exey.io Open in urlscan Pro
2606:4700:20::ac43:46a0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://exe.io/ZuS2jk
Effective URL:
https://exey.io/ZuS2jk
Submission: On July 09 via manual (July 9th 2022, 6:04:32 pm UTC) from NL — Scanned from NL

Summary HTTP 108 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 26 domains to perform 108 HTTP transactions. The main IP is 2606:4700:20::ac43:46a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is exey.io. The Cisco Umbrella rank of the primary domain is 350860.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2022. Valid for: a year.

This is the only time exey.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::681a:267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:46a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	52.22.197.162 52.22.197.162	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:249... 2600:9000:2491:4200:18:306b:ddc0:21	16509 (AMAZON-02) (AMAZON-02)
1	23.109.82.10 23.109.82.10	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3038::6815:eb09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
8	144.217.66.206 144.217.66.206	16276 (OVH) (OVH)
20	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.32.99.76 13.32.99.76	16509 (AMAZON-02) (AMAZON-02)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
6	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:8640:454::2 2a06:8640:454::2	55081 (24SHELLS) (24SHELLS)
1	2606:4700:303... 2606:4700:3034::ac43:cdf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	51.79.72.196 51.79.72.196	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	139.45.197.153 139.45.197.153	9002 (RETN-AS) (RETN-AS)
2	154.51.131.141 154.51.131.141	174 (COGENT-174) (COGENT-174)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
108	31

1 2606:4700:20::681a:267 (United States)

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:46a0 (United States)

ASN13335 (CLOUDFLARENET, US)

exey.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.197.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-197-162.compute-1.amazonaws.com

platform.pubfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:4200:18:306b:ddc0:21 (United States)

ASN16509 (AMAZON-02, US)

d192r5l88wrng7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.10 (Netherlands)

ASN7979 (SERVERS-COM, US)

nh.eugeniecor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3038::6815:eb09 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 144.217.66.206 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns535844.ip-144-217-66.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-76.fra60.r.cloudfront.net

mworkh.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

nedukeratio.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cdf0 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.72.196 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns567732.ip-51-79-72.net

h5.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.153 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.51.131.141 (Willesden, United Kingdom)

ASN174 (COGENT-174, US)

tags.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
17	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 17803 analytics.vdo.ai — Cisco Umbrella Rank: 17266 targeting.vdo.ai — Cisco Umbrella Rank: 20801 h5.vdo.ai — Cisco Umbrella Rank: 22114	450 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 116 adservice.google.com — Cisco Umbrella Rank: 92	1 KB
6	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 487	2 KB
6	in-page-push.com in-page-push.com — Cisco Umbrella Rank: 136923	33 KB
5	mworkh.buzz mworkh.buzz	6 KB
5	cloudfront.net d192r5l88wrng7.cloudfront.net	230 KB
4	nedukeratio.lol nedukeratio.lol	2 KB
4	freychang.fun freychang.fun — Cisco Umbrella Rank: 25689	202 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	152 KB
3	h12-media.com tags.h12-media.com — Cisco Umbrella Rank: 122540 f.h12-media.com — Cisco Umbrella Rank: 160433	93 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 imasdk.googleapis.com — Cisco Umbrella Rank: 425	330 KB
3	exey.io exey.io — Cisco Umbrella Rank: 350860	90 KB
2	cdnativepush.com static.cdnativepush.com — Cisco Umbrella Rank: 23635	5 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 107	52 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	pubfuture.com platform.pubfuture.com — Cisco Umbrella Rank: 58656	4 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 20258	477 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11393	538 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	17 KB
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 22998	18 KB
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6305	412 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96
1	eugeniecor.com nh.eugeniecor.com — Cisco Umbrella Rank: 586892	1 KB
1	exe.io exe.io — Cisco Umbrella Rank: 392284	974 B
108	26

	Domain	Requested by
20	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com exey.io
8	analytics.vdo.ai	a.vdo.ai
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	adservice.google.com	imasdk.googleapis.com
6	in-page-push.com	exey.io in-page-push.com
5	mworkh.buzz	d192r5l88wrng7.cloudfront.net
5	a.vdo.ai	exey.io a.vdo.ai
5	d192r5l88wrng7.cloudfront.net	exey.io mworkh.buzz
4	nedukeratio.lol	exey.io
4	freychang.fun	d192r5l88wrng7.cloudfront.net
4	www.googletagmanager.com	exey.io a.vdo.ai www.googletagmanager.com
3	h5.vdo.ai	exey.io
3	exey.io	exey.io
2	tags.h12-media.com	platform.pubfuture.com exe.io
2	static.cdnativepush.com	exey.io in-page-push.com
2	www.youtube.com	a.vdo.ai www.youtube.com
2	accounts.google.com	exey.io
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	platform.pubfuture.com	exey.io platform.pubfuture.com
1	fleraprt.com	tzegilo.com
1	f.h12-media.com	tags.h12-media.com
1	my.rtmark.net	in-page-push.com
1	s0.2mdn.net	imasdk.googleapis.com
1	tzegilo.com	in-page-push.com
1	ghb.adtelligent.com	platform.pubfuture.com
1	cdnjs.cloudflare.com	exey.io
1	www.facebook.com	exey.io
1	targeting.vdo.ai	a.vdo.ai
1	nh.eugeniecor.com	exey.io
1	fonts.googleapis.com	exey.io
1	exe.io
108	32

This site contains links to these domains. Also see Links.

Domain
pubfuture.com

Subject Issuer	Validity	Valid
exe.io Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-14` - `2023-03-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.pubfuture.com Amazon	`2022-06-23` - `2023-07-23`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
nh.eugeniecor.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2021-08-17` - `2022-09-18`	a year	crt.sh
mworkh.buzz Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-17` - `2022-07-16`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
in-page-push.com R3	`2022-05-14` - `2022-08-12`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
cdnativepush.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.h12-media.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-17` - `2022-10-18`	a year	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-01-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://exey.io/ZuS2jk
Frame ID: 8F9063BDFECB043A2C93FA09F4239E4D
Requests: 91 HTTP requests in this frame

Frame: https://mworkh.buzz/eHVrMWMZFwhcXBlICRcWChlWFFE+UFl3B0lMWUNWFE1TRhEWElwfABQaHlUFChoFRU0WEB8UUT4fJHZaSRcvXQE5Nxh6IRMCLHQ1PTcoXVI5LQwBBjokMnU1SB04dg9BLQhzCDUtWUk0KyQuZjspIw1kFDosPVYLMSYHSTQ8MANVK0keJ3dSPTsjWRA+NFp4JT83DH0wPgIodBsQIT90CDkxOmM1OTRTdzUuJCRkJU1QWXcnLTMtYjILPDlGKj4jWkYiOR1TUiAUTQl2IQ8+MwExGzMcWSgqHF9SIBRNKHM1Gzo8ACEeEBMAByonOmEnPS86aQQULyNGTi00M3RbMzMcVTIsMBt5KB8CJ2YlDBMvSVIcJz5jMC03GGgiOgIgfSU6EChnMj89DFoAOxlTYiAuBT9wJQA/KEYENT05BDQuJBtgOxZNIWlTIjYoYzkZJz1eKT4ZG3YwKQYieSEpPjx0DD8gLQRGSjMvZxs7JAxeLCskKWMgOVMBQgwWBVZeUBY9HUhQLRs
Frame ID: A16797F2C2F1D13D131EFD3D0D0401B0
Requests: 2 HTTP requests in this frame

Frame: https://mworkh.buzz/RkNLUGUnISg9Wid+KXYQNC92dVcAZnkWAXd6eSJQKntzJxcoJHx+BiosPjQDNCwlJEsoJj91VwA3GT0zdSF7aAkFKyAaBgIKBhVUDHAtPB0CFSUkAgI0GhEsEhkSHB8TDigpAhACMgUgEwEsNSkFMHoFNzVyAjwNDhAYHQsFOwkDBBUOBxYjDGZ5EjwHEh8UPQw6GicoIAoIYTwHAgI/KzEGKhMxNTAOBiAnDyUjLAEBHj0uISgcAwt2Ah4WCSAiJQIzHjssPS4HBhIXIT4pHWAGBAx5Hj0Ucn51VwAiDQY2HgJ6OjN2IBIaDC4XGmAVfgEOEiMeOS8nMBBufhsDHhoOEh1+KQIoLBUHGAETAxUBNCYeDRwBIAB7KBUnABt5MxECEgYTLHQNEx4gNnovNw4jAQggDxBzKBkuLxYEFyAcMi8WMBMBMWAVBQEBGwMXAR4CVD4rLzsRBRt4PFcVcwEzBCgRHRIkcjMBKAYjECVgJBMGGQk8HhUfBTc2Oi8nQywwJD4VexsRE1ALISc6J3MsOjMIFg
Frame ID: DC2887E4E6D2CE305A2E551283CCAF98
Requests: 2 HTTP requests in this frame

Frame: https://mworkh.buzz/OHVLc1dZFygeaFlIKVUiShl2VmV+UHk1MwlMeQFiVE1zBCVWEnxdNFQaPhcxSholB3lWED9WZX4gLjU4DRAcRzV2IygVAmkCMSsCaiIfNDx0IXpKMnUwJCQWeR0lERVfPg4hI180ChsZXjB7NxRTIzo7L20lDRlnfS08AAB3JBk6BHoebkEVb0UZEg9RTBIhFnUtAjUWbjQjH3IKMwgJblojJhw0a0R+IhtuNBMwP1sBGB8vWyYPIRlgMzM6Nk8ZEys7CQUuQi9bJghCBn5EIz4xTxp8IGdIBBomblkgE0sbayRzOhxUICg0BQhBHhsWWS0cG3IKMx81ZmgRCl4naCZ7AyZ9JwI0E3wRHSsRT0ItBCNyNCM2L2AzMxAEfEQoNDBtLSgLL3QtIwAuaw0SNx9gTQcjZgE8KiEzciQOQiZ8RScyA28eKCBmDDkEQm9hPQk1cgozCAluWiZ5Qw9rGSMWG08nAlU9SxolA2ptFC8aFmEMLUY
Frame ID: 942A83390557510CC2AA8E328E55F15D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Frame ID: DE4E1D837156AAA7C0A7154E49790390
Requests: 8 HTTP requests in this frame

Frame: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222001%3A1af8%3A4020%3Aa034%3A9876%3A%3A14%22%2C%22adtype%22%3A%22responsive%22%2C%22adformat%22%3A%22standard%22%2C%22pubid%22%3A%2209c02fc89b6d8063ad17a57bcf09d10b%22%2C%22adunitid%22%3A%2225356%22%2C%22topurl%22%3A%22https%3A%2F%2Fexey.io%2FZuS2jk%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22a3yrhma5sed%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A6%2C%22hourofday%22%3A18%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3Anull%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1200%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B800%2C499%5D%2C%22maxwidth%22%3A300%2C%22maxheight%22%3A1200%7D&rnd=0.03128918638271028
Frame ID: 595A9D7C28F1561B92CB4CC0787CCD52
Requests: 1 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Frame ID: BD7C45CA25077A695CDC6029FC08FF5F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Page URL History Show full URLs

https://exe.io/ZuS2jk Page URL
https://exey.io/ZuS2jk Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

108
Requests

97 %
HTTPS

63 %
IPv6

26
Domains

32
Subdomains

31
IPs

5
Countries

1778 kB
Transfer

8130 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pubfuture.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://exe.io/ZuS2jk Page URL
https://exey.io/ZuS2jk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ZuS2jk Show response
exe.io/ 196 B
974 B 397ms
329ms Document
text/html 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exe.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5aa000fd5d0aa4199437da67fc8661dbb19414d5e5257525ea2177b9c35a3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7282fb747e359195-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 18:04:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Fi07xEPF1frxdIJVEWOU5TpreLwN6NIwdSZCYpKsuwRk2eC6bKgt5nF3XXkvFxeohTG1ORpIqIdkLHffkxUw%2BFrkADFXKgHAItUFUFfkaapLse5Xl5elEzA1X1gSJ1op5pD8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request ZuS2jk Show response
exey.io/ 127 KB
48 KB 810ms
756ms Document
text/html 2606:4700:20::ac43:46a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09d906a27c640c8fe862b19b5b3938e0f3e1033f94071155415e1229e48cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exe.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7282fb76f8606913-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 18:04:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVn9mBhexqpIhPtQo80dVPfXTEU%2BFnkv4ubjGOQMcbEqxE0uDt6vp9tkdYF0Lg8%2BjEKfTvCRD2xDfVJD%2FXOBhmojjYanpTWj%2FwqC0CFkRt254Se23fzjq6uvtCZWp1ifhZU62cE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 83ms
31ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f259e1ac72c23752a935508137a234c6411c9abe1f04f9d951003ca60241cdb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 16:14:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 18:04:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 18:04:29 GMT

GET
H2 200 continue.css
exey.io/css/ 179 KB
41 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::ac43:46a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/css/continue.css

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/ZuS2jk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590752
cf-polished: origSize=211643
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 17:25:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq97HpmcLZ2RSfdvxqf2UFvClAVi0aBSCIjiUg6XYsGfOii7LK5DdYYY430ezSi0j%2BF7zv6F6%2B3%2BQnxUzzN1swVGtoc1fXvJL7%2Fgg%2FQ6ETSLMQ3JvuuEKXR5vhhBCclVdqfjr0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7282fb7bca306913-FRA
expires: Mon, 01 Aug 2022 21:58:37 GMT

GET
H2 200 nr.js Show response
exey.io/js/scripts/ 186 B
525 B 32ms
31ms Script
application/javascript 2606:4700:20::ac43:46a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/js/scripts/nr.js

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26bbadf324d400b12bea32f232b42870889357c483db6c1c4b1baa0202a41539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/ZuS2jk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590752
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Thu, 06 May 2021 10:32:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By2%2FplXp%2FDpwCYc0jIpAe7NAB1bd2mzQoUI%2F0QZVVK%2BaBzsxg6D%2BxikIN7ABLRKheKPD4HQxVOO7%2F1ijGi4J6KE%2BrgWbgIlF98hIYMeKirwwcX7cEt9%2FFVNYQ9YSsYTFOWNUiks%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7282fb7bca346913-FRA
expires: Mon, 01 Aug 2022 21:58:37 GMT

GET
H2 200 623444fe30482400586261c9.js Show response
platform.pubfuture.com/v1/unit/ 3 KB
2 KB 324ms
102ms Script
application/javascript 52.22.197.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.pubfuture.com/v1/unit/623444fe30482400586261c9.js?v=2

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.197.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-197-162.compute-1.amazonaws.com

Software

Resource Hash

4a1d4d06cefd96b2a94b54e21240a9d92ed493c9c13aacd786d5968b43554c49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
etag: W/"a3f-SjjsmxSxeIp+3gJy385/FXFqH/4"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 / Show response
d192r5l88wrng7.cloudfront.net/ 350 KB
114 KB 259ms
192ms Script
text/plain 2600:9000:2491:4200:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e6fb4675d7e5525b2007e5e8c8bdedcce258ee46495f513069de729bd923705d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 115999
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-id: ZzShHopDf-6OMul2Uom6yk95fIKmqoEggn3XMCgBbiC5lODt5R43LA==

GET
H/1.1 200
OK 29529 Show response
nh.eugeniecor.com/1clkn/ 6 B
1 KB 118ms
17ms Script
application/javascript 23.109.82.10
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://nh.eugeniecor.com/1clkn/29529

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.10 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:04:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 83ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9f694ed1110800e53353af83768f26eaafad92e76ad36c4c6b9b89c09ef2ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40394
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:04:29 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-exey-io/ 22 KB
5 KB 69ms
25ms Script
text/javascript 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f7d4f42baa577a800275b680c4d1ca72d2caccb67f2e6eff02a7574782f748

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1607
x-cache: HIT
vdo-server: Tag1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 18201159 16971676
last-modified: Sat, 09 Jul 2022 17:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd6jm8tLwxdX2e6o6OaIKHOtUevfFxb5d5tunsRen%2FiBhhvGZmcfreS%2BjrTiDqDx%2FeOE5BS%2BEAvzKmcGp%2FZQhosiOmB7HFG1EjB5PkvdJBTodMdUil%2FWdCmKXHhU8Tije2IF5KYcrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 7282fb7c8c15b98e-AMS

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 85ms
31ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exey.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 412340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 23:32:09 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v29/ 17 KB
18 KB 122ms
70ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738161904fe560fd83c26e301998e35ac1e87cb40bebd4b190a5f141309d40b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exey.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:07:27 GMT
x-content-type-options: nosniff
age: 431822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17816
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:26:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 18:07:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-39

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50e01ebd2b1a2621b770465f8ca3504cdb80756cc9b4ddcf10ab4a98c3afb9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40379
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:04:29 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 303ms
96ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:29 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 13 KB
2 KB 90ms
43ms XHR
application/json 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=exey.io%2FZuS2jk&tag=v-exey-io&domain=exey.io
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4772c001166de7d53729446ac3a13940db38076fec517cdd8e205d12ae6542

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r85gb26mvmCKs9mBCF50F4mpmd%2Boi84aES0MUJxmsgsAiNjQDpZowQpXyMpblXGMkZ2hkL21c4R5mflL65DbtRskAAL1xtm6nCnYzR3x4xPynOdiTr1KmFkK12k0s1HExx6sPZOSI3EqXjjheCiH"}],"group":"cf-nel","max_age":604800}
cf-ray: 7282fb7d0a60b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3578
date: Sat, 09 Jul 2022 17:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 19:04:51 GMT

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 409 KB
127 KB 64ms
44ms Script
application/javascript 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77ea64e4eef31754ebbd1ee6ff2dd7908ba20f2da4811aa205778529dadb052

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1631
cf-ray: 7282fb7d89a30b43-AMS
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 11:08:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GofZqcVEKTZHGVtR0ejl720LbN6x4R73Q%2FtoWCG772eD%2FnQEjYS0G3JBlusMZGbJzqBfSXkvyWRENiB4VakRXfeoOejxGFYEPPidskNKUMSkuEdjPgtkgRYj%2BAqVXlbX5KO%2FiJ43Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 35146774 28284636
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 373 KB
125 KB 97ms
39ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-exey-io/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127042
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:04:29 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 85ms
28ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2363
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 17:25:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTvj1D%2FAPG8iSc5fquItxYCPHURWzRhSrT29vzkeOQoRBxwSsMF0NLC19UEq3UaUyY8uDeMjvfN6Ja3HDtZlFRJNPQ8Yi6nXnSS21TUiQOMGADv07c%2BcgVQiD9OBj0%2BMznuMP3BoUPjr3cpn"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://exey.io
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7282fb7e0a7d90fa-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
367 B 191ms
134ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffebbe92011a267ac25a89a3af8a118c00e61b69eb54fe47df21f46a4cdaa10b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdTZ1HvpxbuuCPBW103DB%2BsZ%2FVC4Wxza0qIQxh3hXMrWim5oSkam2pE%2FPrsqu%2BpmTIRU7P%2F4qmNkprvalHHx1%2BTjuuMSXcSDGKVPbrk3aBapuq67E62yZVJJHqx4aPdk7xThIVJdYzeklLXS"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7282fb7e0a7f90fa-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mworkh.buzz/ 0
485 B 165ms
111ms XHR
text/plain 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mworkh.buzz/utx?cb=7qSAkczxrMiJ&top=exey.io&tid=822524
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-76.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: U09bTxHI97yjrgSzffu9xfTOGJQzBRxbSq6M4GAWHxfvKhWkvy0I0Q==

GET
H2 200 KEYENT05BDQuJBtgOxZNIWlTIjYoYzkZJz1eKT4ZG3YwKQYieSEpPjx0DD8gLQRGSjMvZxs7JAxeLCskKWMgOVMBQgwWBVZeUBY9HUhQLRs Show response
mworkh.buzz/eHVrMWMZFwhcXBlICRcWChlWFFE+UFl3B0lMWUNWFE1TRhEWElwfABQaHlUFChoFRU0WEB8UUT4fJHZaSRcvXQE5Nxh6IRMCLHQ1PTcoXVI5LQwBBjokMnU1SB04dg9BLQhzCDUtWUk0KyQuZjspIw1kFDosPVYLMSYHSTQ8MANVK0keJ3dSPTsjW... Frame A167 3 KB
2 KB 142ms
112ms Document
text/html 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mworkh.buzz/eHVrMWMZFwhcXBlICRcWChlWFFE+UFl3B0lMWUNWFE1TRhEWElwfABQaHlUFChoFRU0WEB8UUT4fJHZaSRcvXQE5Nxh6IRMCLHQ1PTcoXVI5LQwBBjokMnU1SB04dg9BLQhzCDUtWUk0KyQuZjspIw1kFDosPVYLMSYHSTQ8MANVK0keJ3dSPTsjWRA+NFp4JT83DH0wPgIodBsQIT90CDkxOmM1OTRTdzUuJCRkJU1QWXcnLTMtYjILPDlGKj4jWkYiOR1TUiAUTQl2IQ8+MwExGzMcWSgqHF9SIBRNKHM1Gzo8ACEeEBMAByonOmEnPS86aQQULyNGTi00M3RbMzMcVTIsMBt5KB8CJ2YlDBMvSVIcJz5jMC03GGgiOgIgfSU6EChnMj89DFoAOxlTYiAuBT9wJQA/KEYENT05BDQuJBtgOxZNIWlTIjYoYzkZJz1eKT4ZG3YwKQYieSEpPjx0DD8gLQRGSjMvZxs7JAxeLCskKWMgOVMBQgwWBVZeUBY9HUhQLRs
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-76.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ba27b3a742045ec82bf7f6bec7fabf884aed94f52529b5403029f8feaa060fa7

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1226
content-type: text/html
date: Sat, 09 Jul 2022 18:04:29 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-id: tByjmJOisw_Ex7AEyX7NoUJ9ZB0fL8aUAsfyhFsoOkzjmIoUZbzdng==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 91ms
60ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2363
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 17:25:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVaHdxbofmMbYANPobU3ERfGLup6KYuNh0BaJfPlyz30B0PjgHUe5RZkF4E7KMX4pIu0jRysgSCDPDAlMN4zB%2FAKXIiofeZywmcNEJ%2BCqkwlHfcKJSJ0GBqdKUIKQY7J1zilreMgABDXsAKU"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://exey.io
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7282fb7e0a8190fa-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
390 B 148ms
117ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b209e97178a0ca34395222579977c724b945e4a470024450bc48ef1811a386

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfIFlhUaijyUHDHPci5uowVp0TwWFB%2B%2BhwaZKCHb7gS6dV%2BFzfwZ%2B5EtpWO2K4h4Bcty3ZgKsVtbM7X%2BBSSd1KUzcYqkoYYTTfS2%2BfVD2PCrEiMPfQUUI71lU3yYZ1CkIQcPTnM%2FH4zmYG7%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7282fb7e0a8290fa-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mworkh.buzz/ 0
484 B 142ms
114ms XHR
text/plain 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mworkh.buzz/utx?cb=OtQTRi7sDupo&top=exey.io&tid=889494
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-76.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: Nic0Ef-LyeS1CTQf33PP1Mo5APvmoNkX64_VSfHD74DqBxbgVJYxNA==

GET
H2 200 KzEGKhMxNTAOBiAnDyUjLAEBHj0uISgcAwt2Ah4WCSAiJQIzHjssPS4HBhIXIT4pHWAGBAx5Hj0Ucn51VwAiDQY2HgJ6OjN2IBIaDC4XGmAVfgEOEiMeOS8nMBBufhsDHhoOEh1+KQIoLBUHGAETAxUBNCYeDRwBIAB7KBUnABt5MxECEgYTLHQNEx4gNnovNw4jA... Show response
mworkh.buzz/RkNLUGUnISg9Wid+KXYQNC92dVcAZnkWAXd6eSJQKntzJxcoJHx+BiosPjQDNCwlJEsoJj91VwA3GT0zdSF7aAkFKyAaBgIKBhVUDHAtPB0CFSUkAgI0GhEsEhkSHB8TDigpAhACMgUgEwEsNSkFMHoFNzVyAjwNDhAYHQsFOwkDBBUOBxYjDGZ5E... Frame DC28 3 KB
2 KB 129ms
114ms Document
text/html 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mworkh.buzz/RkNLUGUnISg9Wid+KXYQNC92dVcAZnkWAXd6eSJQKntzJxcoJHx+BiosPjQDNCwlJEsoJj91VwA3GT0zdSF7aAkFKyAaBgIKBhVUDHAtPB0CFSUkAgI0GhEsEhkSHB8TDigpAhACMgUgEwEsNSkFMHoFNzVyAjwNDhAYHQsFOwkDBBUOBxYjDGZ5EjwHEh8UPQw6GicoIAoIYTwHAgI/KzEGKhMxNTAOBiAnDyUjLAEBHj0uISgcAwt2Ah4WCSAiJQIzHjssPS4HBhIXIT4pHWAGBAx5Hj0Ucn51VwAiDQY2HgJ6OjN2IBIaDC4XGmAVfgEOEiMeOS8nMBBufhsDHhoOEh1+KQIoLBUHGAETAxUBNCYeDRwBIAB7KBUnABt5MxECEgYTLHQNEx4gNnovNw4jAQggDxBzKBkuLxYEFyAcMi8WMBMBMWAVBQEBGwMXAR4CVD4rLzsRBRt4PFcVcwEzBCgRHRIkcjMBKAYjECVgJBMGGQk8HhUfBTc2Oi8nQywwJD4VexsRE1ALISc6J3MsOjMIFg
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-76.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 74124c01d92d14d19e8e4fe81272345920f1d902bd5a5e23b18bf12b0a713d98

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1241
content-type: text/html
date: Sat, 09 Jul 2022 18:04:29 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-id: 7OYoPmjCmThzoHnWFSchA27hxYWtcV3u4UoeBfAsEBuZ4WfUOFgX8Q==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

GET
H2 200 OHVLc1dZFygeaFlIKVUiShl2VmV+UHk1MwlMeQFiVE1zBCVWEnxdNFQaPhcxSholB3lWED9WZX4gLjU4DRAcRzV2IygVAmkCMSsCaiIfNDx0IXpKMnUwJCQWeR0lERVfPg4hI180ChsZXjB7NxRTIzo7L20lDRlnfS08AAB3JBk6BHoebkEVb0UZEg9RTBIhFnUtA... Show response
mworkh.buzz/ Frame 942A 3 KB
2 KB 123ms
115ms Document
text/html 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mworkh.buzz/OHVLc1dZFygeaFlIKVUiShl2VmV+UHk1MwlMeQFiVE1zBCVWEnxdNFQaPhcxSholB3lWED9WZX4gLjU4DRAcRzV2IygVAmkCMSsCaiIfNDx0IXpKMnUwJCQWeR0lERVfPg4hI180ChsZXjB7NxRTIzo7L20lDRlnfS08AAB3JBk6BHoebkEVb0UZEg9RTBIhFnUtAjUWbjQjH3IKMwgJblojJhw0a0R+IhtuNBMwP1sBGB8vWyYPIRlgMzM6Nk8ZEys7CQUuQi9bJghCBn5EIz4xTxp8IGdIBBomblkgE0sbayRzOhxUICg0BQhBHhsWWS0cG3IKMx81ZmgRCl4naCZ7AyZ9JwI0E3wRHSsRT0ItBCNyNCM2L2AzMxAEfEQoNDBtLSgLL3QtIwAuaw0SNx9gTQcjZgE8KiEzciQOQiZ8RScyA28eKCBmDDkEQm9hPQk1cgozCAluWiZ5Qw9rGSMWG08nAlU9SxolA2ptFC8aFmEMLUY
Requested by: Host: d192r5l88wrng7.cloudfront.net
URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-76.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 7814541ca4a2c3b3b4f0db91d73a16278826880c747626c31a509dc17c0fe493

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1207
content-type: text/html
date: Sat, 09 Jul 2022 18:04:29 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-id: _vlGLbxj-Dy74JUWnyteM87DqkHAhPHJ4A4d2HFLD2DPkiYGYySr0A==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

GET
H2 204 OFhNYTEXZy4SDHYNIhtkfTsMAlZuNCkwf0IaICcUChoMD1p8AX4sF0wxKVwJCmp4UwUeKCQFDAl+PhVQTC0+XAAeMSMHXgV+O1wAFmt5TwMPdnxHRAVpaxVBWT9wUBdILDkNDAlueFYCAGF1VwgPaH0
nedukeratio.lol/ 0
493 B 187ms
119ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/OFhNYTEXZy4SDHYNIhtkfTsMAlZuNCkwf0IaICcUChoMD1p8AX4sF0wxKVwJCmp4UwUeKCQFDAl+PhVQTC0+XAAeMSMHXgV+O1wAFmt5TwMPdnxHRAVpaxVBWT9wUBdILDkNDAlueFYCAGF1VwgPaH0
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CV%2B2iMu5q92Z7wcAQvOxVY0360qu4IEt2LS6Pk2y%2FX%2B68izOp9HiVgL%2BkM4663n0OAZQbeobvl3YwvG2qclGyjo2PIk5lI4nNiottTPIw3BNeJi1pdloDyH4pjCz2GjjMseTvEqk9e4NFs5JJyc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7282fb7e6f759010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 148ms
83ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 153ms
72ms Image
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 195ms
114ms Image
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 204 bUVnQXRCegQySQ4SDxU5XXQuFiMOBwEEPgwkAA9RXwc1LQAHBz8yUhksA3xMVXxTeEBLNQ4lSVxjFDUVGTAUfEVLLAknG1BjEXxFQ3ZTb0Zaa1ZnAVB0QTUEDCJacFIdMRMtSVxzUnZHVXxfd01ad1M
nedukeratio.lol/ 0
267 B 191ms
124ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/bUVnQXRCegQySQ4SDxU5XXQuFiMOBwEEPgwkAA9RXwc1LQAHBz8yUhksA3xMVXxTeEBLNQ4lSVxjFDUVGTAUfEVLLAknG1BjEXxFQ3ZTb0Zaa1ZnAVB0QTUEDCJacFIdMRMtSVxzUnZHVXxfd01ad1M
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqUODxkTEs5JSeTLSzeH2lFCZR%2FrpQrMSHQ9X%2Fd%2BiahkhPej1uXcfJydILOQCgpslIcjR2S8enyVKPyY3a7WOF0%2FsGMJOqhzkzYo8zSCIHc8gfa0glK0DBLGt%2B3c701BQUBZtI6TFOsu%2FEc%2BBOU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7282fb7e6f779010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 NFRhOHQbawJLSVU5CVAtTgIFYEV+BiBuOlABUHE3bGUnYCJTGUdMHVBpWQxHBmJQHgRdMFwJTBInFVkAQSdcCVJdOgdXSRIiXAlaBHpQFkYSIVwJUkAkAF9JBXIRTABYaVAOQQNnWQFMAm1WC0M
nedukeratio.lol/ 0
262 B 196ms
129ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/NFRhOHQbawJLSVU5CVAtTgIFYEV+BiBuOlABUHE3bGUnYCJTGUdMHVBpWQxHBmJQHgRdMFwJTBInFVkAQSdcCVJdOgdXSRIiXAlaBHpQFkYSIVwJUkAkAF9JBXIRTABYaVAOQQNnWQFMAm1WC0M
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOalN9cS4SOmyN4Pd09YLBCNiLo%2Bj%2F85b1RIsfLL%2FA6Qu%2FkBg74W81xhrs%2F43Zsuv9BvRURO29D6yAsAaQOmXs%2FLwGtcfOG04IIsIRJs9ex6sI9baYyKkAwpJjxZeMSgtinw1hYCuDRl2fHXj98%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7282fb7e6f789010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
d192r5l88wrng7.cloudfront.net/ 350 KB
114 KB 239ms
187ms Fetch 2600:9000:2491:4200:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/?rwlrd=822524
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 938d7b3cc78bd28549d0b16a00dc1849597936a8ba9f8838c1455cd259851577

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 116002
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-id: yWl1zPV57OnWTGcCo9TlVGskg7YmIZNvh0kBcYsNFTrs6bbOb3EFmg==

GET
H2 200 3230648 Show response
in-page-push.com/400/ 78 KB
30 KB 92ms
36ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/3230648

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4ee5aa2f1e65270826ba67f1b98153bda3e23ebd377001e3e9cfca9023c1b2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 7c04777cef98d40c39d26fd16751e080
pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
39 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d176a43d5dea12d889c221d9bf5e43a5a9b15227d068466614ce164b3579ab72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40412
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:04:29 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 86 KB
33 KB 76ms
32ms Fetch
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ca146cff795418c1014e7cac0e9a865892ece80438ec14e23a3dfdf4142f02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://exey.io
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34166
x-xss-protection: 0
expires: Sat, 09 Jul 2022 18:04:29 GMT

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 81ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Origin: https://exey.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3274076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmu0nrnaoBzdcKFED%2FAnpF7b0kXcOoenIgdsiOwizDw%2Fpww6qyAQijDBdnJURF%2BXZR5N4zFOL8RTX4cD3QrZdelbAPnNGPjHdzDTQMjNTs1xrA7497gVKI6bU%2BE0sDs8Qa3iLmDA%2FDWvhxvbgfYw0SFn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7282fb7e9d216933-FRA
expires: Thu, 29 Jun 2023 18:04:29 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1049023585&t=event&_s=1&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=v-exey-io&_u=YEBAAUABAAAAAC~&jid=211621006&gjid=1926493825&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&_r=1&gtm=2ou6t0&z=1910039334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exey.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
21ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=timing&_s=2&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_allowed_url.php&utl=v-exey-io&utt=102&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=511985955

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4415
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
27ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1049023585&t=pageview&_s=1&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABCAAAAC~&jid=1344843279&gjid=770873335&cid=2073424601.1657389870&tid=UA-135952122-1&_gid=1978306700.1657389870&_r=1&gtm=2ou6t0&z=328175321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 18:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exey.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=timing&_s=1&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.min.js&utl=v-exey-io&utt=183&_u=QACAAUABC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=898724734

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4415
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK geo Show response
ghb.adtelligent.com/ 149 B
412 B 419ms
88ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo
Requested by: Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/623444fe30482400586261c9.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7fb8c5b7c7311dec2ddc0898d397e6e674053049ffba7a1f17b9eee28fd173ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:04:29 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://exey.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 149

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=timing&_s=2&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_ima3.js&utl=v-exey-io&utt=223&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1035602727

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4415
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 96ms
96ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:29 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 651 KB
180 KB 49ms
48ms Script
application/javascript 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1628
cf-ray: 7282fb7f0b4e0b43-AMS
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 13:25:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHKUBeo%2B8RJiJuEyb75dntZfoX9z5XBROQ41XekAL0ALi%2F%2FOFfFLrzp%2Fe8aA5XIEz8zIoojyPoLkc4N0Wjhhw38lXZdG%2FOv10zdQG9Wd7tt0ACUr%2BG1QGAFOnYa%2BL4z3ddx16pVBCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 33279861 426026
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v6.24.1.js Show response
a.vdo.ai/core/assets/ 466 KB
131 KB 34ms
33ms Script
application/javascript 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbc9719c72a462df357c3a5209f268d45cd45cc7270c682ebf5724c97cb7364

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1628
cf-ray: 7282fb7f0b510b43-AMS
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Jun 2022 14:09:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TATC7wAGH2vypX4u1CaGfD4OIn6BRU4zbffc7fGVWvTq3Mb1MeHVyQXkwMrRMHTyHKsRkYQ2ycfX0QQ3W%2FGbNm2oDgqs703evpq28Qgt%2BOLwe%2BZccw01KHrorsFLs72Ew0TXWWOyEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 33543763 196664
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=pageview&_s=3&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1381035194

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4415
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=4&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=2044659726

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4415
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DVxCQgoOSQBRCA Show response
d192r5l88wrng7.cloudfront.net/jOG91bDlbABsKBkwGEVEBCl1AXg0eBQYDV0hSGl9XcBkMX2xWSQEWXQVfUwBYVghISlxWDEhdH1kLF1ENHhsFA1IFGBgLSFwCExhTTEkADQRVAA8FVVQOUF5/DUFFSQsIRwIFV1wAAh8cCl8bGBwKX0RcFwhKRi4cCl8CBV... Frame A167 681 B
784 B 168ms
168ms Script
text/plain 2600:9000:2491:4200:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/jOG91bDlbABsKBkwGEVEBCl1AXg0eBQYDV0hSGl9XcBkMX2xWSQEWXQVfUwBYVghISlxWDEhdH1kLF1ENHhsFA1IFGBgLSFwCExhTTEkADQRVAA8FVVQOUF5/DUFFSQsIRwIFV1wAAh8cCl8bGBwKX0RcFwhKRi4cCl8CBVcOW1Bfex1dRRQPDEZQXglZHw-UAXE8KFwdQTEpHKgwLWFtfDx1dRURSUBsYABwKLFBeCVQGHgkcCl8SCVpTAFxJCwgMHR5WVQpQXn8JX0ZCCRZaRVoJFlpGSQsIHBQKWEoGUF5/DVxCQgoOSQBRCA
Requested by: Host: mworkh.buzz
URL: https://mworkh.buzz/eHVrMWMZFwhcXBlICRcWChlWFFE+UFl3B0lMWUNWFE1TRhEWElwfABQaHlUFChoFRU0WEB8UUT4fJHZaSRcvXQE5Nxh6IRMCLHQ1PTcoXVI5LQwBBjokMnU1SB04dg9BLQhzCDUtWUk0KyQuZjspIw1kFDosPVYLMSYHSTQ8MANVK0keJ3dSPTsjWRA+NFp4JT83DH0wPgIodBsQIT90CDkxOmM1OTRTdzUuJCRkJU1QWXcnLTMtYjILPDlGKj4jWkYiOR1TUiAUTQl2IQ8+MwExGzMcWSgqHF9SIBRNKHM1Gzo8ACEeEBMAByonOmEnPS86aQQULyNGTi00M3RbMzMcVTIsMBt5KB8CJ2YlDBMvSVIcJz5jMC03GGgiOgIgfSU6EChnMj89DFoAOxlTYiAuBT9wJQA/KEYENT05BDQuJBtgOxZNIWlTIjYoYzkZJz1eKT4ZG3YwKQYieSEpPjx0DD8gLQRGSjMvZxs7JAxeLCskKWMgOVMBQgwWBVZeUBY9HUhQLRs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72f179f1c803ca49ddb20237bdf8dda625870f01447490db5484099f6e055809

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mworkh.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 507
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-id: DsW-Wa1Dx7uc80xjkhkRliXFNdlHtXfvT08HaIDW3JVUHcaqHmX0Og==

GET
H2 200 aFVSXA1jV0cYJihTQ0p8BEBFXzdwUV-5KfXYEBx8jIxISDSQvEVJdCXNWQEF8cEBFX2ctDQMCI2NXNEp9dgkeBCpjV0cIKiUOGEZqdFUUBz0pCBJKfQBUR1xhdktCX3l2S0JcanRVBA4pJxceSn0AUERYYXVTURpydw Show response
d192r5l88wrng7.cloudfront.net/tRmV3b08lChkJcDIME1J3flxDVntgDwQAITZYLzUMcygVAyUEUBgeLCs1URs1IlhHSSMnCxBSaSMLFFJ+YAQTDXJyQwMfIC1YAAIoNwEaCTssEVEaLnsIGBUmKgkWSn0AUFlfanRVXxgmKAEYGDxjV0cBO2NXR15/ Frame DC28 855 B
886 B 180ms
180ms Script
text/plain 2600:9000:2491:4200:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/tRmV3b08lChkJcDIME1J3flxDVntgDwQAITZYLzUMcygVAyUEUBgeLCs1URs1IlhHSSMnCxBSaSMLFFJ+YAQTDXJyQwMfIC1YAAIoNwEaCTssEVEaLnsIGBUmKgkWSn0AUFlfanRVXxgmKAEYGDxjV0cBO2NXR15/aFVSXA1jV0cYJihTQ0p8BEBFXzdwUV-5KfXYEBx8jIxISDSQvEVJdCXNWQEF8cEBFX2ctDQMCI2NXNEp9dgkeBCpjV0cIKiUOGEZqdFUUBz0pCBJKfQBUR1xhdktCX3l2S0JcanRVBA4pJxceSn0AUERYYXVTURpydw
Requested by: Host: mworkh.buzz
URL: https://mworkh.buzz/RkNLUGUnISg9Wid+KXYQNC92dVcAZnkWAXd6eSJQKntzJxcoJHx+BiosPjQDNCwlJEsoJj91VwA3GT0zdSF7aAkFKyAaBgIKBhVUDHAtPB0CFSUkAgI0GhEsEhkSHB8TDigpAhACMgUgEwEsNSkFMHoFNzVyAjwNDhAYHQsFOwkDBBUOBxYjDGZ5EjwHEh8UPQw6GicoIAoIYTwHAgI/KzEGKhMxNTAOBiAnDyUjLAEBHj0uISgcAwt2Ah4WCSAiJQIzHjssPS4HBhIXIT4pHWAGBAx5Hj0Ucn51VwAiDQY2HgJ6OjN2IBIaDC4XGmAVfgEOEiMeOS8nMBBufhsDHhoOEh1+KQIoLBUHGAETAxUBNCYeDRwBIAB7KBUnABt5MxECEgYTLHQNEx4gNnovNw4jAQggDxBzKBkuLxYEFyAcMi8WMBMBMWAVBQEBGwMXAR4CVD4rLzsRBRt4PFcVcwEzBCgRHRIkcjMBKAYjECVgJBMGGQk8HhUfBTc2Oi8nQywwJD4VexsRE1ALISc6J3MsOjMIFg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 28c01c5a5b4ed8ccaffffbaaca2e24d6989f63395b49a5ce965825ee178e14ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mworkh.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 609
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-id: VgfrqosDzr9nPN_ebEQg61RPIZRwP5TaDS7n-lMpoObEA4HSpWtuGg==

GET
H2 200 Cz9bS20XSlheLwRI Show response
d192r5l88wrng7.cloudfront.net/UeFo5eW4bNVcfUQwzXURWTGkLT19eMEoWAAhnbBgKERtgAAhNfE0DCkVqHxUPFj0EXwsWOQRISBk+W0RaXi9YRAMXIFAVAhl/Cz9bVmocS15QLVAXChctSlxcSDRNXFxIawlXXl1pe1xcSC1QF1hMfwo7S0pqQU9aUX8LSQ... Frame 942A 173 B
453 B 170ms
168ms Script
text/plain 2600:9000:2491:4200:18:306b:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d192r5l88wrng7.cloudfront.net/UeFo5eW4bNVcfUQwzXURWTGkLT19eMEoWAAhnbBgKERtgAAhNfE0DCkVqHxUPFj0EXwsWOQRISBk+W0RaXi9YRAMXIFAVAhl/Cz9bVmocS15QLVAXChctSlxcSDRNXFxIawlXXl1pe1xcSC1QF1hMfwo7S0pqQU9aUX8LSQ8IKlUcGR04UhAaXWh/TF1PdA-pPS0pqERIGDDdVXFw7fwtJAhExXFxcSD1cGgUXcxxLXhsySxYDHX8LP19IaRdJQE1qD0lATWkcS14LO18YHBF/Cz9bS20XSlheLwRI
Requested by: Host: mworkh.buzz
URL: https://mworkh.buzz/OHVLc1dZFygeaFlIKVUiShl2VmV+UHk1MwlMeQFiVE1zBCVWEnxdNFQaPhcxSholB3lWED9WZX4gLjU4DRAcRzV2IygVAmkCMSsCaiIfNDx0IXpKMnUwJCQWeR0lERVfPg4hI180ChsZXjB7NxRTIzo7L20lDRlnfS08AAB3JBk6BHoebkEVb0UZEg9RTBIhFnUtAjUWbjQjH3IKMwgJblojJhw0a0R+IhtuNBMwP1sBGB8vWyYPIRlgMzM6Nk8ZEys7CQUuQi9bJghCBn5EIz4xTxp8IGdIBBomblkgE0sbayRzOhxUICg0BQhBHhsWWS0cG3IKMx81ZmgRCl4naCZ7AyZ9JwI0E3wRHSsRT0ItBCNyNCM2L2AzMxAEfEQoNDBtLSgLL3QtIwAuaw0SNx9gTQcjZgE8KiEzciQOQiZ8RScyA28eKCBmDDkEQm9hPQk1cgozCAluWiZ5Qw9rGSMWG08nAlU9SxolA2ptFC8aFmEMLUY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4200:18:306b:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b4d8e98025db1aea232b65d5313dc9653128353f29f20b30fa50afa1d1442578

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mworkh.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 177
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-id: a26SHxUq49tt4tHoURf92aIKywXJnO2VDfws-2dzJ4m8enpypu9rUA==

GET
H2 200 stattag.js Show response
tzegilo.com/ 49 KB
18 KB 95ms
29ms Script
application/javascript 2606:4700:3034::ac43:cdf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3230648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cdf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1080
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 09:20:35 GMT
server: cloudflare
etag: W/"62a1bb63-c24f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCD%2Bz0jfafHr%2FNDpWVHI%2Fivam5qO7QiPAtPsjnnuic%2BkS5aB4wlj7o2NSN99vBx%2FBEZqse3C5N1qCEybwM%2BtZ4LG3hTf%2FrUaeo9VSMe02LAjy1OXLqhA7qfgYMpAMLNxv%2FzAJv%2FC8unBzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7282fb7fdb169101-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 102ms
51ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

071404725633a55031a90aac1b637158dd67b9ab9f140100d22f8e69f9fdaed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 09 Jul 2022 18:04:30 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=timing&_s=5&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=v-exey-io&utt=121&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=167579011

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4416
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=timing&_s=6&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=v-exey-io&utt=135&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=2114047742

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4416
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 16560647582262b58af650e93.png
h5.vdo.ai/media_file/v-exey-io/source/uploads/thumbnails/ 686 B
1 KB 308ms
98ms Image
image/png 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.vdo.ai/media_file/v-exey-io/source/uploads/thumbnails/16560647582262b58af650e93.png
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: aa710163e37fe5d50f6684f5ec9a10ad1dd6487cb9e7102fe22520230c7bedb3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 18:04:30 GMT
Last-Modified: Fri, 24 Jun 2022 09:59:18 GMT
Server: nginx/1.16.1
ETag: "62b58af6-2ae"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 686
Expires: Sun, 09 Jul 2023 18:04:30 GMT

GET
H/1.1 206
Partial Content Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
h5.vdo.ai/media_file/v-exey-io/source/vhs/ 368 KB
0 386ms
191ms Media
video/mp4 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exey-io/source/vhs/Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://exey.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 09 Jul 2022 18:04:30 GMT
Last-Modified: Thu, 26 Mar 2020 14:03:24 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5e7cb62c-7353fbe"
Content-Type: video/mp4
Content-Range: bytes 0-120930237/120930238
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 120930238
Expires: Sun, 09 Jul 2023 18:04:30 GMT

GET
H3 200 bridge3.521.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DE4E 633 KB
204 KB 66ms
22ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089f8aca1b5c39d6b8675a682df4a0f209f14cf25082fa95217bce18930b0052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exey.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 438836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209264
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 16:10:34 GMT
expires: Tue, 04 Jul 2023 16:10:34 GMT
last-modified: Mon, 04 Jul 2022 16:05:25 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 18:04:30 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 97ms
97ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:30 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 23ms
22ms Image
image/svg+xml 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1627
cf-ray: 7282fb803c620b43-AMS
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9IPrvhrfiekus54isp1F%2Bx6neWoGXmFrstaxnQQc1iNb9FGh1tfweWGPyeunJUAN1eLrHAp96QWv0dtIAe86NtiUOE2E1DA6vFHn2y8tZDRc8%2BRE%2BJ0%2F17mBRF4oeMvfeSKrU8yOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 39553561 26799806
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
538 B 61ms
22ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

eeb7b0e2865e732578b5c15b0ec73790d3266529330a9b62e73b08d8ebe87402

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exey.io
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 95ms
95ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:30 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 191ms
96ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:30 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 283ms
95ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:30 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 284ms
96ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:30 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=7&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1790110813

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4416
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=8&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=555782514

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4416
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=9&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1704787456

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4416
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://exey.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0e7373c2/www-widgetapi.vflset/ 155 KB
50 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1758268a169457ec7c2601d5c148715d5442a9cf20a465ff05b42cc556aa2259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51437
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 09 Jul 2023 14:41:20 GMT

GET
H2 200 623444fe30482400586261c9.js Show response
platform.pubfuture.com/v1/config/ 4 KB
2 KB 102ms
102ms Script
application/javascript 52.22.197.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.pubfuture.com/v1/config/623444fe30482400586261c9.js?v=6&ip=MjAwMToxYWY4OjQwMjA6YTAzNDo5ODc2OjoxNA==&cc=Tkw=&c=&d=ZGVza3RvcF93aW5kb3dz&s=aHR0cHM6Ly9leGV5LmlvL1p1UzJqaw==

Requested by

Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/623444fe30482400586261c9.js?v=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.197.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-197-162.compute-1.amazonaws.com

Software

Resource Hash

f11b79639bbe3ce1ec637697a3cfed0147dfbd2ab7a68aecb4e1d69939b8bf50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
etag: W/"ea6-KvI/bMSKuUsmXZVJ6nopaWhE21c"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 3230648 Show response
in-page-push.com/500/ 1 KB
2 KB 20ms
20ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3230648?excludes=&oaid=b3ac6c287a624708ab40600592437952&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fexey.io%2FZuS2jk&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b625763b6a2911c384288416e4f5550eb5cade5dfbbc50849fe5f9061cb66c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: eb02080302422b6105a8b9066dcd845f
pragma: no-cache
date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
in-page-push.com/500/ Frame 0
0 47ms
17ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://exey.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exey.io
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 09 Jul 2022 18:04:30 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 53ms
15ms Image
image/png 139.45.197.153
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.153 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
last-modified: Thu, 01 Jul 2021 09:13:54 GMT
server: nginx
etag: "60dd8752-86d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2157

GET
H2 200 load2.js Show response
tags.h12-media.com/ 246 KB
91 KB 96ms
35ms Script
application/javascript 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/load2.js
Requested by: Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/config/623444fe30482400586261c9.js?v=6&ip=MjAwMToxYWY4OjQwMjA6YTAzNDo5ODc2OjoxNA==&cc=Tkw=&c=&d=ZGVza3RvcF93aW5kb3dz&s=aHR0cHM6Ly9leGV5LmlvL1p1UzJqaw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Willesden, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: a7caf58a0005929352fbc2bf21416247066139905f54a24b5a86b397e1fb25dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:29 GMT
content-encoding: gzip
etag: "5f7da0a48726d81:0"
last-modified: Sun, 20 Feb 2022 18:28:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 93219

GET
H3 200 popunder.gif
nedukeratio.lol/ 35 B
630 B 57ms
32ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/popunder.gif
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Sat, 09 Jul 2022 18:04:30 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 17:37:50 GMT
server: cloudflare
age: 347200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B734fqc6jtMjm3vQwf7kVrxfRizsgBuExrjcb9PUK5o1PniR7KOVLlcoCqk9pXcrQxu8iiCdS1jIi9AUPgCeNGk%2F7Wsw%2BJQ2f%2FaRTNs0kzvrPqpBog%2F5tw0uznEroNgQLM%2BIxNHDj7sD11LVvvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7282fb82a8ca8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l9blTCRKu0Ih_bZmWE6zPs3MXQ0iRumAktulPSPBexYcQ55dFQ_cKFb_5Qfh-CQR7F450Kb-3rLKJUNYUKJts1I009DbKFjr_va62x3sehEfhpvrPMhDbxp9Uqw9s88QxYvYx3mx870R3BiDpwR0c4l9QfNt7CtVS4ffPqnMf-bheSk3hPePo1INGGm9kyN27c5jI...
in-page-push.com/impression/ 43 B
421 B 16ms
16ms Image
image/gif 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in-page-push.com/impression/l9blTCRKu0Ih_bZmWE6zPs3MXQ0iRumAktulPSPBexYcQ55dFQ_cKFb_5Qfh-CQR7F450Kb-3rLKJUNYUKJts1I009DbKFjr_va62x3sehEfhpvrPMhDbxp9Uqw9s88QxYvYx3mx870R3BiDpwR0c4l9QfNt7CtVS4ffPqnMf-bheSk3hPePo1INGGm9kyN27c5jINwIZn1gw8RtZFXTeLHR6st1O3qNUROlHckqvI__ru5H4uWh0It9h1ABttajYcpZ1Ijo2UUP64xK_utD2qzh2CoKq1Y5iL1W9GRyIhJQAHNmtOayOmTUWmJsd2jSbQF0Lbx3wC2WUARA0gvMwsjVejPeGwYYSSzLnIwRSdtlQRJ_QKPxLVxUwWsjNgi0t6ZSX82_8OWnBjxB95Yd4kpGqoTDjH29FsSMCDfYoRUEKk6K_e4bi-rrquHCF-pRBQ-5muQJvUQ5cdh5fFtaS7x2SfIFT4S3H199KlIbR2M=?_z=3230648&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fexey.io%2FZuS2jk&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: a31011e57ae0ce8707583e999f8c43bb
pragma: no-cache
date: Sat, 09 Jul 2022 18:04:30 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 / Show response
f.h12-media.com/ 37 B
631 B 111ms
54ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f.h12-media.com/
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/load2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET, ARR/3.0
Resource Hash: 9a045c6ee1c9746bf198b3eb111200c7af11a90fabafe9adeb0bc43de5f492c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET, ARR/3.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aG2I8Fq5%2FtZ5kw7jDzTW5Lfq77vst0AfdoYPcjehiHETXQGuSoxdl8vChYUVT%2FRBaYHKCmK2cl%2FZ7kRO%2BP6EJSsqkeRubOFXiVWckRS2GABF%2BCe6b1uB09fPkeenfxlEEZDD%2FEmjl3Lmf7%2BTKgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600,private
cf-ray: 7282fb83ae359b7c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tags.js Show response
tags.h12-media.com/v3/ Frame 595A 608 B
821 B 44ms
44ms Script
application/x-javascript 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222001%3A1af8%3A4020%3Aa034%3A9876%3A%3A14%22%2C%22adtype%22%3A%22responsive%22%2C%22adformat%22%3A%22standard%22%2C%22pubid%22%3A%2209c02fc89b6d8063ad17a57bcf09d10b%22%2C%22adunitid%22%3A%2225356%22%2C%22topurl%22%3A%22https%3A%2F%2Fexey.io%2FZuS2jk%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22a3yrhma5sed%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A6%2C%22hourofday%22%3A18%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3Anull%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1200%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B800%2C499%5D%2C%22maxwidth%22%3A300%2C%22maxheight%22%3A1200%7D&rnd=0.03128918638271028
Requested by: Host: exe.io
URL: https://exe.io/ZuS2jk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Willesden, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 108c1ca17044885c018c5415136d926012a876bd4383b2a6d6a03216aedfdeaa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/x-javascript; Charset=UTF-8
access-control-allow-origin
cache-control: no-store,no-cache,max-age=0,private
access-control-allow-credentials: true
srg-x: x-.167
content-length: 569

GET
H2 200 3230648 Show response
in-page-push.com/500/ 10 B
496 B 41ms
41ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3230648?excludes=12429703&oaid=b3ac6c287a624708ab40600592437952&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fexey.io%2FZuS2jk&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 50aa4985ac5787064485a18365153842
pragma: no-cache
date: Sat, 09 Jul 2022 18:04:30 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 10
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 206
Partial Content Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
h5.vdo.ai/media_file/v-exey-io/source/vhs/ 3 MB
0 212ms
211ms Media
video/mp4 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-exey-io/source/vhs/Top%2010%20biggest%20sporting%20event%20in%20the%20world_1.mp4
Requested by: Host: exey.io
URL: https://exey.io/ZuS2jk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://exey.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=720896-

Response headers

Date: Sat, 09 Jul 2022 18:04:30 GMT
Last-Modified: Thu, 26 Mar 2020 14:03:24 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5e7cb62c-7353fbe"
Content-Type: video/mp4
Content-Range: bytes 720896-120930237/120930238
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 120209342
Expires: Sun, 09 Jul 2023 18:04:30 GMT

OPTIONS
H2 200 3230648
in-page-push.com/500/ Frame 0
0 23ms
22ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://exey.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exey.io
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 09 Jul 2022 18:04:30 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
477 B 55ms
18ms Fetch
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 09 Jul 2022 18:04:59 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://exey.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ Frame BD7C 2 KB
3 KB 13ms
13ms Image
image/png 139.45.197.153
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3230648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.153 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:30 GMT
last-modified: Thu, 01 Jul 2021 09:13:54 GMT
server: nginx
etag: "60dd8752-86d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2157

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=timing&_s=10&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=v-exey-io&utt=1144&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=684708553

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4417
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=11&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1727560932

Requested by

Host: exey.io
URL: https://exey.io/ZuS2jk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4417
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 99ms
32ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 97ms
97ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exey.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Jul 2022 18:04:31 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE4E 156 B
850 B 232ms
161ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22675219970%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_exey_io_v_pre_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=1352428493287039&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26onetag_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389871379&cookie_enabled=1&scor=1306949634814664&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=12&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1983082301

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4417
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 74ms
31ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE4E 156 B
144 B 258ms
193ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22675219970%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_exey_io_v_pre_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=3917049513312284&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389871703&cookie_enabled=1&scor=3610386902584005&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
28ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=13&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=657784689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4417
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE4E 156 B
142 B 164ms
164ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22675219970%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_exey_io_v_mid1_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=2103099299961193&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26onetag_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389872011&cookie_enabled=1&scor=2359188344330586&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=14&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=275881352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4418
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE4E 156 B
142 B 164ms
164ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22675219970%2FDFP_APAC_Parent_Second_AdBreak%2Fellipsis_dfp_v_exey_io_v_mid1_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=3583532963178063&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389872217&cookie_enabled=1&scor=1068711620360775&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=15&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=722458429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4418
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE4E 156 B
142 B 169ms
169ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22675219970%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_exey_io_v_mid2_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=4194822876590251&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26onetag_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389872394&cookie_enabled=1&scor=525264793300460&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=16&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=1679494007

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 16:50:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4418
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=exey.io

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE4E 156 B
142 B 179ms
179ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22675219970%2FDFP_APAC_Parent_third_AdBreak%2Fellipsis_dfp_v_exey_io_v_mid2_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=604262780562509&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389872576&cookie_enabled=1&scor=4412642687304996&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 18:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET collect
www.google-analytics.com/ 0
0

GET integrator.js
adservice.google.com/adsid/ 0
0

GET ads
pubads.g.doubleclick.net/gampad/ Frame DE4E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/collect?v=1&_v=j96&a=1049023585&t=event&_s=17&dl=https%3A%2F%2Fexey.io%2FZuS2jk&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-exey-io&_u=SACAAUABCAAAAC~&jid=&gjid=&cid=2073424601.1657389870&tid=UA-113932176-39&_gid=1978306700.1657389870&gtm=2ou6t0&z=321475098

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=exey.io

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22675219970%2FDFP_Z1_Parent_Fourth_AdBreak%2Fz1_dfp_v_exey_io_v_mid3_1&description_url=https%3A%2F%2Fexey.io%2FZuS2jk&tfcd=0&npa=0&correlator=261012662786246&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fexey.io%2FZuS2jk&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26onetag_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.521.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&ptt=20&adk=110095148&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.521.0&media_url=https%3A%2F%2Fh5.vdo.ai%2Fmedia_file%2Fv-exey-io%2Fsource%2Fvhs%2FTop%252010%2520biggest%2520sporting%2520event%2520in%2520the%2520world_1.mp4&sid=4081DB25-B410-4FC6-AF70-66EA52FB1930&nel=0&eid=44752052%2C44754420%2C44760950%2C44761692%2C44762904&dlt=1657389869388&idt=941&dt=1657389872769&cookie_enabled=1&scor=1302290277216278&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exe.io/	1969-12-31 23:59:59	Name: AppSession Value: 6fc0f0b6037b22a0d4e2532243c36c5b
exe.io/	1969-12-31 23:59:59	Name: csrfToken Value: d7a8fa3be49d8c008d5d090fa48b11d121ba648815560e5066919587fd63796b4f31aa63fbc9b4b9721acc1fcbc1dce6de7fdd3cbbd9f057e669780c8e041b95
exey.io/	1969-12-31 23:59:59	Name: AppSession Value: 192f064a110bceb4b0102453208b9341
exey.io/	1969-12-31 23:59:59	Name: csrfToken Value: ec636dd6d0eed931f666606e68f76fbf3a1a984f0326e4dcc7345cf34b9e97d61bea9e42fba3d06894ce13512988f0096b315aeb4952b7f6dc40ce401ddf3614
nh.eugeniecor.com/	1970-01-20 04:24:36	Name: GL_UI4 Value: eJw9jVtOhDAYhYFycTJCPAkLcAkFnMA8GhfhI2npL1MH2kmpQ9y9jYk%2BnS%2FnkhNFUVJXiO85A%2FsSJzwPLe%2FOp05Kfh5kL2gQDW%2BHthfT0L10TY%2BD3kYv5EI%2BxeNMhpyexskqKvEUoj%2FnauxuUmTSCaNKZGtoLCUK6ey%2BkasZUiNWQv52cTZotopP68Aa3gXWJnDMkditZtUBxbs2KgyrI5KGV2Ue4XhbhP%2Bwbh21ymNksxOKEL%2FiYRKeZuu%2BUSjart7eALuo8b%2F%2F%2B8v2hiNXdNdTOLf%2BQu4H6opJ%2Fw%3D%3D
nh.eugeniecor.com/	1970-01-20 04:24:36	Name: GL_GI10 Value: eJxNjL1OwzAUhVOnshraBB2Jha0vgKVQdcgKa5QNGK2Q3BYLeq9lu0B4etQiVUzn6Px8WZapmwrKeVTN1tzXtambxtTbDfI9CVTXYjXIkVOYLPcHwrKj9Ebho%2BcxQgfaO%2BESyz9jBxkJV11798TvLF98KU7fEvPBpalEcZLztlogd9HjtqU%2B0gu9rv%2Fh1w%2Fm2aBgSjZ6ohHFowQvoU%2BE6pKeOTrHwkXrg3xPeobr5A70I0xWdrtISSvMPrX6BbqFR48%3D
.exey.io/	1970-01-20 21:54:21	Name: _ga Value: GA1.2.2073424601.1657389870
.exey.io/	1970-01-20 04:24:36	Name: _gid Value: GA1.2.1978306700.1657389870
.exey.io/	1970-01-20 04:23:09	Name: _gat_gtag_UA_113932176_39 Value: 1
.exey.io/	1970-01-20 04:23:09	Name: _gat_gtag_UA_135952122_1 Value: 1
freychang.fun/	1970-01-20 13:01:33	Name: csu Value: 1721792784863291@1@1657389869
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nHXpemLyEBw
.youtube.com/	1970-01-20 08:42:21	Name: VISITOR_INFO1_LIVE Value: B13XYwP-NNU
my.rtmark.net/	1970-01-20 13:08:45	Name: ID Value: b3ac6c287a624708ab40600592437952
in-page-push.com/	1970-01-20 13:08:45	Name: OAID Value: b3ac6c287a624708ab40600592437952
.h12-media.com/	1970-01-20 05:46:29	Name: 7thMile Value: 409c1dcc%2Dc74d%2D4744%2D8ee6%2Dc1e58559995f
.doubleclick.net/	1970-01-20 13:44:45	Name: IDE Value: AHWqTUm44yvl6ddgfX7z2ms96H_c0-zCOgW7TyRtsD8DGOd4Qqdlf09BQDtKBc3JXe0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
accounts.google.com
adservice.google.com
analytics.vdo.ai
cdnjs.cloudflare.com
d192r5l88wrng7.cloudfront.net
exe.io
exey.io
f.h12-media.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
ghb.adtelligent.com
h5.vdo.ai
imasdk.googleapis.com
in-page-push.com
mworkh.buzz
my.rtmark.net
nedukeratio.lol
nh.eugeniecor.com
platform.pubfuture.com
pubads.g.doubleclick.net
s0.2mdn.net
static.cdnativepush.com
tags.h12-media.com
targeting.vdo.ai
tzegilo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
adservice.google.com
pubads.g.doubleclick.net
www.google-analytics.com
13.32.99.76
139.45.195.254
139.45.195.8
139.45.197.15
139.45.197.153
142.250.185.226
144.217.66.206
154.51.131.141
23.109.82.10
2600:9000:2491:4200:18:306b:ddc0:21
2606:4700:20::681a:267
2606:4700:20::ac43:46a0
2606:4700:3030::6815:2dcf
2606:4700:3034::ac43:cdf0
2606:4700:3038::6815:eb09
2606:4700::6811:190e
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::200d
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:8640:454::2
2a06:98c1:3121::3
51.79.72.196
52.22.197.162
071404725633a55031a90aac1b637158dd67b9ab9f140100d22f8e69f9fdaed2
089f8aca1b5c39d6b8675a682df4a0f209f14cf25082fa95217bce18930b0052
108c1ca17044885c018c5415136d926012a876bd4383b2a6d6a03216aedfdeaa
1758268a169457ec7c2601d5c148715d5442a9cf20a465ff05b42cc556aa2259
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
26bbadf324d400b12bea32f232b42870889357c483db6c1c4b1baa0202a41539
28c01c5a5b4ed8ccaffffbaaca2e24d6989f63395b49a5ce965825ee178e14ad
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774
3a4772c001166de7d53729446ac3a13940db38076fec517cdd8e205d12ae6542
3ca146cff795418c1014e7cac0e9a865892ece80438ec14e23a3dfdf4142f02f
4a1d4d06cefd96b2a94b54e21240a9d92ed493c9c13aacd786d5968b43554c49
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee5aa2f1e65270826ba67f1b98153bda3e23ebd377001e3e9cfca9023c1b2f8
50e01ebd2b1a2621b770465f8ca3504cdb80756cc9b4ddcf10ab4a98c3afb9a9
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72f179f1c803ca49ddb20237bdf8dda625870f01447490db5484099f6e055809
738161904fe560fd83c26e301998e35ac1e87cb40bebd4b190a5f141309d40b9
74124c01d92d14d19e8e4fe81272345920f1d902bd5a5e23b18bf12b0a713d98
7814541ca4a2c3b3b4f0db91d73a16278826880c747626c31a509dc17c0fe493
7fb8c5b7c7311dec2ddc0898d397e6e674053049ffba7a1f17b9eee28fd173ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f7d4f42baa577a800275b680c4d1ca72d2caccb67f2e6eff02a7574782f748
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
938d7b3cc78bd28549d0b16a00dc1849597936a8ba9f8838c1455cd259851577
9a045c6ee1c9746bf198b3eb111200c7af11a90fabafe9adeb0bc43de5f492c6
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7caf58a0005929352fbc2bf21416247066139905f54a24b5a86b397e1fb25dd
a9f694ed1110800e53353af83768f26eaafad92e76ad36c4c6b9b89c09ef2ecb
aa710163e37fe5d50f6684f5ec9a10ad1dd6487cb9e7102fe22520230c7bedb3
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b4d8e98025db1aea232b65d5313dc9653128353f29f20b30fa50afa1d1442578
b625763b6a2911c384288416e4f5550eb5cade5dfbbc50849fe5f9061cb66c9e
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b8b209e97178a0ca34395222579977c724b945e4a470024450bc48ef1811a386
ba27b3a742045ec82bf7f6bec7fabf884aed94f52529b5403029f8feaa060fa7
c5aa000fd5d0aa4199437da67fc8661dbb19414d5e5257525ea2177b9c35a3e9
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
cf09d906a27c640c8fe862b19b5b3938e0f3e1033f94071155415e1229e48cda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d176a43d5dea12d889c221d9bf5e43a5a9b15227d068466614ce164b3579ab72
d77ea64e4eef31754ebbd1ee6ff2dd7908ba20f2da4811aa205778529dadb052
ddbc9719c72a462df357c3a5209f268d45cd45cc7270c682ebf5724c97cb7364
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fb4675d7e5525b2007e5e8c8bdedcce258ee46495f513069de729bd923705d
e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1
eeb7b0e2865e732578b5c15b0ec73790d3266529330a9b62e73b08d8ebe87402
f11b79639bbe3ce1ec637697a3cfed0147dfbd2ab7a68aecb4e1d69939b8bf50
f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5
f259e1ac72c23752a935508137a234c6411c9abe1f04f9d951003ca60241cdb3
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
ffebbe92011a267ac25a89a3af8a118c00e61b69eb54fe47df21f46a4cdaa10b

exey.io Open in urlscan Pro 2606:4700:20::ac43:46a0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

97 %HTTPS

63 %IPv6

26 Domains

32 Subdomains

31 IPs

5 Countries

1778 kBTransfer

8130 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exey.io Open in urlscan Pro
2606:4700:20::ac43:46a0 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

97 %
HTTPS

63 %
IPv6

26
Domains

32
Subdomains

31
IPs

5
Countries

1778 kB
Transfer

8130 kB
Size

17
Cookies

108 HTTP transactions
1 data transactions