD%2BGhZWu0LRfcEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 39050074 35895492
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 623444fe30482400586261c9.js Show response
platform.pubfuture.com/v1/config/ 4 KB
2 KB 103ms
103ms Script
application/javascript 107.23.117.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.pubfuture.com/v1/config/623444fe30482400586261c9.js?v=6&ip=MTg1LjIxMy4xNTUuMTY2&cc=REU=&c=MjkyNTUzMw==&d=ZGVza3RvcF93aW5kb3dz&s=aHR0cHM6Ly9leGV5LmlvL3JLeDJB

Requested by

Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/623444fe30482400586261c9.js?v=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.117.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-117-246.compute-1.amazonaws.com

Software

Resource Hash

f11b79639bbe3ce1ec637697a3cfed0147dfbd2ab7a68aecb4e1d69939b8bf50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
etag: W/"ea6-KvI/bMSKuUsmXZVJ6nopaWhE21c"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H3 200 popunder.gif
ertyvaluation.lol/ 35 B
636 B 26ms
14ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertyvaluation.lol/popunder.gif
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Sat, 16 Jul 2022 02:41:21 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Jul 2022 16:28:44 GMT
server: cloudflare
age: 36757
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIVPnACIaOqT19U%2Btv63V3oPoAHqVYJnE3xVh1fsQsQ0aTLP4Qu3SEaW8KytsVU8fD%2FxvUnnHJg2c5vv7RH086%2FNd%2BwZfWQQBuRXYVYgRlLZ9Q8UT4CFEUlWGYEAgIySPlucc5xRXbheETT%2B7RcFUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b760dc0a8f9213-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
32ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:21 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 63ms
32ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:21 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 95ms
32ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:21 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 95ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:21 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=7&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=441785980

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19947
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
30ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=8&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=741107714

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19947
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
30ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=9&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=1799972128

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19947
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://exey.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/dfd2e197/www-widgetapi.vflset/ 158 KB
51 KB 117ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dfd2e197/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9d2b13bd7e7c42fb66b1809b53f882444ea82f853a18f8295913ce0f920dab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52404
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:16:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jul 2023 02:02:55 GMT

GET load2.js
tags.h12-media.com/ 0
0

GET
H2 200 qZGG2to1FkdC_3yJVxdNMz-eM1B7UxAa3xM0gy072yzP9GBp1df5AVMoQyyxGUYVjKe-VfDrvJuWXMKSCQL1NB-MLJYWi0ixai5CoXdSXH4riLi4coFQjlbptc5R6BuwAlJjTWufwQMLFKIxnYI7UhqedpkPGZwjFdqrxr9ncTkEB-DQxeXwhtS9Ij7SKtOKXyY3z...
in-page-push.com/impression/ 43 B
421 B 16ms
16ms Image
image/gif 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in-page-push.com/impression/qZGG2to1FkdC_3yJVxdNMz-eM1B7UxAa3xM0gy072yzP9GBp1df5AVMoQyyxGUYVjKe-VfDrvJuWXMKSCQL1NB-MLJYWi0ixai5CoXdSXH4riLi4coFQjlbptc5R6BuwAlJjTWufwQMLFKIxnYI7UhqedpkPGZwjFdqrxr9ncTkEB-DQxeXwhtS9Ij7SKtOKXyY3zIZJqDYvrtz2My41CKJgLuoZuICOWXKr6w46q-74Ew4il1x3OeUF0urhm0KRYk2uNxDl3rwJ5En_lbYZH3csiFv7kwn20kUky6m9hLHliDLHcF788RisoRv5Xkmltt6nexfDlCNXMwq_yD9Rf4Hd1E9ezqd3pe1NrYrr3tkW90nqxaW-WCodl4KoBIBiSBVK4z0HUsny2sJzljD6sar5pXf0Ato8L0m4TOJ7jMxdex5PrGf_53mbCaF9m0xpLcwAJvKOhiRkwJBxoJoGhBJKsqIt6rqXdI0jno04UDrJnTz0zQLMhbwxtynSohH1NMl0UqZyNt2rp1XdLlWvZahaOTOe6X0NJGAa9xOOixxhMrTS?_z=3230648&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fexey.io%2FrKx2A&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 8587d96adc197c119c688bef413feb86
pragma: no-cache
date: Sat, 16 Jul 2022 02:41:21 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 3230648 Show response
in-page-push.com/500/ 4 KB
2 KB 19ms
19ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3230648?excludes=13057094&oaid=b321a214ac534bc5836c240955e7e748&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fexey.io%2FrKx2A&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bbd3463fa82a0c53835630a77797eba0ca7eb56514f1bc2374986c0c7ef71f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f75add0057588aea6e5efe4610100c94
pragma: no-cache
date: Sat, 16 Jul 2022 02:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
in-page-push.com/500/ Frame 0
0 13ms
13ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://exey.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exey.io
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 16 Jul 2022 02:41:21 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ Frame 55C8 2 KB
3 KB 20ms
20ms Image
image/png 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3230648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
last-modified: Thu, 01 Jul 2021 09:13:54 GMT
server: nginx
etag: "60dd8752-86d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2157

GET
H2 200 0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 2 KB
3 KB 13ms
12ms Image
image/png 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:21 GMT
last-modified: Thu, 08 Apr 2021 14:22:06 GMT
server: nginx
etag: "606f118e-932"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2354

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
477 B 48ms
14ms Fetch
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 16 Jul 2022 02:41:52 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://exey.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H/1.1 206
Partial Content Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
h5.vdo.ai/media_file/v-exey-io/source/vhs/ 4 MB
0 206ms
205ms Media
video/mp4 51.79.72.199
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exey-io/source/vhs/Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.199 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567735.ip-51-79-72.net
Software: openresty /
Resource Hash

Request headers

Referer: https://exey.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=720896-

Response headers

Date: Sat, 16 Jul 2022 02:41:21 GMT
Last-Modified: Thu, 26 Mar 2020 14:03:24 GMT
Server: openresty
Access-Control-Allow-Origin: *
ETag: "5e7cb62c-7353fbe"
Content-Type: video/mp4
Content-Range: bytes 720896-120930237/120930238
Cache-Control: max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 120209342
Expires: Sun, 16 Jul 2023 02:41:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=timing&_s=10&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=v-exey-io&utt=1144&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=270160199

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19948
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
34ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=11&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=1403623065

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19948
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 120ms
45ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1582 83 KB
17 KB 279ms
278ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22675219970%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_exey_io_v_pre_1&description_url=https%3A%2F%2Fexey.io%2FrKx2A&tfcd=0&npa=0&correlator=4478394197733977&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FrKx2A&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26onetag_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=CF7B3315-C434-42AE-847D-0A5FD86AAAA5&nel=0&eid=44750822%2C44754420%2C44756710%2C44760950%2C44761692%2C44762904&dlt=1657939280206&idt=1340&dt=1657939282356&cookie=ID%3Da2e58fe468678f03-22870d76cfcd007e%3AT%3D1657939281%3AS%3DALNI_MaDgoAEyYiUp4iWk3OiL-Ad-qAr-w&scor=2665688193592913&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

219d80f64d658e9f366033fed95abf3c21a90e43c0382f86a0dcc37739172b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17307
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 38ms
38ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:22 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 hb4aioun-Wx4GEqbQkfcbNRmpu7vcM8J2ErTITdjJTY3otmpm5rmmu7jtYsZalMcy4Vbu0k0D52_iNqhgdfi_YNovEdmZABSqxRK8NQ3XvELnhpT2tsr45XELjJfvnQG6yGzFOLvWzVosXrXMvk55PXXzcC5UTfdZ8TPmcZQOKq5NgnHJsC7IhIGn8YR1iHdHEk-f...
in-page-push.com/impression/ 43 B
421 B 19ms
19ms Image
image/gif 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in-page-push.com/impression/hb4aioun-Wx4GEqbQkfcbNRmpu7vcM8J2ErTITdjJTY3otmpm5rmmu7jtYsZalMcy4Vbu0k0D52_iNqhgdfi_YNovEdmZABSqxRK8NQ3XvELnhpT2tsr45XELjJfvnQG6yGzFOLvWzVosXrXMvk55PXXzcC5UTfdZ8TPmcZQOKq5NgnHJsC7IhIGn8YR1iHdHEk-f-ZuA0UEjh1mJo5cUe9MnRnGPKwBw5QMbO3D7nP6nNV9kT-OY1Cv_crjKCnAFjjPg4DjSQWOLCAki_WNbUpjkxVG6Jp-1DRWvYjk4noYg1r1XTVWQb_TGm30vdz57xDZgAc5Fb93eHD1YCfKA_PXVasb7rOhZcv8RVPdvKjyj-pAw63Pq5tO_V0GMkBhrUC-WKg2vKwDjD64?_z=3230648&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fexey.io%2FrKx2A&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 871df1360d207c6ec9309f0fd1397707
pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1582 0
54 B 180ms
63ms Ping
image/gif 2a00:1450:401b:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l5na8oze&c=795434070118&slotId=397717035059&qqid=CNm18o-x_PgCFfyA_QcdtHUOvw&gqid=UiXSYsW4FvWy9u8PzJCasAY&fb=ima_html5-lima&sdkv=h.3.521.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44750822%2C44754420%2C44756710%2C44760950%2C44761692%2C44762904&met.4=ghmsh_s.l5na8pun~ghmsh_s.l5na8puo&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=42zl5GLZ26YizJC7
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401b:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 1582 453 B
478 B 40ms
39ms Image
image/png 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-5626228370107604

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 01:56:48 GMT
x-content-type-options: nosniff
age: 2674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 02:46:48 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 42 B
536 B 147ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI6qaUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMoCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-mVIZxsA8JYT9T4d9wS_V7OchBuzCs7KofHXL1_rB6IIbVp3jZzc1MQoWf36jUPkTeYzlQTNXCBug5G932dlwASP5IiL7wPgBAGIBaS2zes8kgUICAMQARgBUAGgBlSAB7fU4Y4DqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECxCVtadRoFImyugAoDmAsByAsB0AsOuAwBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=t39dxW20vfM&label=show_ad&sdkv=h.3.521.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiMQDyUAAPBBKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNQABgB

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 1582 0
0 68ms
67ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CjJkIUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGSBQgIGxADGANQAaAGVIAHt9ThjgOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEOjg0AGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATlNjlD8ITBhi3nJGvKMgTkai23wPYEw3YFAHQFQGoFgHiFgIIAYAXAbIXHgocCAASFHB1Yi03MDk0Njc3Nzk4Mzk5NjA2GMSLFw&sigh=CQdaHput3tk&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.521.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiMQDyUAAPBBKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNQABgB
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1582 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 152ms
63ms Ping
image/gif 2a00:1450:401b:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l5na8odk&c=795434070118&slotId=397717035059&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401b:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1582 0
442 B 156ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.521.0&e=44750822%2C44754420%2C44756710%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4076697086063896&domain=exey.io

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3230648 Show response
in-page-push.com/500/ 10 B
496 B 35ms
33ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3230648?excludes=13057094,12792168&oaid=b321a214ac534bc5836c240955e7e748&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fexey.io%2FrKx2A&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: e93e13c6536595c827686a3f48eb6e48
pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 10
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
in-page-push.com/500/ Frame 0
0 18ms
18ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://exey.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exey.io
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 16 Jul 2022 02:41:22 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ Frame 55C8 2 KB
3 KB 16ms
16ms Image
image/png 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3230648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:41:22 GMT
last-modified: Thu, 08 Apr 2021 14:22:06 GMT
server: nginx
etag: "606f118e-932"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2354

GET
H/1.1

206
Partial Content

videoplayback
rr1---sn-5hne6nzy.googlevideo.com/
Redirect Chain

https://rr5---sn-5hneknee.googlevideo.com/videoplayback?expire=1657968082&ei=UiXSYoyLI_yI6dsPvbWyUA&ip=185.213.155.166&id=4d99361550409111&itag=22&source=youtube&requiressl=yes&mh=xL&mm=31&mn=sn-5h...
https://rr1---sn-5hne6nzy.googlevideo.com/videoplayback?expire=1657968082&ei=UiXSYoyLI_yI6dsPvbWyUA&ip=185.213.155.166&id=4d99361550409111&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ct...

2 MB
2 MB

87ms
16ms

Media
video/mp4

2a00:1450:400e:15::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzy.googlevideo.com/videoplayback?expire=1657968082&ei=UiXSYoyLI_yI6dsPvbWyUA&ip=185.213.155.166&id=4d99361550409111&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.093&lmt=1646599732905985&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgAN404-Bl5mc-diXlZ1vJ3ZNXR6c4E0DzQLAzWaIqeNYCIQCthwenxpnArnQA2r0IRpcngdUOypcQBnEDmi-zvr305g==&cpn=42zl5GLZ26YizJC7&redirect_counter=1&rm=sn-5hnesl76&req_id=a8fa4901e80136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=xL&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nzy&ms=au&mt=1657939049&mv=m&mvi=1&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaVFLlpZu6w_au9KtvEaJhEL6YSe6BbNXgcZrDVjJqMgCIH-KBTPQb4dsYbAo-I7f-aouBIGye_juf30dnpDkyfSo

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

HTTP/1.1

Server

2a00:1450:400e:15::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9dd63a7b49c4519c237d8205f61a424255428c2457966147d74851715c986f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:41:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Mar 2022 20:48:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2090563/2090564
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2090564
Expires: Sat, 16 Jul 2022 02:41:23 GMT

Redirect headers

Date: Sat, 16 Jul 2022 02:41:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr1---sn-5hne6nzy.googlevideo.com/videoplayback?expire=1657968082&ei=UiXSYoyLI_yI6dsPvbWyUA&ip=185.213.155.166&id=4d99361550409111&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.093&lmt=1646599732905985&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgAN404-Bl5mc-diXlZ1vJ3ZNXR6c4E0DzQLAzWaIqeNYCIQCthwenxpnArnQA2r0IRpcngdUOypcQBnEDmi-zvr305g==&cpn=42zl5GLZ26YizJC7&redirect_counter=1&rm=sn-5hnesl76&req_id=a8fa4901e80136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=xL&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nzy&ms=au&mt=1657939049&mv=m&mvi=1&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaVFLlpZu6w_au9KtvEaJhEL6YSe6BbNXgcZrDVjJqMgCIH-KBTPQb4dsYbAo-I7f-aouBIGye_juf30dnpDkyfSo
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Sat, 16 Jul 2022 02:41:22 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 42 B
64 B 121ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI6qaUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMoCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-mVIZxsA8JYT9T4d9wS_V7OchBuzCs7KofHXL1_rB6IIbVp3jZzc1MQoWf36jUPkTeYzlQTNXCBug5G932dlwASP5IiL7wPgBAGIBaS2zes8kgUICAMQARgBUAGgBlSAB7fU4Y4DqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECxCVtadRoFImyugAoDmAsByAsB0AsOuAwBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=t39dxW20vfM&label=video_ad_loaded&sdkv=h.3.521.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiMQDyUAAAxCKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNQABgB

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 1582 41 KB
16 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 10:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 12 Jul 2023 10:58:43 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 1582 0
0 77ms
76ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CjJkIUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGSBQgIGxADGANQAaAGVIAHt9ThjgOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEOjg0AGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATlNjlD8ITBhi3nJGvKMgTkai23wPYEw3YFAHQFQGoFgHiFgIIAYAXAbIXHgocCAASFHB1Yi03MDk0Njc3Nzk4Mzk5NjA2GMSLFw&sigh=CQdaHput3tk&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.521.0
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 B27132157.329301030;dc_trk_aid=521333817;dc_trk_cid=166825204;dc_dbm_token=AD1EzRQAAAA5CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIpLbN6zyoAuSxg5EDsALtp-kMQDsQy9MK9y6I9vEWWZ1HMkNFlfgiZw==;ord=33030...
ad.doubleclick.net/ddm/trackimp/N1059029.3420040GOOGLEYOUTUBE./ Frame 1582 42 B
533 B 131ms
48ms Image
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1059029.3420040GOOGLEYOUTUBE./B27132157.329301030;dc_trk_aid=521333817;dc_trk_cid=166825204;dc_dbm_token=AD1EzRQAAAA5CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIpLbN6zyoAuSxg5EDsALtp-kMQDsQy9MK9y6I9vEWWZ1HMkNFlfgiZw==;ord=3303019050;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=3254329982558962669;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMI2bXyj7H8-AIV_ID9Bx20dQ6_EAEYASAAEgLwx_D_BwE

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 42 B
64 B 110ms
46ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbHFqUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGIBaS2zes8oAZUgAe31OGOA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=BhNYDcMK2Zg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282914%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.12%26t%3D1657939282674&sdkv=h.3.521.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiYQDyUAAAxCKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNI7QFQABgB

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1582 42 B
64 B 161ms
80ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ8jVQtxZXEYGSJswRbfkD5LofeMvbfYgXRYKKyzHKGMdiQ_ifXZnNjZbRzep-oo6i-cDno3qZAwnnXeTUuSPsdWxyFYcwJW0Hi5BzvptcgFIeMm_OFvRJ-6Bv5Nv5wLOiiHrGGJmZ7VIFATkmUjtsrBiJS9sQpTYS3xo6fnY&sai=AMfl-YTJTw2DzupL2FRiHDRSjPGwSGhZA71OJfWIWNMegbmnpkSKq1hCiKsjzFRTlX6nLKIVn2Hrl31MWUKK3V06s4vRCOUhKBIY0IOk765XwTqFKKtHwtRUIBSysepq&sig=Cg0ArKJSzK4eq9GDghP-EAE&cid=CAASF-RomHlYyJBfAeYGPspazlSsGlgyVAeC&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282915%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674&avm=1

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 1582 42 B
64 B 127ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=3254329982558962669&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282915%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674?

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 1582 42 B
207 B 85ms
69ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282915%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674?

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 42 B
64 B 111ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbHFqUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGIBaS2zes8oAZUgAe31OGOA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=BhNYDcMK2Zg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282916%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674&sdkv=h.3.521.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiYQDyUAAAxCKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNI7QFQABgB

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 1582 42 B
107 B 86ms
70ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282916%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674?

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1582 0
20 B 152ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.521.0&e=44750822%2C44754420%2C44756710%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4076697086063896&domain=exey.io

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 42 B
64 B 110ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbHFqUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGIBaS2zes8oAZUgAe31OGOA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=BhNYDcMK2Zg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=admute&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282920%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674&sdkv=h.3.521.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiYQDyUAAAxCKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNI7QFQABgB

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%...
ade.googlesyndication.com/ddm/activity_ext/ Frame 1582 42 B
107 B 85ms
70ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D30046%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939282920%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.12%26t%3D1657939282674?

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:22 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:22 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:22 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 33ms
32ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:22 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 60ms
33ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 16 Jul 2022 02:41:22 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=12&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video_loaded&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=622510486

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19948
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=13&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview_match&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=997622703

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19948
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=14&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview_match&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=1783498288

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19948
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame C246 23 KB
9 KB 114ms
36ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 108355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 20:35:28 GMT
expires: Fri, 14 Jul 2023 20:35:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 1582 0
0 96ms
20ms Image
text/html 2a00:1450:400c:c00::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44750822%2C44754420%2C44756710%2C44760950%2C44761692%2C44762904&el=adunit&cpn=42zl5GLZ26YizJC7&docid=TZk2FVBAkRE&visitordata=CgtXR0x0SWN5ai1Zaw%253D%253D&ver=2&cmt=0.199&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fexey.io%2F&len=30.047&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=103.0.5060.53&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Requested by: Host: exey.io
URL: https://exey.io/rKx2A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame C246 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 16:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 210308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 16:16:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C246 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.521.0&bgai=BIjaCUiXSYtnEGPyB9u8PtOu5-AsAAAAAOAG6BRMIxanwj7H8-AIVdZn9Bx1MiAZm&bg=!MDOlM3fNAAaYcLjmuHA7ACkAdvg8WkkTx7-pQzc7vsup7Cn_TJ9Lh6P4WERf0LXx0Rg9RGOjgIR9PAIAAABfUgAAAAJoAQcKAEYzl59k35ybLJPBN_pFC4BOHB8GqK2FCg7jyuUfRS8BHeUbLtpoqdISDuAzGb-4iZA0Jj3KSp7hLI429oC8o9bdq-_s7-QLmQIn-1aXsVf-lEB5Rc9A-6fU5M1qGplgvM1qegot6Hu5K6Ef4oVjaxcN6NYxnrEk1PHXWkZoLhe_rqQtchpC8ICgzs5thP0B0BjpijlH-ad0AzX5l8gEBM5v7-CDIq6dnEN8kIfswWoP8PMR9hMytB1zzk1S7wJGtdVUcRAfEB2nBx7eudVum3uCSF1HayH6gJk7Wr06DkC7rCSKyFgQ4OvUA2HJGwgsmUluYFrSsoh4YciTRPbApb_r85QgQENnoOs8DiKmyJUBuFLybLLiGJZb-1DwieWMGW5o2DPTkOk4mbxhNBiumBXXxQJKnNffH3xkDa8vLexMkR2tUA_OzxQYOeda6FSRqn92EiXj87jT0Z-r92AcHDW8O9J2d6g32Ajjav4jurg18dGvBgbfgCj7zR15ls0yhSqF0z1EKjMhq_J1BVbqL3TOuLGBZGGUoirqSYJPbSoVmCW1RTObXabtaX84TjQGpBzXWdNwp78Dk-Tr1U6INKXnt1g0YBrkzdBlcDRZUCUy7wL0ZryuIginIDXs-WYQ8Lqumb_JuQnm5565w-f_ZW2L3fny5KYlLp-n25nd6bhOJogtObxWk-JbCS8E2ykfSfNXuiDArw50ny2BuH6myFtyZVTNRoQasE2iwx_Rp7euw43qD1xyt7S7NU6dDGvPVyApU55t95ltzYz7pniXWJg15QdqkwgLEPfPIrCAqN8qLU6zk-5QX-hCnPAB7CIhHF0

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1582 42 B
64 B 85ms
84ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ8jVQtxZXEYGSJswRbfkD5LofeMvbfYgXRYKKyzHKGMdiQ_ifXZnNjZbRzep-oo6i-cDno3qZAwnnXeTUuSPsdWxyFYcwJW0Hi5BzvptcgFIeMm_OFvRJ-6Bv5Nv5wLOiiHrGGJmZ7VIFATkmUjtsrBiJS9sQpTYS3xo6fnY&sai=AMfl-YTJTw2DzupL2FRiHDRSjPGwSGhZA71OJfWIWNMegbmnpkSKq1hCiKsjzFRTlX6nLKIVn2Hrl31MWUKK3V06s4vRCOUhKBIY0IOk765XwTqFKKtHwtRUIBSysepq&sig=Cg0ArKJSzK4eq9GDghP-EAE&cid=CAASF-RomHlYyJBfAeYGPspazlSsGlgyVAeC&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D2021,0,0,0,0%26mtos%3D2021,2021,2021,2021,2021%26amtos%3D0,0,0,0,0%26mcvt%3D2021%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2021%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D418%26pst%3D416%26dur%3D30046%26vmtime%3D1949%26dtos%3D2021%26dtoss%3D1%26dvs%3D2010%26dfvs%3D2010%26dvpt%3D2010%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939284930%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2021,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1657939282674

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 1582 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=3254329982558962669&acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D2021,0,0,0,0%26mtos%3D2021,2021,2021,2021,2021%26amtos%3D0,0,0,0,0%26mcvt%3D2021%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2021%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D418%26pst%3D416%26dur%3D30046%26vmtime%3D1949%26dtos%3D2021%26dtoss%3D1%26dvs%3D2010%26dfvs%3D2010%26dvpt%3D2010%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939284930%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2021,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1657939282674?

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D2021,0,0,0,0%26mtos%3D2021,2021,2021,202...
ade.googlesyndication.com/ddm/activity_ext/ Frame 1582 42 B
63 B 67ms
67ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D2021,0,0,0,0%26mtos%3D2021,2021,2021,2021,2021%26amtos%3D0,0,0,0,0%26mcvt%3D2021%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2021%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D418%26pst%3D416%26dur%3D30046%26vmtime%3D1949%26dtos%3D2021%26dtoss%3D1%26dvs%3D2010%26dfvs%3D2010%26dvpt%3D2010%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939284930%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2021,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1657939282674?

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1363658440&t=event&_s=15&dl=https%3A%2F%2Fexey.io%2FrKx2A&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=impression_video&el=v-exey-io&_u=aEDAAUABCAAAAC~&jid=&gjid=&cid=983813616.1657939281&tid=UA-113932176-39&_gid=265957597.1657939281&gtm=2ou7d0&z=142560263

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19950
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbHFqUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGIBaS2zes8oAZUgAe31OGOA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=BhNYDcMK2Zg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=video_skip_shown&ad_mt=5201&acvw=sv%3D929%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26p0%3D103,480,463,1120%26tos%3D5250,0,0,0,0%26mtos%3D5250,5250,5250,5250,5250%26amtos%3D0,0,0,0,0%26mcvt%3D5250%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5250%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1220%26pst%3D416%26dur%3D30046%26vmtime%3D5200%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5250,5250,5250,5250,5250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939288159%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,5250,0%26ss0%3D0.12&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.12%26t%3D1657939282674&sdkv=h.3.521.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiYQDyUAAAxCKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNI7QFQABgB

Requested by

Host: exey.io
URL: https://exey.io/rKx2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:41:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1582 0
0

GET dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D929%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D7751,0,0,0,0%26mtos%3D7751,7751,7751,775...
ade.googlesyndication.com/ddm/activity_ext/ Frame 1582 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.h12-media.com
URL: https://tags.h12-media.com/load2.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbHFqUiXSYtnEGPyB9u8PtOu5-AukqYOVa8Sc7e-aD7CQHxABIKzWiUZgleKQgqAHoAG3nJGvKMgBBakC8FhqR-HssD7gAgCoAwGYBACqBMcCT9DB2jY7IkS51Vj5HNFPZ85NJgqyojQfMAUG703eVHQfy7I8dvDSbHOf5gnjcnQO-qGsIpA5b0MgXLf3QorzMJNkl8wETiiBOiKCyfvI8F7CJzO3OgVKbuSF9MK8gjZyNjtKUwWCdUdc39afBefKSideIO2uFfZhqPvwhzU4vrCoTwwgAFcSzLPUDLtInU8yCLbHOj6PTdVObg25-8dWGaFcSStsB584wuBgQ_P7FM68wDIlEzBN1A6Gj2oc_ukSlopcQFxUPg8mv0QJButdwHcaqQmbRJr9XHIQ_BjR7SAZT4pt4BOHotZ-q-DzdVABGwfBT2nrwI4JOYsUhEBpqH1mJba4IP7oQEjA-j1J1XEI2nYhZ7DvQiBj4q0fVBky2qo3cewq1xb1DSYBRELBEFTeVTacTtPiXaUsUBvBWBPhRKypLrVhwASP5IiL7wPgBAGIBaS2zes8oAZUgAe31OGOA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOU2OUP2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=BhNYDcMK2Zg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=videoplaytime25&ad_mt=7702&acvw=sv%3D929%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D7751,0,0,0,0%26mtos%3D7751,7751,7751,7751,7751%26amtos%3D0,0,0,0,0%26mcvt%3D7751%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7751%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1820%26pst%3D416%26dur%3D30046%26vmtime%3D7701%26dtos%3D5730%26dtoss%3D2%26dvs%3D5730%26dfvs%3D5730%26dvpt%3D5730%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D7751,7751,7751,7751,7751%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939290660%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7751,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1657939282674&sdkv=h.3.521.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjYwOTk3MDc1NjIMNTg1ODkyMzUyODA0QKECUiYQDyUAAAxCKAE6C1RaazJGVkJBa1JFQglnb29nbGVhZHNI7QFQABgB

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3254329982558962669;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D929%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D103,480,463,1120%26tos%3D7751,0,0,0,0%26mtos%3D7751,7751,7751,7751,7751%26amtos%3D0,0,0,0,0%26mcvt%3D7751%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7751%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1820%26pst%3D416%26dur%3D30046%26vmtime%3D7701%26dtos%3D5730%26dtoss%3D2%26dvs%3D5730%26dfvs%3D5730%26dvpt%3D5730%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D7751,7751,7751,7751,7751%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1174%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D859105337%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26pnmm%3D1657939280746%26ptlt%3D1657939290660%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7751,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1657939282674?

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exe.io/	1969-12-31 23:59:59	Name: AppSession Value: a9c884b612c5ad6d08cfb9f3cf848e5c
exe.io/	1969-12-31 23:59:59	Name: csrfToken Value: 7cc58a913fb80dcf73ff923d7bb18b62fc73fb30bf74bdad557fd4a66efe7cf5cb93d1f3cce04371af66a1585e7ca1c5914a9b312f8f89d5e462b6c5c62f09d8
exey.io/	1969-12-31 23:59:59	Name: AppSession Value: fec2e00a080e3fcdb6c9df0233900d5f
exey.io/	1969-12-31 23:59:59	Name: csrfToken Value: 80fa16eb87c2fdfbeba8ec168f671d9fccb4d87c5c3455b30f27b6bd6984b62be951bb9730e790c7358cf235f53aa5fa2c6083aca201ee9cc91eb00b9f831581
nh.eugeniecor.com/	1970-01-20 04:33:45	Name: GL_UI4 Value: eJw9jVtOhDAYhYFycTJCPAkLcAkFnMA8GhfhI2npL1MH2kmpQ9y9jYk%2BnS%2FnkhNFUVJXiO85A%2FsSJzwPLe%2FOp05Kfh5kL2gQDW%2BHthfT0L10TY%2BD3kYv5EI%2BxeNMhpyexskqKvEUoj%2FnauxuUmTSCaNKZGtoLCUK6ey%2BkasZUiNWQv52cTZotopP68Aa3gXWJnDMkditZtUBxbs2KgyrI5KGV2Ue4XhbhP%2Bwbh21ymNksxOKEL%2FiYRKeZuu%2BUSjart7eALuo8b%2F%2F%2B8v2hiNXdNdTOLf%2BQu4H6opJ%2Fw%3D%3D
nh.eugeniecor.com/	1970-01-20 04:33:45	Name: GL_GI10 Value: eJxljNFKwzAYhbvUxRVl48AeoC%2BwQiyd3qrr3I1XPkAI3d8RpEn4kw3r06sbiODd4TvnO1mWieUcwgYs1ENT3am6Uk1TqfUa%2BYE8xKbFbeePLvGonRkI1y%2FEg3EjJNPBegexa3Fzybrze8J0067%2BsLM13VGMhKvOphHYsnHv%2FZFTaYby1ViH4qe46Mtv%2Ff8gtzEAtVL3dflGfLIdxfLxCYWjpGMg2qN49hw8m0SY%2F9Lzp8wxs1EH9h%2BjnGCR7ECf3pH2fR8pSYHJSYov5TZPzw%3D%3D
freychang.fun/	1970-01-20 13:10:43	Name: csu Value: 1652591400323863@1@1657939280
.exey.io/	1970-01-20 22:03:31	Name: _ga Value: GA1.2.983813616.1657939281
.exey.io/	1970-01-20 04:33:45	Name: _gid Value: GA1.2.265957597.1657939281
.exey.io/	1970-01-20 04:32:19	Name: _gat_gtag_UA_113932176_39 Value: 1
my.rtmark.net/	1970-01-20 13:17:55	Name: ID Value: b321a214ac534bc5836c240955e7e748
in-page-push.com/	1970-01-20 13:17:55	Name: OAID Value: b321a214ac534bc5836c240955e7e748
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: RRjpetMgyOA
.youtube.com/	1970-01-20 08:51:31	Name: VISITOR_INFO1_LIVE Value: u80E9HJbM-U
.doubleclick.net/	1970-01-20 13:53:55	Name: IDE Value: AHWqTUkFsHIe1DWg6edp7OWPvFbSmU8XrajWvtojeFEflJiNPX_YQtEMilCafTDTi8Q
.exey.io/	1970-01-20 13:53:55	Name: __gads Value: ID=a2e58fe468678f03:T=1657939281:S=ALNI_MYUmIOA9Trjy-zUaj4n_VJ9ct9gcQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16cad000a6ae1a9bf9817d67bfb49e07.safeframe.googlesyndication.com
a.vdo.ai
accounts.google.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.vdo.ai
cdnjs.cloudflare.com
csi.gstatic.com
d192r5l88wrng7.cloudfront.net
ertyvaluation.lol
exe.io
exey.io
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
ghb.adtelligent.com
googleads.g.doubleclick.net
h5.vdo.ai
imasdk.googleapis.com
in-page-push.com
my.rtmark.net
nh.eugeniecor.com
pagead2.googlesyndication.com
platform.pubfuture.com
pubads.g.doubleclick.net
rr1---sn-5hne6nzy.googlevideo.com
rr5---sn-5hneknee.googlevideo.com
s.youtube.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.cdnativepush.com
tags.h12-media.com
targeting.vdo.ai
tpc.googlesyndication.com
tzegilo.com
ufundentofi.xyz
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
ade.googlesyndication.com
googleads.g.doubleclick.net
tags.h12-media.com
107.23.117.246
139.45.195.254
139.45.195.8
139.45.197.15
139.45.197.155
142.250.181.226
142.250.184.198
2001:4860:4802:34::178
209.205.197.154
23.109.82.10
2600:9000:211e:bc00:18:306b:ddc0:21
2606:4700:20::681a:267
2606:4700:20::681a:937
2606:4700:3030::6815:2dcf
2606:4700:3033::6815:16a9
2606:4700:3038::6815:eb0a
2606:4700::6811:180e
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200d
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2006
2a00:1450:400c:c00::71
2a00:1450:400e:15::6
2a00:1450:400e:8::a
2a00:1450:401b:808::2003
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::3
51.79.72.199
65.108.0.253
65.9.25.54
029cd7010edd4015794ab87dd340733701f15fe7a6b6877770710e3aeacbadb1
058beb8c47d36d9d7e183f66a51560976ee9f48785be292b6280ed9cd6ae1fe4
08486db1aa6c28938348beaf416582c8ca87b416a8d57a693aeefa894e21ee73
089f8aca1b5c39d6b8675a682df4a0f209f14cf25082fa95217bce18930b0052
0ed91330cf63f002e65d8d5c9b46a9cd0af792a460ea2f02797bb14736189c65
113bf24f50f2c81a18501e8b785d3e8da82dd925462d64691602d128244ee7fb
119de39767e14cb3272b176c2c6046734e740e932dec0c4e9e7d4eb8a2cd4d79
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
219d80f64d658e9f366033fed95abf3c21a90e43c0382f86a0dcc37739172b24
26bbadf324d400b12bea32f232b42870889357c483db6c1c4b1baa0202a41539
288c40c782ae0538f74db09ccc353e2f06d05fb1fe24e9a890f99a35d6e3406a
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3f9d2b13bd7e7c42fb66b1809b53f882444ea82f853a18f8295913ce0f920dab
4a1d4d06cefd96b2a94b54e21240a9d92ed493c9c13aacd786d5968b43554c49
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51950b2880857df5063b9a5af9b397c9c20ff1dc3eda03872804ac888ae27f83
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5c80f1a87bc165dc4e1bfd493a6c72b8d1f542cf8b3a932d9eb75fd58b257e2d
6133c85c76f320990805d438c5982a507e431397abd281614937f8e889572e1f
68f2a2fd68b745d460880bcfc4435f6b1bb2cf98721aeaa143a88b62a08ee72a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72a17c7702fe2510541f1dfaf2d03dfa62fad593bb30c02eb8b64ce28c256b7c
738161904fe560fd83c26e301998e35ac1e87cb40bebd4b190a5f141309d40b9
7ce1f63f66d50f36c5c82c2061a86a286426fa8dda0bb88b307ec5e1a51e7355
7f8495f9c073d28c39b5fba3570941fe83294d070b378a40445738bc5337f2d7
817d2291ac8a70e0722d23519544c72faab9c74877596aa0d3f6dc2c641c238a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
88122526e6fcc5d0ff32759bec139598601881d3c74157b2d9d3db857aad954f
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
923380b51ab7b461e1781bf9c9f0fa2607985477a0888cd8cefdf9f47bf46d93
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9dd63a7b49c4519c237d8205f61a424255428c2457966147d74851715c986f09
9f1dbb2773e706bbadf684a8c57023f4dcb598ef705fa02ca87af664a4ea01cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9458384b5d688a98bdc9f11da0ab99fb5a5c10d3360d43b611da213bee07f3c
aa710163e37fe5d50f6684f5ec9a10ad1dd6487cb9e7102fe22520230c7bedb3
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6c4442649280faf20691f640524bfa6550e83d8db6e24675867e5286d9bf4b3
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
bbd3463fa82a0c53835630a77797eba0ca7eb56514f1bc2374986c0c7ef71f3a
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c80a783a997b370058fd8eee1c6882844d2b10f8f708922ab10e0ff53d65bbff
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d97b12ffe57a1c3cc27e363241bf4a120c85f4e3a1b3306666357b9a06e99dbf
ddbc9719c72a462df357c3a5209f268d45cd45cc7270c682ebf5724c97cb7364
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e27a01e2c64599c618fc3354fd271c734fbd2068f9e663116665543b82416531
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4703ba28ef59dcf9b90ce4e11947ef13ed4d0f9c6d40d118565e78d8c0d93c
f11b79639bbe3ce1ec637697a3cfed0147dfbd2ab7a68aecb4e1d69939b8bf50
f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5
f259e1ac72c23752a935508137a234c6411c9abe1f04f9d951003ca60241cdb3
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6defbf37470ef48c1f88b19da8714385ccf3739ba911c4df2adafe2b573d359
f9b3c3b7235ae01d789176e95612eb5c49b8ee0d029715ea795f91913454ad36
fc0ce6c5320e4a82d8adc1933f3898b2ec1da75e891e51a082018bfadad64498

exey.io Open in urlscan Pro 2606:4700:20::681a:937 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

97 %HTTPS

69 %IPv6

29 Domains

43 Subdomains

39 IPs

8 Countries

3920 kBTransfer

11518 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exey.io Open in urlscan Pro
2606:4700:20::681a:937 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

97 %
HTTPS

69 %
IPv6

29
Domains

43
Subdomains

39
IPs

8
Countries

3920 kB
Transfer

11518 kB
Size

16
Cookies

136 HTTP transactions
2 data transactions