vexfile.com Open in urlscan Pro
2606:4700:3037::6815:1888 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://v.ht/mp4_video
Effective URL:
https://vexfile.com/download/LWeWJzAho0
Submission Tags: falconsandbox
Submission: On February 17 via api (February 17th 2021, 10:03:50 am UTC) from US

Summary HTTP 51 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 18 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3037::6815:1888, located in United States and belongs to CLOUDFLARENET, US. The main domain is vexfile.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2020. Valid for: a year.

This is the only time vexfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	69.61.26.121 69.61.26.121	22653 (GLOBALCOM...) (GLOBALCOMPASS)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 1	87.236.16.209 87.236.16.209	198610 (BEGET-AS) (BEGET-AS)
17	2606:4700:303... 2606:4700:3037::6815:1888	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
3	35.201.103.0 35.201.103.0	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.196.21 139.45.196.21	9002 (RETN-AS) (RETN-AS)
51	18

1 69.61.26.121 (United States)

ASN22653 (GLOBALCOMPASS, US)

v.ht	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

09939fe40e6be60fe1cd474b69ba1e87.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.209 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)
PTR: ssl.flareon.beget.com

meetm.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3037::6815:1888 (United States)

ASN13335 (CLOUDFLARENET, US)

vexfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.103.0 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com

www.greatdexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.21 (United Kingdom)

ASN9002 (RETN-AS, GB)

dutorterraom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	vexfile.com vexfile.com	369 KB
7	googlesyndication.com 09939fe40e6be60fe1cd474b69ba1e87.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	26 KB
5	inpagepush.com inpagepush.com	31 KB
3	gstatic.com fonts.gstatic.com	31 KB
3	greatdexchange.com www.greatdexchange.com	2 KB
2	littlecdn.com littlecdn.com	14 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	doubleclick.net securepubads.g.doubleclick.net	103 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	dutorterraom.com dutorterraom.com	326 B
1	rtmark.net my.rtmark.net	541 B
1	meetm.club 1 redirects meetm.club	482 B
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googletagservices.com www.googletagservices.com	20 KB
1	v.ht v.ht	2 KB
51	18

	Domain	Requested by
17	vexfile.com	v.ht vexfile.com
5	inpagepush.com	vexfile.com inpagepush.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.greatdexchange.com	vexfile.com www.greatdexchange.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	littlecdn.com	inpagepush.com
2	counter.yadro.ru	1 redirects vexfile.com
2	fonts.googleapis.com	vexfile.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	dutorterraom.com
1	my.rtmark.net	inpagepush.com
1	meetm.club	1 redirects
1	09939fe40e6be60fe1cd474b69ba1e87.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	v.ht
1	www.googletagservices.com	v.ht
1	v.ht
51	20

This site contains links to these domains. Also see Links.

Domain
trk.moneyminute.site
www.liveinternet.ru

Subject Issuer	Validity	Valid
www.v.ht Let's Encrypt Authority X3	`2020-12-01` - `2021-03-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
inpagepush.com R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
greatdexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-03-07`	9 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
dutorterraom.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://vexfile.com/download/LWeWJzAho0
Frame ID: 0D75DD11E036B54F2742919BAA88648A
Requests: 44 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 1E11C367DA9B4A4A9DEE7AC52832C83C
Requests: 2 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%7C%2CwY3ZnojdrB1dAN0dEdHP3xP.7bf%2CZMkKdRAQlkuDbgTABrav5AOATiKOgRdJ_lWJIZl4tIW6mfVjPnK8v5wf9rkZ6uGvJq3Vi9lbQUF-r179ZxsP_ToNRaBrtxhSfx504UfHM8k%2C&cbrandom=0.9194289078015869&cbtitle=VexFile.com%20-%20Download%2018plus.mp4&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fv.ht%2Fmp4_video
Frame ID: 251723F487E518FA3CBD676E5171EB6C
Requests: 1 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%7C%2CwY3ZnojdrB1dAN0dEdHP3xP.7bf%2CZMkKdRAQlkuDbgTABrav5AOATiKOgRdJ_lWJIZl4tIW6mfVjPnK8v5wf9rkZ6uGvJq3Vi9lbQUF-r179ZxsP_ToNRaBrtxhSfx504UfHM8k%2C&cbrandom=0.3921195547001044&cbtitle=VexFile.com%20-%20Download%2018plus.mp4&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fv.ht%2Fmp4_video
Frame ID: CF010F73C168F2B625539996BF8BF8DE
Requests: 1 HTTP requests in this frame

Frame: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Frame ID: 17F26F6FC6CDF6D6BE90184F2289DD99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://v.ht/mp4_video Page URL
https://meetm.club/RTrsXQ HTTP 302
https://vexfile.com/download/LWeWJzAho0 Page URL

Page Statistics

51
Requests

100 %
HTTPS

58 %
IPv6

18
Domains

20
Subdomains

18
IPs

4
Countries

658 kB
Transfer

1302 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://trk.moneyminute.site/tpynul?title=18plus.mp4&t=redirect&s1=17587&s2=38024
Title: Start Download

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://v.ht/mp4_video Page URL
https://meetm.club/RTrsXQ HTTP 302
https://vexfile.com/download/LWeWJzAho0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://counter.yadro.ru/hit?t50.5;rhttps%3A//v.ht/mp4_video;s1600*1200*24;uhttps%3A//vexfile.com/download/LWeWJzAho0;hVexFile.com%20-%20Download%2018plus.mp4;0.34510121839145724 HTTP 302
https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//v.ht/mp4_video;s1600*1200*24;uhttps%3A//vexfile.com/download/LWeWJzAho0;hVexFile.com%20-%20Download%2018plus.mp4;0.34510121839145724

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK mp4_video Show response
v.ht/ 3 KB
2 KB 531ms
137ms Document
text/html 69.61.26.121
GLOBALCOMPASS

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ht/mp4_video

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.61.26.121 , United States, ASN22653 (GLOBALCOMPASS, US),

Reverse DNS

Software

Hotcores.com /

Resource Hash

1499ba5d5d0fa172b16aa6b57073ee8bf6e12769efd366949ac8349c5f3a4b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Host: v.ht
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: Hotcores.com
Date: Wed, 17 Feb 2021 10:03:31 GMT
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
I-AM: Alpha
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
20 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: v.ht
URL: https://v.ht/mp4_video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7ae7ae9798af5e5d0ab1d40656967bd1709c7b1d2b5e8c2ba0e1cb35f4e1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "786 / 163 of 1000 / last-modified: 1613517220"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19415
x-xss-protection: 0
expires: Wed, 17 Feb 2021 10:03:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-3

Requested by

Host: v.ht
URL: https://v.ht/mp4_video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c207f015040c501221a5b74bda77fe963ffcc45710fb3151bfea5cff2af07680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39194
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Feb 2021 10:03:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4575
date: Wed, 17 Feb 2021 08:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 10:47:16 GMT

GET
H2 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ 289 KB
102 KB 96ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Wed, 17 Feb 2021 10:03:31 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
59 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1298123534&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2Fmp4_video&ul=en-us&de=UTF-8&dt=mp4_video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=181153423&gjid=307782059&cid=1143284750.1613556212&tid=UA-31510493-3&_gid=235029458.1613556212&_r=1&gtm=2ou230&z=1369186325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 10:03:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://v.ht
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js
adservice.google.de/adsid/ 109 B
803 B 36ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v.ht

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 109 B
803 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v.ht

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
securepubads.g.doubleclick.net/gampad/ 433 B
921 B 154ms
120ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2863853929384446&correlator=3529791420998341&output=ldjh&impl=fif&eid=21068773%2C21068891&vrg=2021021101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210217&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1613556211&dt=1613556211942&dlt=1613556211710&idt=212&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=495576698&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fv.ht%2Fmp4_video&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=1143284750.1613556212&ga_sid=1613556212&ga_hid=1298123534&fws=128&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://v.ht
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
09939fe40e6be60fe1cd474b69ba1e87.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://09939fe40e6be60fe1cd474b69ba1e87.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

Primary Request LWeWJzAho0 Show response
vexfile.com/download/
Redirect Chain

https://meetm.club/RTrsXQ
https://vexfile.com/download/LWeWJzAho0

13 KB
5 KB

172ms
128ms

Document
text/html

2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/download/LWeWJzAho0

Requested by

Host: v.ht
URL: https://v.ht/mp4_video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d75552ca6be6d361dae7d5150f001dab1739fc401ec4e345009cd2ba5298f66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:method: GET
:authority: vexfile.com
:scheme: https
:path: /download/LWeWJzAho0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://v.ht/mp4_video
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://v.ht/mp4_video

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d48c6058fc1dc0993e6811f936919e0841613556212; expires=Fri, 19-Mar-21 10:03:32 GMT; path=/; domain=.vexfile.com; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6IlU4Y1ZCWVJ3QjNSdHFKT0RCXC9haWpnPT0iLCJ2YWx1ZSI6IkFiNXRUbjdvVW56SSthcW1EMm54WDBXM253MGF6N3Y3YWppbmt2VUM2cjhcL1VUY29UMitXVlNBaUROOGM2cVB6IiwibWFjIjoiNzcwYmMxZmMwMWRhNmJlMzIxZTNmZTljNGY4MWVhNDRiOTI4NTI4ZmI4MjFiYmQxYjQxN2Q0ZWFlNGZmY2VhNyJ9; expires=Wed, 17-Feb-2021 12:03:32 GMT; Max-Age=7200; path=/ vexfilecom_session=eyJpdiI6IjVKblBuT3BTTlJHMVd2TG9UVmNcL2FBPT0iLCJ2YWx1ZSI6IkJqRUNMaXpJUUxSeTRvdEM4RWFTeWZZS08wVXdVWUc5MnE4Y0pRaXR6QUlIcllReGw2ekxxN2w2U05Zd3liXC9NIiwibWFjIjoiMzkwOWY2YjQ4OTNlNmExODZjYTg0MWVmZTZiM2M4YmNkZmM2MmYyODgwZGE4NmZhN2IzZTA5NTc3NDkwNTQwZiJ9; expires=Wed, 17-Feb-2021 12:03:32 GMT; Max-Age=7200; path=/; httponly
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
vary: Accept-Encoding
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
cf-request-id: 08510afb1d00000eb33d816000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZVIpdeNIrBTJO8%2FhHogYxysSWn%2FmGc8q%2FcBOJ%2BPa1hlXVSxLlG86%2FdTTk38y2eru7MimAq2d%2BgYc8WuebpyGwG7UqkWceYmdcj6Jtcm6ICUYXRUre2G96A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 622eadd82fc90eb3-FRA
content-encoding: br

Redirect headers

server: nginx-reuseport/1.13.4
date: Wed, 17 Feb 2021 10:03:32 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-powered-by: PHP/5.6.40
expires: Thu, 21 Jul 1977 07:30:00 GMT
last-modified: Wed, 17 Feb 2021 10:03:32 GMT
cache-control: max-age=0
pragma: no-cache
set-cookie: 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEwMlwiOjE2MTM1NTYyMTJ9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjEzNTU2MjEyfSxcInRpbWVcIjoxNjEzNTU2MjEyfSJ9.7GGDEdVzBdKDZhmtdHVoCsNlLn_p6g2Dj8RbD5m635M; expires=Sat, 20-Mar-2021 10:03:32 GMT; Max-Age=2678400; path=/; domain=.meetm.club
location: https://vexfile.com/download/LWeWJzAho0

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6515
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 17 Feb 2021 10:03:32 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 1E11 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://v.ht/mp4_video
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://v.ht/mp4_video

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 17 Feb 2021 09:59:12 GMT
expires: Thu, 17 Feb 2022 09:59:12 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 260
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js
pagead2.googlesyndication.com/bg/ Frame 1E11 14 KB
7 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 09:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 2661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Thu, 17 Feb 2022 09:19:11 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=2863853929384446&bg=!VValVhXNAAXRs2QT0TsAKQB2-Dxag-acns8wPTBy0W6v2QdJQcZG3mHlWCQsibJl67Ou41-nI5iSAgAAAG5SAAAAFmgBBwoBqqAa0l23ddo7NO7GLiKn_Xj9gK2BN-SuOHeGGZVsx1eIF0UYkXhvUaIZq-ghq61qEUhlSS_Leo3RLuuXHtqO90Cwl3Qcls5hN0nM65ayiN_-vylIXD4Fzld-n6crRurmcpwmCZaAs5yNAVwlkbuub8O5SXH6WENzEgjjnk7BGblbbs96jMyKCpeuiS1OQXuzyLtvDH_3Z6F1ajuZ0Xn5alpEX1ojXLyabiSiTBIHkN52gRyyEnl2uYU7RNfcERRsi-btLfAfvFyHNvAXajzzMNINTFV9hqXbjmP6ZCqgfFo2MvL-FIWuiQIxAWPMFKzrwiZ0qd7eBXCV_muKmyXvm0CPYAU1DG6GPhTZBM-e4AK1oxG1EfLKjRo_aztolPVotn3ypeT2uFoQbM6QwlsfkMR12Wchila-kh5p9KVev_E7KHN8wJmxi1feojjzexKCm6PLjNLRav1GAuenTpFRFybPLmEoKIUxEcvwhfQotYnk4X3kHdBjDz8N93PzCkOcZ3boAwpPYaZCB8NRczYlisubyjEztiXWIuQ1Mt9KZnJzA89OtC8LlmTTMJkBzFM7wCCQMwoTu4JZzNpCQGKnhQiRy7IlgNlzRp03lZkNNWghN5poNH6amFVLSehzPfQ5_W6btMxMqmq_9Bct8I1ADvDer1CsU70hg5XmmUXNao1_r6mEn6cESj70-AAy3Z1VnR0BSIg4NIg8Ygey8vLpMQCb6C_koA59Ziz0_XtCDRaEEBlZ1tlVmxhUoA6xOSQw-YyURzPg-CFrtv7en-cd_EKydpb8ZSS6szJRnyZ-lCBjfRhZvBg5nBULxMpOorHnBYS4fWMfYQO_ys1NB3jm_puyrLV9kGddUgWy3V2u7F_frVCE-EA2qVWHwwhqRgrN4zjAyngWDT_Y1fwKGToFw3qnnFBerBjPAY4oPr5q-bEOnmkcPfZv88moMiMpAOTHiYQV3VxdKlMxz3WXl1_0w6MQVc2My-cI2HT8KgxjCUcvWJ1LPa1cegQun_YMJqovA7W7piBAs3ywS49WblkV7CIlgleKslxfMdzEY878rt49FbxWnT4BV4D2B-M1dZFtXiGNQSE5_0F2jJ8wqdvXMfMj_EBzaYzhA_cglsYejX8EF_jRZFweO2HmW6WoMIYslnoxC5H43TW--Tqe2SLmr9eoh6Jz9GLcgZc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://v.ht/mp4_video
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 10:03:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.min.css
vexfile.com/bootstrap/ 138 KB
19 KB 20ms
19ms Stylesheet
text/css 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/bootstrap/bootstrap.min.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 791722
cf-request-id: 08510afba600000eb3231a1000000001
last-modified: Sat, 09 Feb 2019 21:09:46 GMT
server: cloudflare
etag: W/"5c5f419a-22688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vkz8ktd13mmSP7DJAweEUrg%2FgoSkcVUrMYM98Amq%2By0bl7zRTuCwtp%2FWtP8zIr053oQUCtb4YLP6p6mrEd27g3wiTCHGpou6yWgq2QV25U3RoDIcYjVS%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 622eadd9087d0eb3-FRA
expires: Wed, 10 Mar 2021 06:08:10 GMT

GET
H2 200 typography.css
vexfile.com/css/ 7 KB
2 KB 14ms
13ms Stylesheet
text/css 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/css/typography.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb26738924d7613e95f3c0d746d658ea565f32866878ef4e963050d4f334fcf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1763321
cf-request-id: 08510afba600000eb3543b4000000001
last-modified: Wed, 13 Feb 2019 16:54:10 GMT
server: cloudflare
etag: W/"5c644bb2-1dff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OfrZpnvePjR6OEWVrRsKyMdT9XPebRU9ICMiugiK4jNyFmGw6XC8ixpwrExvpAhhVELi7YUAwlhE6oPCWRPzQOZDitx1LCWN279DbXMYdbCXHorRdcGiBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 622eadd9087e0eb3-FRA
expires: Sat, 27 Feb 2021 00:14:51 GMT

GET
H2 200 style.css
vexfile.com/ 18 KB
4 KB 15ms
14ms Stylesheet
text/css 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/style.css

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae32c3c97c07035a178a07afdabbe3902b5170413f0bd15d3f0f8a57f807346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 195961
cf-request-id: 08510afba700000eb3279d1000000001
last-modified: Wed, 13 Feb 2019 19:05:34 GMT
server: cloudflare
etag: W/"5c646a7e-46a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FZFviOy6V9cXvGcwlKyXchg9dpB4qyet5FUHDjc8Ak2ci10uMtrI7nO6SlRy0MH8wzvCv1N%2Br5vnty%2FVy%2BoeFfv15PwfqIMLvyEk2EYGb5Fwwj%2BeW3y8pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 622eadd908800eb3-FRA
expires: Wed, 17 Mar 2021 03:37:31 GMT

GET
H2 200 3234344 Show response
inpagepush.com/400/ 83 KB
29 KB 132ms
55ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3234344

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c36ebf80070a80fff458d24b1b0100e98582b82dbf4529efeeabe69c1851221a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: d09df8873afc28a090b4bf43bb2d59d4
pragma: no-cache
date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 logo.png
vexfile.com/img/ 27 KB
28 KB 16ms
15ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/logo.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65a1d750c947051aa787573a3e0d258cff494d953282243d3313cc75bd938e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 93583
content-length: 28101
cf-request-id: 08510afc0400000eb3481f5000000001
last-modified: Sun, 10 Feb 2019 19:59:54 GMT
server: cloudflare
etag: "5c6082ba-6dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3fn8duKJsQcoQtHNXHWWHHbIjAbiCzVnAM2uJMFfYuC3jKVbVgg0yh7ehnZeBn7bhpH%2B2ROoK85k1k4MAK8Mm3enve2EaaC5teCzLGr2zP3Ouy13GBm3DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eadd9a9420eb3-FRA
expires: Thu, 18 Mar 2021 08:03:49 GMT

GET
H2 200 display.php Show response
www.greatdexchange.com/a/ 6 KB
2 KB 189ms
145ms Script
application/javascript 35.201.103.0
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatdexchange.com/a/display.php?r=2457295
Requested by: Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 0.103.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: ca7c78a945b5d7f6960e8045da48ab10dbe71a4c1811c1ed4821697e23f32313

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery-3.3.1.min.js Show response
vexfile.com/js/ 82 KB
28 KB 18ms
17ms Script
application/javascript 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/js/jquery-3.3.1.min.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1057780
cf-request-id: 08510afc0400000eb375be9000000001
last-modified: Sat, 09 Feb 2019 21:10:00 GMT
server: cloudflare
etag: W/"5c5f41a8-14978"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=81YiJjQ7mu2RbDLk825wqBvNVTBP2xpyLV1k0dL5UQcO8VMUGWmOKn5tLoNXWrjme8Onj4VS1RazTLKXWY7XkYQlGYWDiE15HwlPYLLPXX1jZzcooRwTMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 622eadd9993c0eb3-FRA
expires: Sun, 07 Mar 2021 04:13:52 GMT

GET
H2 200 bootstrap.min.js Show response
vexfile.com/bootstrap/ 50 KB
13 KB 21ms
21ms Script
application/javascript 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vexfile.com/bootstrap/bootstrap.min.js

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1040177
cf-request-id: 08510afc0400000eb33689f000000001
last-modified: Sat, 09 Feb 2019 21:10:00 GMT
server: cloudflare
etag: W/"5c5f41a8-c75f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rEGjioasJ8s%2BlZzO%2FTbUXLyQhhI6m4LitljHFP9tKHOkL3cPwqX3RAJMisKc6te%2Foto9YsA6OKNozkado%2FkQhSJoJzOtgFNXSqGts22KG%2FOORimDAKADDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 622eadd9a93f0eb3-FRA
expires: Sun, 07 Mar 2021 09:07:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
529 B 17ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: vexfile.com
URL: https://vexfile.com/css/typography.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab18eadefb3a9a5d06e5326a201b9b03b5ff01835839744c0d5d8de0efda906c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vexfile.com/css/typography.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 08:09:57 GMT
server: ESF
date: Wed, 17 Feb 2021 10:03:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Feb 2021 10:03:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 16ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: vexfile.com
URL: https://vexfile.com/css/typography.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vexfile.com/css/typography.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 08:54:29 GMT
server: ESF
date: Wed, 17 Feb 2021 10:03:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Feb 2021 10:03:32 GMT

GET
H2 404 fontawesome-all.min.css
vexfile.com/css/ 0
0 67ms
64ms Stylesheet
text/html 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vexfile.com/css/fontawesome-all.min.css
Requested by: Host: vexfile.com
URL: https://vexfile.com/css/typography.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vexfile.com/css/typography.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rhAafywlH1FwMJ1jhxGG9DBG8K52PLd2VliKPIUNQiA2BrMuyHQG8OD0dqJ%2F%2Brg4d9JJCLP%2FHMoNnG2IPXnhBIlNK7YQk1qHK6GeQLVmKtWBqd8Uejv11g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 622eadd928990eb3-FRA
cf-request-id: 08510afbb900000eb356239000000001

GET
H2 404 owl.carousel.css
vexfile.com/css/ 0
0 65ms
62ms Stylesheet
text/html 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vexfile.com/css/owl.carousel.css
Requested by: Host: vexfile.com
URL: https://vexfile.com/css/typography.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vexfile.com/css/typography.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g2z1zUCCPua0n6L2xIsjoIn%2FVe50ijWb9h1G1xOiAwGMqaVINk5pwE93tY97hc%2F2%2BIOXWwGIjSxInQ%2BUOhtGM9a4k%2Fkx60PEF6Uvqhp15H%2FtbA5c4S%2F3gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 622eadd9289b0eb3-FRA
cf-request-id: 08510afbb900000eb35c207000000001

GET
H2 404 ionicons.min.css
vexfile.com/css/ 0
0 74ms
71ms Stylesheet
text/html 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vexfile.com/css/ionicons.min.css
Requested by: Host: vexfile.com
URL: https://vexfile.com/css/typography.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vexfile.com/css/typography.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:32 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C3oNmYinEiVjH9DutD4gDbv4N8iGMlGZKt3ox3F8s1UyQerzkF3Yuqrj2rZnk5rOPziNGLSKzytmuPd2tWy134uc0C8fCRr8En5F%2FXs2JUVk1SDIQgk6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 622eadd9289f0eb3-FRA
cf-request-id: 08510afbba00000eb339198000000001

GET
H2 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhKSbpUVzEEQ.woff
fonts.gstatic.com/s/josefinsans/v17/ 13 KB
14 KB 7ms
7ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v17/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhKSbpUVzEEQ.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

388c42b0a18509b86204993e97cb01c9d08fb0aef06bb671aae5065aa49c36f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vexfile.com
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 04:19:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:59:46 GMT
server: sffe
age: 366225
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13760
x-xss-protection: 0
expires: Sun, 13 Feb 2022 04:19:47 GMT

GET
H2 204 display.php
www.greatdexchange.com/ad/ Frame 2517 0
0 148ms
147ms Document
text/plain 35.201.103.0
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatdexchange.com/ad/display.php?stamat=m%7C%2CwY3ZnojdrB1dAN0dEdHP3xP.7bf%2CZMkKdRAQlkuDbgTABrav5AOATiKOgRdJ_lWJIZl4tIW6mfVjPnK8v5wf9rkZ6uGvJq3Vi9lbQUF-r179ZxsP_ToNRaBrtxhSfx504UfHM8k%2C&cbrandom=0.9194289078015869&cbtitle=VexFile.com%20-%20Download%2018plus.mp4&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fv.ht%2Fmp4_video
Requested by: Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/a/display.php?r=2457295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 0.103.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

:method: GET
:authority: www.greatdexchange.com
:scheme: https
:path: /ad/display.php?stamat=m%7C%2CwY3ZnojdrB1dAN0dEdHP3xP.7bf%2CZMkKdRAQlkuDbgTABrav5AOATiKOgRdJ_lWJIZl4tIW6mfVjPnK8v5wf9rkZ6uGvJq3Vi9lbQUF-r179ZxsP_ToNRaBrtxhSfx504UfHM8k%2C&cbrandom=0.9194289078015869&cbtitle=VexFile.com%20-%20Download%2018plus.mp4&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fv.ht%2Fmp4_video
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vexfile.com/download/LWeWJzAho0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vexfile.com/download/LWeWJzAho0

Response headers

server: openresty
date: Wed, 17 Feb 2021 10:03:33 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: clear

GET
H2 204 display.php
www.greatdexchange.com/ad/ Frame CF01 0
0 152ms
151ms Document
text/plain 35.201.103.0
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatdexchange.com/ad/display.php?stamat=m%7C%2CwY3ZnojdrB1dAN0dEdHP3xP.7bf%2CZMkKdRAQlkuDbgTABrav5AOATiKOgRdJ_lWJIZl4tIW6mfVjPnK8v5wf9rkZ6uGvJq3Vi9lbQUF-r179ZxsP_ToNRaBrtxhSfx504UfHM8k%2C&cbrandom=0.3921195547001044&cbtitle=VexFile.com%20-%20Download%2018plus.mp4&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fv.ht%2Fmp4_video
Requested by: Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/a/display.php?r=2457295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 0.103.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

:method: GET
:authority: www.greatdexchange.com
:scheme: https
:path: /ad/display.php?stamat=m%7C%2CwY3ZnojdrB1dAN0dEdHP3xP.7bf%2CZMkKdRAQlkuDbgTABrav5AOATiKOgRdJ_lWJIZl4tIW6mfVjPnK8v5wf9rkZ6uGvJq3Vi9lbQUF-r179ZxsP_ToNRaBrtxhSfx504UfHM8k%2C&cbrandom=0.3921195547001044&cbtitle=VexFile.com%20-%20Download%2018plus.mp4&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fv.ht%2Fmp4_video
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vexfile.com/download/LWeWJzAho0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vexfile.com/download/LWeWJzAho0

Response headers

server: openresty
date: Wed, 17 Feb 2021 10:03:33 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t50.5;rhttps%3A//v.ht/mp4_video;s1600*1200*24;uhttps%3A//vexfile.com/download/LWeWJzAho0;hVexFile.com%20-%20Download%2018plus.mp4;0.34510121839145724
https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//v.ht/mp4_video;s1600*1200*24;uhttps%3A//vexfile.com/download/LWeWJzAho0;hVexFile.com%20-%20Download%2018plus.mp4;0.34510121839145724

140 B
594 B

83ms
82ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//v.ht/mp4_video;s1600*1200*24;uhttps%3A//vexfile.com/download/LWeWJzAho0;hVexFile.com%20-%20Download%2018plus.mp4;0.34510121839145724

Requested by

Host: vexfile.com
URL: https://vexfile.com/download/LWeWJzAho0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 10:03:33 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 140
Expires: Mon, 17 Feb 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Feb 2021 10:03:33 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t50.5;rhttps%3A//v.ht/mp4_video;s1600*1200*24;uhttps%3A//vexfile.com/download/LWeWJzAho0;hVexFile.com%20-%20Download%2018plus.mp4;0.34510121839145724
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 17 Feb 2020 21:00:00 GMT

GET
H2 200 meteor.png
vexfile.com/img/ 13 KB
13 KB 13ms
12ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/meteor.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43d31f60c2291738afed1388cfc47204290c559055fc628aafa4d0d2ea0335a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384000
content-length: 12915
cf-request-id: 08510afd2500000eb372155000000001
last-modified: Tue, 12 Feb 2019 19:43:08 GMT
server: cloudflare
etag: "5c6321cc-3273"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bu7zLJ0MmZdT1m8jFhGUUdmTRFrG1ZD8%2F020%2B0J9Q%2BfYjSZfGZur0ctEyj7AH8%2Fz10cesoP2367n1qnCmeGjppwsbd%2BHzb5cJYz2tibXWE7feZx3uBx3eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb6afb0eb3-FRA
expires: Wed, 03 Mar 2021 09:36:53 GMT

GET
H2 200 planet.png
vexfile.com/img/ 24 KB
24 KB 17ms
14ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/planet.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46bc96548d788483a007db3dc7c7468ad8e6dd6b90f2bce69ea7757752742142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1123459
content-length: 24319
cf-request-id: 08510afd2700000eb393316000000001
last-modified: Tue, 12 Feb 2019 19:43:42 GMT
server: cloudflare
etag: "5c6321ee-5eff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i5eqsT1q66tOCbjbv4lz938oTz5WNipo5MtR6726AQglJ5zf%2BYmGLMzVgNs7at9N9Va2r%2Fxt%2FgVLkyi6uP8zgSaqHienWzrn59QmshveL0eqkxvLwM9R4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb7afd0eb3-FRA
expires: Sat, 06 Mar 2021 09:59:14 GMT

GET
H2 200 wrapper-bg-1.gif
vexfile.com/img/ 45 KB
45 KB 18ms
16ms Image
image/gif 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/wrapper-bg-1.gif

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea80daa61b7e9bfc0128fe9ccc0bd667a9e71c88df76302e335908833d301b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384001
content-length: 46074
cf-request-id: 08510afd2800000eb375bf5000000001
last-modified: Tue, 12 Feb 2019 19:44:52 GMT
server: cloudflare
etag: "5c632234-b3fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=flLNLHBjKp%2FUNGTo1f%2FlAe5kDm%2Bv1Jmzf2sbkfoT%2FBCsvePiMj4Jcbeq5BEae209HgZyz2MHVt5CiF4Tyy8lOQmZisY74ET461dRfljnuRLKXWeZsvFhFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb7afe0eb3-FRA
expires: Wed, 03 Mar 2021 09:36:52 GMT

GET
H2 200 wrapper-bg-3.png
vexfile.com/img/ 28 KB
29 KB 24ms
23ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/wrapper-bg-3.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6566b11757e25e32b08b103b2b6729365535eead6d4ae6a44017d74ff9d170b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 93582
content-length: 29027
cf-request-id: 08510afd2900000eb375bf6000000001
last-modified: Tue, 12 Feb 2019 19:44:34 GMT
server: cloudflare
etag: "5c632222-7163"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLfH8DEnpK5rITkk4xbPI31uztMm6yn7UbEDmnOGt24SKW3ybS8Suyct%2F55nvy%2F8iqv%2FckeoFJU31DsHzIfEbalYdN6IniIezQkedMr7zh%2B4J4XPImMLPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb7aff0eb3-FRA
expires: Thu, 18 Mar 2021 08:03:51 GMT

GET
H2 200 section-5-bg-1.png
vexfile.com/img/ 89 KB
90 KB 25ms
24ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/section-5-bg-1.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b970526ac2cf7b5f8fc209bf17268cf7b6ca1ce314ee5fffff00fad12556aad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 859831
content-length: 91619
cf-request-id: 08510afd2800000eb34a97b000000001
last-modified: Tue, 12 Feb 2019 19:42:40 GMT
server: cloudflare
etag: "5c6321b0-165e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mf057wB33BQw28Rc1JdfJw3a0L%2Bud1qL8KgVAXGAVw4vYDBIMg0DlQe5W%2F3LJDG7yDZSVXu0PZ%2B7Q%2BFIKKm3nKxji7zu7cf76f35M3wXg6AGEf8a1ZfFLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb7b000eb3-FRA
expires: Tue, 09 Mar 2021 11:13:02 GMT

GET
H2 200 section-home-audit-bg-1.png
vexfile.com/img/ 49 KB
50 KB 16ms
15ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/section-home-audit-bg-1.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed21f5f80d8bf2c91376e0870cedc152d1250f6fd4760651566042b0481d6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1046279
content-length: 50460
cf-request-id: 08510afd2800000eb36fa2e000000001
last-modified: Tue, 12 Feb 2019 19:44:12 GMT
server: cloudflare
etag: "5c63220c-c51c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zQ%2BVOBIl%2Fk0nBySLI9Li5Nb77hqAAbQKkBBSp58V7IgigdHo23zvVfPaZZIK781TS5Sc2s5Zj%2Ff9FY1UpId5K%2FmEsP%2BqwzxfTvYmzo8OvYyKakSpvHPwtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb7b010eb3-FRA
expires: Sun, 07 Mar 2021 07:25:34 GMT

GET
H2 200 section-3-bg-1.png
vexfile.com/img/ 18 KB
18 KB 24ms
14ms Image
image/png 2606:4700:3037::6815:1888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vexfile.com/img/section-3-bg-1.png

Requested by

Host: vexfile.com
URL: https://vexfile.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087043df55ffac96acfb75a3cc837b21017a9c14c84ea98047048dd2d3bf2d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://vexfile.com/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 691213
content-length: 18546
cf-request-id: 08510afd4100000eb38cad7000000001
last-modified: Tue, 12 Feb 2019 19:41:32 GMT
server: cloudflare
etag: "5c63216c-4872"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TPoP9IvalzCAl7FwssKQ7%2FjGm03LqZlY96Vma6%2BHPely28wGY7TnvLus87DmjoAF3P5rtElStzmfT6rTUwE38fWnWq44aHGykjkX1uZaGENr%2FvMcZYqD9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 622eaddb9b1c0eb3-FRA
expires: Thu, 11 Mar 2021 10:03:20 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vexfile.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 520981
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:20:32 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vexfile.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 149912
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:25:01 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 112ms
36ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3234344

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

544f9e44aa0b7ce6e2a822af06a40a338f07a89f68609e80b18e612b7bfe3b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:31 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vexfile.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

OPTIONS
H2 200 3234344
inpagepush.com/500/ Frame 0
0 124ms
39ms Other 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3234344?excludes=&oaid=027f46dcc5bb4a1db8ed7d23efb852dc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fvexfile.com%2Fdownload%2FLWeWJzAho0&drf=https%3A%2F%2Fv.ht%2Fmp4_video&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://vexfile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Feb 2021 10:03:33 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://vexfile.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3234344 Show response
inpagepush.com/500/ 1 KB
1 KB 40ms
40ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3234344

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a22bc56ddfaa85a7b09b384e9f16baecc33d5455cb0d206507d08f7bad9da9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d8f0289a8456517ac8f10924dccff60f
pragma: no-cache
date: Wed, 17 Feb 2021 10:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://vexfile.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ 6 KB
7 KB 27ms
12ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:33 GMT
cf-cache-status: HIT
age: 5541
content-length: 6498
cf-request-id: 08510aff1a00004eb6d9344000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 622eadde8fdd4eb6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gtLIbzRDpWeiYdgyz2VBkVtPShhIBuc_ktf-bF-MaH0mngWP7vEg24LAVcBP0SzXgv3OZS8duu8SCxayy9qsmpxQAzohMyg_vZdw98YlSY6p1nV-cZ_G576f43WJQrLnH-ZJpsx_SFJzYmLYkjHS2lVzsJ6PkPFNKi3nya4MueDWlVHQ519_BbdDQkcQvp6JsloX-...
dutorterraom.com/impression/ 43 B
326 B 131ms
41ms Image
image/gif 139.45.196.21
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/gtLIbzRDpWeiYdgyz2VBkVtPShhIBuc_ktf-bF-MaH0mngWP7vEg24LAVcBP0SzXgv3OZS8duu8SCxayy9qsmpxQAzohMyg_vZdw98YlSY6p1nV-cZ_G576f43WJQrLnH-ZJpsx_SFJzYmLYkjHS2lVzsJ6PkPFNKi3nya4MueDWlVHQ519_BbdDQkcQvp6JsloX-0itP9g=?z=3234344&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fvexfile.com%2Fdownload%2FLWeWJzAho0&drf=https%3A%2F%2Fv.ht%2Fmp4_video&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.21 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: ee8b36ae0fe6d6c582d5a3226f971412
pragma: no-cache
date: Wed, 17 Feb 2021 10:03:43 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ Frame 17F2 6 KB
7 KB 10ms
10ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3234344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 10:03:43 GMT
cf-cache-status: HIT
age: 5551
content-length: 6498
cf-request-id: 08510b245800004eb6d5882000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 622eae1a2dff4eb6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

OPTIONS
H2 200 3234344
inpagepush.com/500/ Frame 0
0 38ms
38ms Other 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3234344?excludes=6762719&oaid=027f46dcc5bb4a1db8ed7d23efb852dc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fvexfile.com%2Fdownload%2FLWeWJzAho0&drf=https%3A%2F%2Fv.ht%2Fmp4_video&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://vexfile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Feb 2021 10:03:43 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://vexfile.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 3234344 Show response
inpagepush.com/500/ 0
441 B 40ms
40ms XHR
text/plain 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3234344

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexfile.com/download/LWeWJzAho0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1e1f0f5c331de186796675f277e7d5b4
pragma: no-cache
date: Wed, 17 Feb 2021 10:03:41 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://vexfile.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vexfile.com/	1970-01-19 16:55:48	Name: __cfduid Value: d80856da5e4781dbb62e06259d105ab7e1613556213

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09939fe40e6be60fe1cd474b69ba1e87.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
counter.yadro.ru
dutorterraom.com
fonts.googleapis.com
fonts.gstatic.com
inpagepush.com
littlecdn.com
meetm.club
my.rtmark.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
v.ht
vexfile.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.greatdexchange.com
139.45.195.8
139.45.196.21
139.45.197.15
142.250.185.226
2606:4700:10::6816:1874
2606:4700:3037::6815:1888
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
35.201.103.0
69.61.26.121
87.236.16.209
88.212.201.198
087043df55ffac96acfb75a3cc837b21017a9c14c84ea98047048dd2d3bf2d9b
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1499ba5d5d0fa172b16aa6b57073ee8bf6e12769efd366949ac8349c5f3a4b61
2a7ae7ae9798af5e5d0ab1d40656967bd1709c7b1d2b5e8c2ba0e1cb35f4e1a5
388c42b0a18509b86204993e97cb01c9d08fb0aef06bb671aae5065aa49c36f0
46bc96548d788483a007db3dc7c7468ad8e6dd6b90f2bce69ea7757752742142
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544f9e44aa0b7ce6e2a822af06a40a338f07a89f68609e80b18e612b7bfe3b4d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed21f5f80d8bf2c91376e0870cedc152d1250f6fd4760651566042b0481d6bf
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
9ea80daa61b7e9bfc0128fe9ccc0bd667a9e71c88df76302e335908833d301b6
a22bc56ddfaa85a7b09b384e9f16baecc33d5455cb0d206507d08f7bad9da9d5
a43d31f60c2291738afed1388cfc47204290c559055fc628aafa4d0d2ea0335a
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2
ab18eadefb3a9a5d06e5326a201b9b03b5ff01835839744c0d5d8de0efda906c
b970526ac2cf7b5f8fc209bf17268cf7b6ca1ce314ee5fffff00fad12556aad5
bae32c3c97c07035a178a07afdabbe3902b5170413f0bd15d3f0f8a57f807346
c207f015040c501221a5b74bda77fe963ffcc45710fb3151bfea5cff2af07680
c36ebf80070a80fff458d24b1b0100e98582b82dbf4529efeeabe69c1851221a
ca7c78a945b5d7f6960e8045da48ab10dbe71a4c1811c1ed4821697e23f32313
cb26738924d7613e95f3c0d746d658ea565f32866878ef4e963050d4f334fcf9
cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1
d75552ca6be6d361dae7d5150f001dab1739fc401ec4e345009cd2ba5298f66b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6566b11757e25e32b08b103b2b6729365535eead6d4ae6a44017d74ff9d170b
e65a1d750c947051aa787573a3e0d258cff494d953282243d3313cc75bd938e8

vexfile.com Open in urlscan Pro 2606:4700:3037::6815:1888 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

51 Requests

100 %HTTPS

58 %IPv6

18 Domains

20 Subdomains

18 IPs

4 Countries

658 kBTransfer

1302 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vexfile.com Open in urlscan Pro
2606:4700:3037::6815:1888 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

58 %
IPv6

18
Domains

20
Subdomains

18
IPs

4
Countries

658 kB
Transfer

1302 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions