fex.net Open in urlscan Pro
194.106.216.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fs25.fex.net/download/2318701430
Effective URL:
https://fex.net/403?file_id=2318701430
Submission Tags: falconsandbox
Submission: On November 22 via api (November 22nd 2020, 10:32:19 pm UTC) from US

Summary HTTP 79 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 17 domains to perform 79 HTTP transactions. The main IP is 194.106.216.70, located in Ukraine and belongs to CDNNET-AS, UA. The main domain is fex.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 29th 2020. Valid for: 2 years.

This is the only time fex.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.109.240.6 193.109.240.6	21257 (CDNNET-AS) (CDNNET-AS)
8	194.106.216.70 194.106.216.70	21257 (CDNNET-AS) (CDNNET-AS)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	176.9.79.204 176.9.79.204	24940 (HETZNER-AS) (HETZNER-AS)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
8	212.124.124.19 212.124.124.19	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
3	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
79	16

1 193.109.240.6 (Ukraine) 1 redirects

ASN21257 (CDNNET-AS, UA)

fs25.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.106.216.70 (Ukraine)

ASN21257 (CDNNET-AS, UA)

fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.79.204 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.204.79.9.176.clients.your-server.de

cdn.plrjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.124.124.19 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)

aj1913.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	476 KB
9	fex.net 1 redirects fs25.fex.net fex.net api.fex.net	907 KB
8	aj1913.online aj1913.online	44 KB
8	yandex.ru 2 redirects mc.yandex.ru	96 KB
6	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	858 B
5	google.de www.google.de adservice.google.de	3 KB
5	google.com www.google.com adservice.google.com	3 KB
4	gstatic.com fonts.gstatic.com	50 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	googletagservices.com www.googletagservices.com	83 KB
3	googleadservices.com partner.googleadservices.com	1 KB
2	yandex.com 1 redirects mc.yandex.com	366 B
2	googletagmanager.com www.googletagmanager.com	68 KB
2	polyfill.io cdn.polyfill.io	814 B
1	hit.ua c.hit.ua	588 B
1	plrjs.com cdn.plrjs.com	176 KB
1	googleapis.com fonts.googleapis.com	1 KB
79	17

	Domain	Requested by
13	pagead2.googlesyndication.com	fex.net aj1913.online pagead2.googlesyndication.com
8	aj1913.online	fex.net aj1913.online
8	mc.yandex.ru	2 redirects fex.net mc.yandex.ru
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
6	fex.net	fex.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	fex.net www.google-analytics.com
3	www.googletagservices.com	pagead2.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google.de	fex.net
2	www.google.com	fex.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.fex.net	fex.net
2	mc.yandex.com	1 redirects fex.net
2	www.googletagmanager.com	fex.net
2	cdn.polyfill.io	fex.net
1	c.hit.ua	fex.net
1	cdn.plrjs.com	fex.net
1	fonts.googleapis.com	fex.net
1	fs25.fex.net	1 redirects
79	23

This site contains links to these domains. Also see Links.

Domain
fexnet.zendesk.com
play.google.com
itunes.apple.com
apps.apple.com
www.facebook.com
t.me
www.instagram.com

Subject Issuer	Validity	Valid
*.fex.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-29` - `2022-07-28`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cdn.plrjs.com Let's Encrypt Authority X3	`2020-09-30` - `2020-12-29`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.hit.ua Sectigo RSA Domain Validation Secure Server CA	`2020-02-20` - `2021-02-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
aj1913.online Let's Encrypt Authority X3	`2020-10-25` - `2021-01-23`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://fex.net/403?file_id=2318701430
Frame ID: C8688FA001C18B97EB27D50099A49B62
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A6FBEA548ED09CBE86935F8DF176EFF5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 670708B54FEB1E8BBBDBA4A8E6ACEB5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 331E840EC81285E55A302B1995C8F776
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 02A055CB613438960B97007EFBF0FDEB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&psa=0&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084324943&bpp=14&bdt=85&idt=46&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=5&pv=2&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=4825983&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1968123281&scr_x=0&scr_y=0&oid=3&pvsid=3466663570360730&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mbm5d9856fy1&fsb=1&dtd=63
Frame ID: F7E4481DF7DB886B12C872FB6FC238BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755398&pi=t.ma~as.5046050220&w=240&psa=0&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084325022&bpp=3&bdt=40&idt=62&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=5&pv=1&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=526490299&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1968123281&scr_x=0&scr_y=0&oid=3&pvsid=2294819764718410&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.dv2rwzgqsyen&fsb=1&dtd=69
Frame ID: 798B96CA240DEB2C592D8C4346D2D0AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 2D2BBCAC7ECC7C7BC66FEAA32D835412
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=200&slotname=7672271343&adk=1928804621&adf=3279755399&pi=t.ma~as.7672271343&w=1200&psa=0&format=1200x200&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084325028&bpp=1&bdt=103&idt=93&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=1&pv=1&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=1182671209&ga_fc=1&iag=3&icsg=650&nhd=1&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=477953659&scr_x=0&scr_y=0&oid=3&pvsid=1681117463866929&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.63srmq1qmxcu&fsb=1&dtd=100
Frame ID: DB211509697E3F82A196AFE19D95F84E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: A928ACAA483A6F1241D96FDC2FC0803F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 6DD9D7757A1BBCDDAB49C58D790E983F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fs25.fex.net/download/2318701430 HTTP 307
https://fex.net/403?file_id=2318701430 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

79
Requests

100 %
HTTPS

65 %
IPv6

17
Domains

23
Subdomains

16
IPs

6
Countries

1927 kB
Transfer

6427 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://fexnet.zendesk.com/hc/ru
Title: Help Center

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.labracode.fex_android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/fex-id/id1281961720

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/fon/id1395149445?l=ru

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FEX.CLOUD/

Search URL Search Domain Scan URL

URL: https://t.me/FEXNETWORK

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fex_net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fs25.fex.net/download/2318701430 HTTP 307
https://fex.net/403?file_id=2318701430 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9100.WZjiPtCa6cYWV2M5dCOxe8n0Rhs2iE1zRvq24r04tGz1s6W5cjpRUCvPERmlrc-N.Fs7CHB9svhDb59QbV8OJSzKN7oE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9100.otCEeq_1Fd4sO6z7uZuqgtueO004kNOrumWJaA-WI1Y3Lhtsye0Fgk3B6tYVdllye6qoX2-ehaYgRZ9Uqn0WRA%2C%2C.hLmhVCrKP7WpeSU3sFhHaIZhoT0%2C

Request Chain 21

https://mc.yandex.ru/watch/61504924?wmode=7&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&charset=utf-8&browser-info=ti%3A10%3Ans%3A1606084322868%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201122233203%3Aet%3A1606084324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Als%3A1526347354877%3Arqn%3A1%3Arn%3A203690848%3Ahid%3A831078492%3Ads%3A21%2C91%2C44%2C1%2C205%2C0%2C0%2C382%2C0%2C%2C%2C%2C747%3Awn%3A33226%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1606084324%3Au%3A1606084324316067042%3App%3A3629563401%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET HTTP 302
https://mc.yandex.ru/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&charset=utf-8&browser-info=ti%3A10%3Ans%3A1606084322868%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201122233203%3Aet%3A1606084324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Als%3A1526347354877%3Arqn%3A1%3Arn%3A203690848%3Ahid%3A831078492%3Ads%3A21%2C91%2C44%2C1%2C205%2C0%2C0%2C382%2C0%2C%2C%2C%2C747%3Awn%3A33226%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1606084324%3Au%3A1606084324316067042%3App%3A3629563401%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 403 Show response
fex.net/
Redirect Chain

https://fs25.fex.net/download/2318701430
https://fex.net/403?file_id=2318701430

8 KB
3 KB

156ms
44ms

Document
text/html

194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fex.net/403?file_id=2318701430
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 55cd38edd49c5092d68d9439f8b42d261515f4b82166a601f833addb75468586

Request headers

:method: GET
:authority: fex.net
:scheme: https
:path: /403?file_id=2318701430
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.12.2
date: Sun, 22 Nov 2020 22:32:03 GMT
content-type: text/html
last-modified: Sat, 21 Nov 2020 11:05:30 GMT
etag: W/"5fb8f47a-2099"
content-encoding: gzip

Redirect headers

content-type: text/html; charset=utf-8
location: https://fex.net/403?file_id=2318701430
vary: Origin
content-length: 74
date: Sun, 22 Nov 2020 22:32:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbec66b49e7f4d4ea2810e1cf8f8f8faae1a2262d3bc51ea62fa7768270b4903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 22:32:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 22 Nov 2020 22:32:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:03 GMT

GET
H/1.1 200
OK 45oc6pbsac03.js Show response
cdn.plrjs.com/player/yk4kbi43598hf/ 510 KB
176 KB 161ms
58ms Script
application/javascript 176.9.79.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plrjs.com/player/yk4kbi43598hf/45oc6pbsac03.js
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=2318701430
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.79.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.204.79.9.176.clients.your-server.de
Software: nginx /
Resource Hash: a57c8c5c24061a8a0917bfb02a78873cf90df198a68ba0beddb9d502d789fc56

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 22:32:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 01 Mar 2020 22:07:00 GMT
Server: nginx
ETag: W/"5e5c3204-7f6f8"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25.2a45d316.chunk.css
fex.net/client/desktop/static/css/ 82 KB
12 KB 45ms
43ms Stylesheet
text/css 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/25.2a45d316.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 11:05:30 GMT
server: nginx/1.12.2
etag: W/"5fb8f47a-146d0"
strict-transport-security: max-age=31536000, max-age=31536000
content-type: text/css
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Mon, 23 Nov 2020 10:32:03 GMT

GET
H2 200 main.66c8497c.chunk.css
fex.net/client/desktop/static/css/ 200 KB
52 KB 64ms
63ms Stylesheet
text/css 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/main.66c8497c.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2ae9665eb3ba362ccf3dec3c3d8d43c74e99fb2266dcd03bd57a8ff9e26570ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 11:05:30 GMT
server: nginx/1.12.2
etag: W/"5fb8f47a-32045"
strict-transport-security: max-age=31536000, max-age=31536000
content-type: text/css
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Mon, 23 Nov 2020 10:32:03 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
618 B 21ms
6ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1531066
detected-user-agent: Chrome Mobile/83.0.4103
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Nov 2020 15:59:42 GMT
date: Sun, 22 Nov 2020 22:32:03 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 25.d621158b.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
511 KB 89ms
88ms Script
application/javascript 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/25.d621158b.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

9c0d88df46a40c54e536793ee86ef93dec250c08879dd41adc305473718c441e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 11:05:30 GMT
server: nginx/1.12.2
etag: W/"5fb8f47a-1ceb6d"
strict-transport-security: max-age=31536000, max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Mon, 23 Nov 2020 10:32:03 GMT

GET
H2 200 main.94468912.chunk.js Show response
fex.net/client/desktop/static/js/ 1 MB
292 KB 127ms
127ms Script
application/javascript 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/main.94468912.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d3cc5bab5ad3aa0078fde20b534ab552750138ffaeb00fa0b29e3cc0ae6df212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 11:05:30 GMT
server: nginx/1.12.2
etag: W/"5fb8f47a-152ab8"
strict-transport-security: max-age=31536000, max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Mon, 23 Nov 2020 10:32:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 41ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8973141131b2ecd2260c4ac6fcf724bc93441655ba39aa52831ed7d9e827b17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Sun, 22 Nov 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Nov 2020 22:32:03 GMT

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 222 B
196 B 7ms
6ms Other
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1531066
detected-user-agent: Chrome Mobile/83.0.4103
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Nov 2020 15:59:42 GMT
date: Sun, 22 Nov 2020 22:32:03 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 133ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: br
last-modified: Sat, 21 Nov 2020 18:08:42 GMT
etag: "5f993b61-17714"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96020
expires: Sun, 22 Nov 2020 23:32:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/25.d621158b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2559
date: Sun, 22 Nov 2020 21:49:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 22 Nov 2020 23:49:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/25.d621158b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3c554553393bdb96446d757c60d78d17f8f14208722fb5fa5262645f83e1aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38694
x-xss-protection: 0
last-modified: Sun, 22 Nov 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Nov 2020 22:32:03 GMT

GET
H2 200 translations.json Show response
fex.net/client/desktop/locales/en/ 166 KB
33 KB 43ms
43ms Fetch
application/json 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/locales/en/translations.json

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/25.d621158b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

39ca54e948d2b227c89be94089e2f5f8545610044b04aad3319046f3f23e77c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 11:05:30 GMT
server: nginx/1.12.2
etag: W/"5fb8f47a-298bc"
strict-transport-security: max-age=31536000, max-age=31536000
content-type: application/json
x-xss-protection: 1; mode=block

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9100.WZjiPtCa6cYWV2M5dCOxe8n0Rhs2iE1zRvq24r04tGz1s6W5cjpRUCvPERmlrc-N.Fs7CHB9svhDb59QbV8OJSzKN7oE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9100.otCEeq_1Fd4sO6z7uZuqgtueO004kNOrumWJaA-WI1Y3Lhtsye0Fgk3B6tYVdllye6qoX2-ehaYgRZ9Uqn0WRA%2C%2C.hLmhVCrKP7WpeSU3sFhHaIZhoT0%2C

75 B
75 B

47ms
47ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9100.otCEeq_1Fd4sO6z7uZuqgtueO004kNOrumWJaA-WI1Y3Lhtsye0Fgk3B6tYVdllye6qoX2-ehaYgRZ9Uqn0WRA%2C%2C.hLmhVCrKP7WpeSU3sFhHaIZhoT0%2C

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9100.otCEeq_1Fd4sO6z7uZuqgtueO004kNOrumWJaA-WI1Y3Lhtsye0Fgk3B6tYVdllye6qoX2-ehaYgRZ9Uqn0WRA%2C%2C.hLmhVCrKP7WpeSU3sFhHaIZhoT0%2C
date: Sun, 22 Nov 2020 22:32:03 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
382 B 46ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=728572779&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1029573979&gjid=123409966&cid=1566956134.1606084324&tid=UA-134700492-1&_gid=1136509958.1606084324&_r=1&gtm=2oub41&z=1784356908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
last-modified: Sat, 21 Nov 2020 18:08:42 GMT
etag: "5fb7be9a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 22 Nov 2020 23:32:03 GMT

OPTIONS
H2 200 anonymous
api.fex.net/api/v1/config/ Frame 0
0 136ms
43ms Other
text/html 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Protocol: H2
Server: 194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://fex.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.12.2
date: Sun, 22 Nov 2020 22:32:03 GMT
content-type: text/html; charset=utf-8
content-length: 0
allow: GET, HEAD, OPTIONS
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

GET
H2 200 anonymous Show response
api.fex.net/api/v1/config/ 3 KB
3 KB 57ms
56ms Fetch
application/json 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.94468912.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 176e16080bcf355217e29b5b9eb2a524c21ce7873c00bbe537393cf8a38d1110

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
server: nginx/1.12.2
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, noindex, nofollow
content-length: 2567

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 42ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-134700492-1&cid=1566956134.1606084324&jid=1029573979&gjid=123409966&_gid=1136509958.1606084324&_u=KEDAAUAAAAAAAC~&z=790650666

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 Nov 2020 22:32:03 GMT
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 36ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-134700492-1&cid=1566956134.1606084324&jid=1029573979&_u=KEDAAUAAAAAAAC~&z=1396808950

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 38ms
18ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-134700492-1&cid=1566956134.1606084324&jid=1029573979&_u=KEDAAUAAAAAAAC~&z=1396808950

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/61504924/
Redirect Chain

https://mc.yandex.ru/watch/61504924?wmode=7&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&charset=utf-8&browser-info=ti%3A10%3Ans%3A1606084322868%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1...
https://mc.yandex.ru/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&charset=utf-8&browser-info=ti%3A10%3Ans%3A1606084322868%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3...

167 B
249 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&charset=utf-8&browser-info=ti%3A10%3Ans%3A1606084322868%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201122233203%3Aet%3A1606084324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Als%3A1526347354877%3Arqn%3A1%3Arn%3A203690848%3Ahid%3A831078492%3Ads%3A21%2C91%2C44%2C1%2C205%2C0%2C0%2C382%2C0%2C%2C%2C%2C747%3Awn%3A33226%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1606084324%3Au%3A1606084324316067042%3App%3A3629563401%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e2a6fb89b660579cce70340a9c02832499f29fd590da84a04a2648cc884f5270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 22-Nov-2020 22:32:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fex.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 22-Nov-2020 22:32:03 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:03 GMT
last-modified: Sun, 22-Nov-2020 22:32:03 GMT
location: /watch/61504924/1?wmode=7&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&charset=utf-8&browser-info=ti%3A10%3Ans%3A1606084322868%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201122233203%3Aet%3A1606084324%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Als%3A1526347354877%3Arqn%3A1%3Arn%3A203690848%3Ahid%3A831078492%3Ads%3A21%2C91%2C44%2C1%2C205%2C0%2C0%2C382%2C0%2C%2C%2C%2C747%3Awn%3A33226%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1606084324%3Au%3A1606084324316067042%3App%3A3629563401%3At%3ASecure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET
strict-transport-security: max-age=31536000
access-control-allow-origin: https://fex.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 22-Nov-2020 22:32:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 129 KB
45 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.94468912.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45330
x-xss-protection: 0
server: cafe
etag: 5588824410463320120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:04 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
52 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=728572779&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&dp=%2F403&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=372020893&gjid=304991882&cid=1566956134.1606084324&tid=UA-134700492-1&_gid=1136509958.1606084324&_r=1&_slc=1&cd2=1606084323611.823uu35d&cd3=anonymous&z=724728027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit Show response
c.hit.ua/ 311 B
588 B 131ms
38ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&r=&u=https%3A//fex.net/403%3Ffile_id%3D2318701430&0.12790065808814166
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.94468912.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: e8025dc0cedc0ae6fc1b11d60d78aa002733a3fd033efd2a4dce5020fd30b684

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: application/x-javascript
server: nginx/1.17.9
p3p: policyref="/w3c/p3p.xml", CP="UNI"
expires: 0

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fex.net
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:13 GMT
server: sffe
age: 472279
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13848
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:45 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
14 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fex.net
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:01 GMT
server: sffe
age: 472288
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13720
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:36 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fex.net
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 08:15:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:11 GMT
server: sffe
age: 51382
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
expires: Mon, 22 Nov 2021 08:15:42 GMT

GET
H3-Q050 200 4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
fonts.gstatic.com/s/ubuntu/v15/ 8 KB
8 KB 34ms
21ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fex.net
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:23:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:00 GMT
server: sffe
age: 472126
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8128
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:23:18 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=728572779&t=pageview&_s=2&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ul=en-us&de=UTF-8&dt=Secure%20Cloud%20Storage%20%26%20File%20Sharing%20Service%20%7C%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=1566956134.1606084324&tid=UA-134700492-1&_gid=1136509958.1606084324&gtm=2oub41&cd2=1606084323611.823uu35d&cd3=anonymous&z=399088808

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 17:37:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17688
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 35 KB
13 KB 591ms
130ms Script
application/javascript 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/25.d621158b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 5594b40cf8b222d3b23c260ea89d29d1227b3c41a0acec79b24c0da6b997dd06

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:03 GMT
content-encoding: gzip
transfer-encoding: chunked
accept-ranges: bytes
etag: "085244f33460d40675acef8f7397de08f"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 35 KB
13 KB 592ms
131ms Script
application/javascript 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?allpages
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/25.d621158b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 1c31deb324c3ca989b65531a955466cabe9c7fec6bb49f35fced9eb97a0eaf31

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
transfer-encoding: chunked
accept-ranges: bytes
etag: "0306f4840eb0a029623095f034465ba76"
vary: Accept-Encoding
content-type: application/javascript

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
418 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-134700492-1&cid=1566956134.1606084324&jid=372020893&gjid=304991882&_gid=1136509958.1606084324&_u=KEDAAUABAAAAAC~&z=1319045269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 Nov 2020 22:32:04 GMT
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 40ms
25ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-134700492-1&cid=1566956134.1606084324&jid=372020893&_u=KEDAAUABAAAAAC~&z=1663571326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 45ms
32ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-134700492-1&cid=1566956134.1606084324&jid=372020893&_u=KEDAAUABAAAAAC~&z=1663571326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 zScqFDCckXleegqqwJTEk1k4WoyjF-r-fZy19QYv2kkseXHKdTvDJlFwkknStQDsH0va8MGJ91iWhkcxpH5Fwt9wFbVfhcw2KWdXj5RMC84Wmih5MCIFCOA54MCjdGURU7r4A8YFEUC8X9_FC9T9HbfPDfGibHLA-Tj55JPWQtgrsdaQFTZqBvKWpFi1wjbjnfypB... Show response
aj1913.online/ 39 KB
14 KB 155ms
154ms XHR
application/json 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zScqFDCckXleegqqwJTEk1k4WoyjF-r-fZy19QYv2kkseXHKdTvDJlFwkknStQDsH0va8MGJ91iWhkcxpH5Fwt9wFbVfhcw2KWdXj5RMC84Wmih5MCIFCOA54MCjdGURU7r4A8YFEUC8X9_FC9T9HbfPDfGibHLA-Tj55JPWQtgrsdaQFTZqBvKWpFi1wjbjnfypBdEVchElxg4XkGbqItXHFm4zweJO_M0n614nw544P1r1H01jXtZcLHWD5JCZRJJqmghv0Ynj22Qk3bP_Jv5VO4GKk2nJgnbBEvO8d8MtA2_--zWIDB4L_EkfZBh3rI0V0QDp3g-G-hwTerRI2z0RQeMyrF0dJda2lEZ6ppm7rqzZef0O8mhRBISINnSC__87UC8cMwFvt6ti6-ZrRtWVmIJ6qU2HQ4F5uOH9wL81DiS4dNF3-A56AaaLLMony8KU?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 224d5b0d9afb145a357f3c582941793bd9539a5231d8fee43e021e23cbe202a2

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H/1.1 200 zHOfursyktI4J60uja4558KKLFgS-mQiaYCupnqJZoqYdjkVTSBsJaWzU9FFw-h5kUn_l4sJ0fk62I21I6sUgMPba7HTcMbesmQtmdXbRVzGqUPbMIVk3oQhWybaGF2jSTTSrwIvHlt546h8rRpD_Z3dyE4KbYltqJP6yzliert0tTDdgC6KK4ZidzT9R7fMrw0NK... Show response
aj1913.online/ 926 B
1 KB 122ms
122ms XHR
application/json 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zHOfursyktI4J60uja4558KKLFgS-mQiaYCupnqJZoqYdjkVTSBsJaWzU9FFw-h5kUn_l4sJ0fk62I21I6sUgMPba7HTcMbesmQtmdXbRVzGqUPbMIVk3oQhWybaGF2jSTTSrwIvHlt546h8rRpD_Z3dyE4KbYltqJP6yzliert0tTDdgC6KK4ZidzT9R7fMrw0NKTM3Zls43CsaPWhUNtFU4mhD3VA6JEiARkMcEo7ejX-A7DPTwUjd-A9jgQGeVP9uan_oE93dTL8Yh5T88bBIucWQj9W7mQZtiSXPYdUrWFk290WXQSt43FFOgtHjWLR8xPfsqzsv5pFYp5zqhQso78-dt7HDh_p3yf_JQ5Jpt01qvA6CWGrszjH5MUYzuRiIrLdRpoW0suXPjLcnbblNVzsLfozRXe68v6M3y1xD84NTpCKclDY1cbaHMZYmnoaM?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: b6ea2296f0ac4d3f0b2dda071cd2728f94411cb17370fc1f3e3de2d06c255ce2

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 926
expires: 0

POST
H/1.1 200 zm3D8nZ23oEVcqZHQd6nKBeeNz9FYOKeUUOJUNiYPvIC-tr5KGWFlpLrHAq72dKNzVuTVAeNH6t1WGJ3029ssWGydN1pXjHVK6nXw2Fr0KV9kPzEryLqMi44BFzYGw_zhEV_DDpr1ZIqOn51i0Xomt4thjSjSN1N0wfmuZHYFICDf8NxB1gABHtK-vzk2OlZSc7UR... Show response
aj1913.online/ 926 B
1 KB 247ms
126ms XHR
application/json 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zm3D8nZ23oEVcqZHQd6nKBeeNz9FYOKeUUOJUNiYPvIC-tr5KGWFlpLrHAq72dKNzVuTVAeNH6t1WGJ3029ssWGydN1pXjHVK6nXw2Fr0KV9kPzEryLqMi44BFzYGw_zhEV_DDpr1ZIqOn51i0Xomt4thjSjSN1N0wfmuZHYFICDf8NxB1gABHtK-vzk2OlZSc7URQMA9sc6UA8M3RC9Ep7VRgEisi-lphuJqKhHg9xhnhBxe_GsBIYj5TEQbq6OWoYiPPMGIJ683AImw6l9AIfzcsSgiWb8CUNGc_gUCBNf4scXy9zyuXuxwuE5Xny9YY65lCmxWamLVz3hovmu0ubJUjaeRd4olZ4Yb6mE1_-colPGngpvcJQOouuu7eSClO9uMmutp8ICNAaGMUyebGvcA9qjF46z6SAOXDrq7R3EIRRb9R-OwdHD5YPXIYI-pp_Q?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 477e353ae97374b923a1b81251f1ab0d5d9a0901cebe9720c3577fb75b58630f

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 926
expires: 0

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A6FB 129 KB
45 KB 58ms
40ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45330
x-xss-protection: 0
server: cafe
etag: 5588824410463320120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:04 GMT

GET
H/1.1 200 z7PpqmeM_0fecv5R2tS8Ckl4aP3sNJeFy97e4mxTt7dCAqi-ZClNSScFXYeb74uMDLgVCK5pINgAM4JyN6MQK30L36wpyid0mvBf4Yb7E3FmQzTG3BAFwOIF8O7UJs4mRgjxJl6oKz2NBPjaoe9bMagrJwGX4W8GsFZAispcqLWhJSiZh646iuT0rwH4sPwpEkzSl...
aj1913.online/ Frame A6FB 49 B
350 B 141ms
125ms Image
image/gif 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/z7PpqmeM_0fecv5R2tS8Ckl4aP3sNJeFy97e4mxTt7dCAqi-ZClNSScFXYeb74uMDLgVCK5pINgAM4JyN6MQK30L36wpyid0mvBf4Yb7E3FmQzTG3BAFwOIF8O7UJs4mRgjxJl6oKz2NBPjaoe9bMagrJwGX4W8GsFZAispcqLWhJSiZh646iuT0rwH4sPwpEkzSl-4us3IB7SIgIVIFbX0rY7EAJsOeaus4vjZjwOmNL3ZrENC-o54tzQnNwmhl3mz4yEAt8h5trLoxDrhoPM6NkPqkpfyg4el3Kz4uYa99iZIT41JZzv8IE_V-FsUA?DC=DO
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=2318701430
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
last-modified: Wed, 27 May 2020 08:58:54 GMT
etag: W/"49-1590569934000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zKelY6KTy9iw1AQQbfVOwgrMK2mD8Kba9CN0tXYj__yepxi-_Fz_YDF-FCpWpEvwfu0mKZMKyuBfTR0NmRLy-yr80M1oCyUsrqQ54SRhq5sM4EeYU_biqAFapsI0WaMlUdQhpEdiua0EVPw3mnKhH1RuwnFEaYS9N6XGJ2zMQmo556H3YL7OtkzwFu1rk0cWaFqGb...
aj1913.online/ 43 B
615 B 156ms
122ms Image
image/gif 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zKelY6KTy9iw1AQQbfVOwgrMK2mD8Kba9CN0tXYj__yepxi-_Fz_YDF-FCpWpEvwfu0mKZMKyuBfTR0NmRLy-yr80M1oCyUsrqQ54SRhq5sM4EeYU_biqAFapsI0WaMlUdQhpEdiua0EVPw3mnKhH1RuwnFEaYS9N6XGJ2zMQmo556H3YL7OtkzwFu1rk0cWaFqGbk802J5q6YuAffs60IQRBoSWw0kFsP87uLGHp_0Spf0ZgNUKwrJ43K9lTPik68MCYm_SilPnzeH4V1obvhzObGfGVudocl-4OAerHLcA3hnEL6R_xAIU4hKP8zpPBt5y2Zqhmtbyb1bd0fYv_?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
last-modified: Wed, 27 May 2020 08:58:50 GMT
etag: W/"43-1590569930000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame A6FB 231 KB
87 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:04 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 6707 0
0 6ms
6ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 22 Nov 2020 00:54:52 GMT
expires: Sun, 06 Dec 2020 00:54:52 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 77832
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 331E 129 KB
44 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45330
x-xss-protection: 0
server: cafe
etag: 5588824410463320120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:04 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 02A0 129 KB
44 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45330
x-xss-protection: 0
server: cafe
etag: 5588824410463320120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:04 GMT

GET
H/1.1 200 zrAsQ_LhQYeF5chPNq1MaGbicwa4XdmYNyxZoo9ZNLtMYZcDNSt8zMSNCNczUwtL_SwsZnKCG5EFCvHrPALMs-JAbetTdAfJeYnPbLxp8yIc1UzxAVldDbiBDnv4V6mb3rvM37g8hQE0zvIRn4cQBFvIjwJSeCwGuDEaGflq9J983U-i_gN8fihuJmNZXibtNfR7Z...
aj1913.online/ Frame 02A0 49 B
350 B 121ms
120ms Image
image/gif 212.124.124.19
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zrAsQ_LhQYeF5chPNq1MaGbicwa4XdmYNyxZoo9ZNLtMYZcDNSt8zMSNCNczUwtL_SwsZnKCG5EFCvHrPALMs-JAbetTdAfJeYnPbLxp8yIc1UzxAVldDbiBDnv4V6mb3rvM37g8hQE0zvIRn4cQBFvIjwJSeCwGuDEaGflq9J983U-i_gN8fihuJmNZXibtNfR7ZpBi-S6yDuvHSG2Q_YoTV2AT8RlG-DY8IVlzjeCSF0BnDXbZKmYpTxZHfkoa0kw1NsJz9n2Qkd6q6-u_NuUd2Cjc09TeVQyhphVxq21b1M-rFma54iTWJkyS_1J8?DC=DO
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=2318701430
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:04 GMT
last-modified: Wed, 27 May 2020 08:58:54 GMT
etag: W/"49-1590569934000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A6FB 197 B
638 B 120ms
43ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

08ead503b5761a19943d902b084834c92ce46837a770c40c57038dc9e88bcb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A6FB 109 B
803 B 39ms
18ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A6FB 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame F7E4 0
0 456ms
456ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&psa=0&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084324943&bpp=14&bdt=85&idt=46&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=5&pv=2&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=4825983&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1968123281&scr_x=0&scr_y=0&oid=3&pvsid=3466663570360730&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mbm5d9856fy1&fsb=1&dtd=63

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&psa=0&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084324943&bpp=14&bdt=85&idt=46&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=5&pv=2&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=4825983&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1968123281&scr_x=0&scr_y=0&oid=3&pvsid=3466663570360730&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mbm5d9856fy1&fsb=1&dtd=63
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 22 Nov 2020 22:32:05 GMT
server: cafe
content-length: 21760
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Nov-2020 22:47:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Nov 2020 22:32:05 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A6FB 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47c41d46153a796049135100b27403e79d4d2a0c82b5d4c30cd5a36d9abc3c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6FB 73 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame 02A0 231 KB
87 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame 331E 231 KB
87 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A6FB 16 KB
6 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 02A0 197 B
254 B 43ms
42ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

92d23a30c90ac0bed6c662efe830f5d4b3a66a4cf4e8b81b1c0ebb6d7b4c7659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 02A0 109 B
781 B 35ms
21ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 02A0 109 B
781 B 43ms
29ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 798B 0
0 379ms
379ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755398&pi=t.ma~as.5046050220&w=240&psa=0&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084325022&bpp=3&bdt=40&idt=62&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=5&pv=1&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=526490299&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1968123281&scr_x=0&scr_y=0&oid=3&pvsid=2294819764718410&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.dv2rwzgqsyen&fsb=1&dtd=69

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755398&pi=t.ma~as.5046050220&w=240&psa=0&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084325022&bpp=3&bdt=40&idt=62&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=5&pv=1&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=526490299&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1968123281&scr_x=0&scr_y=0&oid=3&pvsid=2294819764718410&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.dv2rwzgqsyen&fsb=1&dtd=69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 22 Nov 2020 22:32:05 GMT
server: cafe
content-length: 21636
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Nov-2020 22:47:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Nov 2020 22:32:05 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 02A0 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3931119fb2035e998fe645327c76bb227219193873ff6f6730aee990b49fcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02A0 73 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 2D2B 0
0 34ms
20ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sun, 22 Nov 2020 21:58:19 GMT
expires: Mon, 22 Nov 2021 21:58:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2026
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 02A0 16 KB
6 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 331E 197 B
616 B 99ms
56ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

f570a0e22a2acdc87259c5d3de8b9784186dbbbef456677194277c6c7110406c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 331E 109 B
127 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 331E 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame DB21 0
0 165ms
164ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=200&slotname=7672271343&adk=1928804621&adf=3279755399&pi=t.ma~as.7672271343&w=1200&psa=0&format=1200x200&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084325028&bpp=1&bdt=103&idt=93&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=1&pv=1&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=1182671209&ga_fc=1&iag=3&icsg=650&nhd=1&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=477953659&scr_x=0&scr_y=0&oid=3&pvsid=1681117463866929&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.63srmq1qmxcu&fsb=1&dtd=100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8564894658009468&output=html&h=200&slotname=7672271343&adk=1928804621&adf=3279755399&pi=t.ma~as.7672271343&w=1200&psa=0&format=1200x200&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606084325028&bpp=1&bdt=103&idt=93&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&correlator=2468063692845&frm=23&ife=1&pv=1&ga_vid=1566956134.1606084324&ga_sid=1606084325&ga_hid=1182671209&ga_fc=1&iag=3&icsg=650&nhd=1&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=477953659&scr_x=0&scr_y=0&oid=3&pvsid=1681117463866929&pem=397&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.63srmq1qmxcu&fsb=1&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 22 Nov 2020 22:32:05 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Nov-2020 22:47:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Nov 2020 22:32:05 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 331E 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd95ad676cd8ecff384634a9c747d834e59afc270ab43a7ad9e7dbd5f7166248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 331E 73 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 331E 16 KB
6 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 22:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 22 Nov 2020 22:32:05 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame A928 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sun, 22 Nov 2020 21:58:19 GMT
expires: Mon, 22 Nov 2021 21:58:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2026
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6DD9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fex.net/403?file_id=2318701430
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fex.net/403?file_id=2318701430

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sun, 22 Nov 2020 21:58:19 GMT
expires: Mon, 22 Nov 2021 21:58:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2026
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6FB 0
223 B 39ms
39ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=3466663570360730&bg=!r6ylrIzNAAVGySeIRlhu2luvwGSXygIAAADrUgAAACRoAQcKAQvMUzJZqnLopE7rwbSZiWngFcTb5WnkRvlytb_VsaJPTcYfeimLxTrsuUn4uCSqNQo8A7mplmbrak2BfkEHu19TohFWCO3Ta4eyczqSNzCwCSKXPgCHsmQX9jIDT4S9vW0GjKfhdh2OOhi-uV6dBdlNNDwVWgMhi4ekRJcKWAlCLYhwSQON-aKbN2c5zWrs-IFaTxkUxGzTfE9g3vaAeFNLJyZ0CZyJvaZF7Emfd7B-S9eV5FlJ-o2RHTZGLsmIMAvsi_rrrgR4nE9DRF5xk6nU0I94owji9_c5P-XOQIXIf1PkaZGXvoHNU2AI_stiTDTfVN-bZ70Pb4ca4BQKtFQrc1OtoAcDrTIDYJaZAcEigVMKkFhhEqE4ciyiSXtgyOqBLMF49qxhcUmTeuMJfFlI5juxnsmKjtj0O790CCAi99d-1KPDluQ55VC8rrX5jGDdWZDiyCMnJe65RZjHPAR-j_pHwuK5Sbie4tVt0Ysby4zGzb_uWfAxVC_vBXO29I02esF2zohfXCjkJdSyNoxd-uezX-hRKIB4a5jZKcAm2enBuZgZES5S31hfrqt3bQ5_-jq9my87GIg5daY_COApPackBOKdYD01SoniOUyvJLQWNeieJ0ek0T0c9N_5uPaogN-KrWII2aleJ_GJ5R8gjvk7xTaxUzihxhY4ZYZgiV8s2ohJxH6RH56kYgQ1EkOxmyL5eGJTlRdV1iHCEwWAETghGwl47Edi1rql1Q-U_bZFzau1T8mrQdrsksINKadJGMOHIfYEfE4LM_GkDVQJk0TFJRaqIqymkbprvCUjZ66ZZXwtwlYh_rz7qPLfV05xohyrZSwl_rMWWMzKR4GHYFIQWCpQzEFXnmXI9f-cWngEdaMVeIPZStVinDmB2hjnpm-axX2oTT4iEZRV3jGaxxlRGgsdCg2rUiws5PXoxexne3xi8p6ePRpcb4NF8A

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 331E 0
27 B 173ms
171ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=1681117463866929&bg=!bm2lbU3NAAUoamvQKFiF8YAy7y6gYAIAAAEeUgAAABRoAQcKAKCAKjvvcjGEA0WRR3DdBHAPaJx0Bz2Bw8ieWn2W2nJq55RafZEBlWR-wa6FejbDixrnXC1dez6VkV781V01NB0DTsaeEM-hFlR9fNW8lgWBNffTrpyIxdxxHEf5NLkQ9iN7HLmiBwtmOzAuL_AXKFR8M_abWHxnMn6LWjNvW08J4XGK9fRiKJzcgDEOvL_ntGJ03QIXVDxtU1rTvuDxu_d3mQHBFBUVpSjvDiDyztm70qyel16Y-N66HJ1G_sduBkRyyuSiYuTH4F6F2WEhzLtRPAEhlaGf-9Y7eCIKHydvRmdYQjDIT-5-rRqQaO_lpl5EHI4N50ehMuoTyR0a1u2dWLXMhfvZ_JAdMQR0iTkfe_BtKJ5-QtDbnuqud_xVFnqftUYuSGSkYyRP6ImIJn7PCO6oMrCO7JXM9jIz3fRqCLP4gvv-FCJO47ZuDAhRsnhPm82TSM1nSb5SLvlQtWZw_TrqI7axfw3IZLk5pFovCSiWoPSqDNz1JMTdPbsFgYVZTk2ca3FCTZi3ZWGoLCPN8laIFkMrZcECB5qhXHu-uo0hlte4l9SghDgkK0PXVo53FFr6QthnDn0VNPMMGTvKb3VBwQmepe3A1WZKO185mftZVXAaN0C8yU156RxpKV7dgEXGJI_43t54JzXP_De6-vlZk96ygeD7SSnFhLOHOgTpT6VGlc-56p5Xu98fqxJJxAgbodBnJphmhN4UNHfO6bBVd-eaX1_JVCcR4DllulXI53ILEoLoyuN5H-CUNlRqJlna0jL9V2qSabaJIj6pLOaLHdVO2UcYjk8rgSQV2FABxRA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 02A0 0
23 B 193ms
191ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=2294819764718410&bg=!urmluZnNAAUoamvQKFjUwN_UkI3JDwIAAAEvUgAAAEFoAQcKATqQGZ7dvi171K62pc7M4xUTJMKKKjZR2pZjj178ZL3HHxsM3eT5cuSjOa_0PT5bY7KAMZQOhzwJTiHXLmkoKTANSCVNcBANA8ohfp8s3_4XIpZ0KwO_njqnUb5x_U9pHs-fpqK33VtANt6MUj3D4jpf-Za_rWf-xioybqCHAcVI-auIHAbiUX7vxYx-vpzzLtMgCoYFHOt9R91y8kL8j8yaCZnAlCfU3tNR0qfsq5CawoTRcj1A9d55JRvd-2_4n0eIcNoRTEMBcrqKgmYbSGmvtzyI7ILynUblYE9QVq_SJKcmz-Mk4n1S93mVH_APnH_HgGM9AYJiTvTCI3aUIfDyC1xAVhnzrURAgNPyOQ32BUQqL0dA5u2qNu79HKmACGWLwWhgmI7R0yYtWhsNTAAd2gwL3cuHlQA6i5kBwe06TpoGl1xgCauJYyvADojfaiyX_OUgWwbpEHeRinem8kQO46s3oQ_7nfoyq4jFd-IwB5rU5EqLSIBCR22u9B2g4o2N9sC0Y4_nFjSTkCSelbnzBapj8bvcFQUKLyMHbT9ktugRRJxCsMbEcb-df5ymtFedGVVqhbeTaiIrfLgHmq1iG9WA5O-hgAGxgj5K4TVTe-OUGo9mz0_cdQSa3EqOCBhuzI2SLPy0vfzy8vMzKPfKCpC-DBALiD0t5qAkCzmSDwNAzP3bwJYSuzNaRgHFnvBddlQ_HNt79b4MftLKuip5St7a4J2fLrp3YbMnlMnKpXHhiumTgrsqgUEA8OrmCeXA8rZPyOLLvRN5Cs12u4NlybyPX58-QA0rCqu386R1UzxovZrANdmspuZR5C5mDy9LUJ9vqC5sytTVx3uWtrVFhq_I7LC3-0AIi0XW1iZzPhc7wUcKL62_dxFYhFvZDarm2N8xL4-5-G9UVG6XhO2nrYNdupl4CXGBuF5J3QI-kd-PjChYR1BgojxCyB8T_VGa4edNFpzDJPS1PzQ2qsIhJByNlZ3YbqvbPYXV9htitZbfZJ9Ry8MJ5xFdLgN5

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=2318701430

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 61504924 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 222ms
49ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/61504924?wmode=0&rn=362560066&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&wv-type=3&wv-hit=831078492&wv-part=1&browser-info=ti%3A8%3Aet%3A1606084324%3Aw%3A1600x1200%3Av%3A1976%3Az%3A60%3Ai%3A20201122233203%3Abt%3A1%3Ast%3A1606084326%3Au%3A1606084324316067042

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:06 GMT
last-modified: Sun, 22-Nov-2020 22:32:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fex.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 22-Nov-2020 22:32:06 GMT

POST
H2 200 61504924 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 132ms
90ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/61504924?wmode=0&rn=251430224&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&wv-type=3&wv-hit=831078492&wv-part=1&browser-info=ti%3A8%3Aet%3A1606084324%3Aw%3A1600x1200%3Av%3A1976%3Az%3A60%3Ai%3A20201122233203%3Ast%3A1606084326%3Au%3A1606084324316067042

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:06 GMT
last-modified: Sun, 22-Nov-2020 22:32:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fex.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 22-Nov-2020 22:32:06 GMT

POST
H2 200 61504924 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/61504924?wmode=0&rn=351677855&page-url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D2318701430&wv-type=3&wv-hit=831078492&wv-part=2&browser-info=ti%3A8%3Aet%3A1606084326%3Aw%3A1600x1200%3Av%3A1976%3Az%3A60%3Ai%3A20201122233203%3Abt%3A1%3Ast%3A1606084328%3Au%3A1606084324316067042

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/403?file_id=2318701430
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 22:32:08 GMT
last-modified: Sun, 22-Nov-2020 22:32:08 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fex.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 22-Nov-2020 22:32:08 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fex.net/	1970-01-19 14:09:16	Name: _ym_isad Value: 2
.fex.net/	1970-01-19 22:53:40	Name: _ym_uid Value: 1606084324316067042
.fex.net/	1970-01-19 14:08:04	Name: _gat_gtag_UA_134700492_1 Value: 1
.fex.net/	1970-01-19 22:53:40	Name: _ym_d Value: 1606084324
.fex.net/	1970-01-19 14:09:30	Name: _gid Value: GA1.2.1136509958.1606084324
.fex.net/	1970-01-20 07:39:16	Name: _ga Value: GA1.2.1566956134.1606084324

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
aj1913.online
api.fex.net
c.hit.ua
cdn.plrjs.com
cdn.polyfill.io
fex.net
fonts.googleapis.com
fonts.gstatic.com
fs25.fex.net
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
172.217.18.162
176.9.79.204
193.109.240.6
194.106.216.70
212.124.124.19
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:817::2003
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
2a04:4e42:3::621
89.184.81.35
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08ead503b5761a19943d902b084834c92ce46837a770c40c57038dc9e88bcb1a
176e16080bcf355217e29b5b9eb2a524c21ce7873c00bbe537393cf8a38d1110
1c31deb324c3ca989b65531a955466cabe9c7fec6bb49f35fced9eb97a0eaf31
224d5b0d9afb145a357f3c582941793bd9539a5231d8fee43e021e23cbe202a2
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
2ae9665eb3ba362ccf3dec3c3d8d43c74e99fb2266dcd03bd57a8ff9e26570ed
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
39ca54e948d2b227c89be94089e2f5f8545610044b04aad3319046f3f23e77c2
477e353ae97374b923a1b81251f1ab0d5d9a0901cebe9720c3577fb75b58630f
47c41d46153a796049135100b27403e79d4d2a0c82b5d4c30cd5a36d9abc3c97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5594b40cf8b222d3b23c260ea89d29d1227b3c41a0acec79b24c0da6b997dd06
55cd38edd49c5092d68d9439f8b42d261515f4b82166a601f833addb75468586
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8973141131b2ecd2260c4ac6fcf724bc93441655ba39aa52831ed7d9e827b17d
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
92d23a30c90ac0bed6c662efe830f5d4b3a66a4cf4e8b81b1c0ebb6d7b4c7659
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e
97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893
9c0d88df46a40c54e536793ee86ef93dec250c08879dd41adc305473718c441e
a3c554553393bdb96446d757c60d78d17f8f14208722fb5fa5262645f83e1aee
a57c8c5c24061a8a0917bfb02a78873cf90df198a68ba0beddb9d502d789fc56
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3931119fb2035e998fe645327c76bb227219193873ff6f6730aee990b49fcac
b6ea2296f0ac4d3f0b2dda071cd2728f94411cb17370fc1f3e3de2d06c255ce2
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d3cc5bab5ad3aa0078fde20b534ab552750138ffaeb00fa0b29e3cc0ae6df212
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e2a6fb89b660579cce70340a9c02832499f29fd590da84a04a2648cc884f5270
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8025dc0cedc0ae6fc1b11d60d78aa002733a3fd033efd2a4dce5020fd30b684
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f570a0e22a2acdc87259c5d3de8b9784186dbbbef456677194277c6c7110406c
fbec66b49e7f4d4ea2810e1cf8f8f8faae1a2262d3bc51ea62fa7768270b4903
fd95ad676cd8ecff384634a9c747d834e59afc270ab43a7ad9e7dbd5f7166248

fex.net Open in urlscan Pro 194.106.216.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

65 %IPv6

17 Domains

23 Subdomains

16 IPs

6 Countries

1927 kBTransfer

6427 kBSize

6 Cookies

7 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fex.net Open in urlscan Pro
194.106.216.70 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

65 %
IPv6

17
Domains

23
Subdomains

16
IPs

6
Countries

1927 kB
Transfer

6427 kB
Size

6
Cookies

79 HTTP transactions
0 data transactions