exey.io Open in urlscan Pro
2606:4700:3033::ac43:b444 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://exe.io/IPrKpeW1
Effective URL:
https://exey.io/IPrKpeW1
Submission: On November 28 via manual (November 28th 2021, 4:29:09 am UTC) from MX — Scanned from DE

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 23 domains to perform 78 HTTP transactions. The main IP is 2606:4700:3033::ac43:b444, located in United States and belongs to CLOUDFLARENET, US. The main domain is exey.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2021. Valid for: a year.

This is the only time exey.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:20:... 2606:4700:20::681a:267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::ac43:b444	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:218... 2600:9000:2182:8200:1d:bf0d:abc0:21	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:218... 2600:9000:2182:2200:b:b271:7c80:21	16509 (AMAZON-02) (AMAZON-02)
1	23.109.82.18 23.109.82.18	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
8	18.66.139.30 18.66.139.30	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3030::ac43:8a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:cc00:12:fc33:3bc0:21	16509 (AMAZON-02) (AMAZON-02)
10	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
5	139.45.197.241 139.45.197.241	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3033::ac43:b4cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2606:4700:303... 2606:4700:3034::ac43:d5ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
78	26

3 2606:4700:20::681a:267 (United States)

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:b444 (United States)

ASN13335 (CLOUDFLARENET, US)

exey.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:8200:1d:bf0d:abc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2sbzwmcg5amr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:2200:b:b271:7c80:21 (United States)

ASN16509 (AMAZON-02, US)

d26adrx9c3n0mq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

punyvamos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.139.30 (United States)

ASN16509 (AMAZON-02, US)

alukizeia.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:8a0d (United States)

ASN13335 (CLOUDFLARENET, US)

uleqasfor.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:cc00:12:fc33:3bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d301cxwfymy227.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

forfrogadiertor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddoan.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.241 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itphanpytor.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:b4cb (United States)

ASN13335 (CLOUDFLARENET, US)

tagcachestaticx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:d5ae (United States)

ASN13335 (CLOUDFLARENET, US)

onasider.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

tagcachedataxrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	forfrogadiertor.com forfrogadiertor.com	32 KB
8	alukizeia.one alukizeia.one	9 KB
8	cloudfront.net d2sbzwmcg5amr3.cloudfront.net d26adrx9c3n0mq.cloudfront.net d301cxwfymy227.cloudfront.net	186 KB
7	google.com accounts.google.com www.google.com	36 KB
6	cdnativepush.com static.cdnativepush.com	14 KB
5	itphanpytor.club cdn.itphanpytor.club	128 KB
5	uleqasfor.one uleqasfor.one	2 KB
3	exey.io exey.io	85 KB
3	exe.io exe.io	11 KB
2	tagcachedataxrt.com tagcachedataxrt.com	477 B
2	onasider.top onasider.top	1 KB
2	rtmark.net my.rtmark.net	1 KB
2	itskiddoan.club cdn.itskiddoan.club	27 KB
2	freychang.fun freychang.fun	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	googlesyndication.com pagead2.googlesyndication.com
1	tagcachestaticx.com tagcachestaticx.com	18 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	facebook.com www.facebook.com
1	punyvamos.com punyvamos.com	1 KB
78	23

	Domain	Requested by
10	forfrogadiertor.com	exey.io forfrogadiertor.com
8	alukizeia.one	d2sbzwmcg5amr3.cloudfront.net d26adrx9c3n0mq.cloudfront.net
6	static.cdnativepush.com	exey.io forfrogadiertor.com
5	www.google.com	exey.io
5	cdn.itphanpytor.club	forfrogadiertor.com cdn.itphanpytor.club
5	uleqasfor.one	exey.io
4	d2sbzwmcg5amr3.cloudfront.net	exey.io alukizeia.one
3	d26adrx9c3n0mq.cloudfront.net	exey.io alukizeia.one
3	exey.io	exey.io
3	exe.io	exe.io
2	tagcachedataxrt.com	tagcachestaticx.com
2	onasider.top	d26adrx9c3n0mq.cloudfront.net
2	my.rtmark.net	cdn.itskiddoan.club forfrogadiertor.com
2	cdn.itskiddoan.club	forfrogadiertor.com cdn.itskiddoan.club
2	freychang.fun	d2sbzwmcg5amr3.cloudfront.net d26adrx9c3n0mq.cloudfront.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	accounts.google.com	exey.io
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	exey.io
2	fonts.googleapis.com	exey.io d26adrx9c3n0mq.cloudfront.net
1	pagead2.googlesyndication.com	tagcachestaticx.com
1	tagcachestaticx.com	forfrogadiertor.com
1	cdnjs.cloudflare.com	exey.io
1	d301cxwfymy227.cloudfront.net	exey.io
1	www.facebook.com	exey.io
1	punyvamos.com	exey.io
78	26

This site contains no links.

Subject Issuer	Validity	Valid
exe.io Cloudflare Inc ECC CA-3	`2021-04-23` - `2022-04-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-14` - `2022-04-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
punyvamos.com R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
alukizeia.one Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.uleqasfor.one R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
forfrogadiertor.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
cdn.itskiddoan.club Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
itphanpytor.club R3	`2021-09-26` - `2021-12-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
cdnativepush.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
tagcachedataxrt.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-09` - `2022-10-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://exey.io/IPrKpeW1
Frame ID: 035163BDAF55B936A4CA5A014BE1CAAE
Requests: 59 HTTP requests in this frame

Frame: https://alukizeia.one/OFZRblRZNDIDa1lrM0ghSjpsS2Z+c2MoMAolMxQjVTU2WzVVJGJAN1Q5JAoySjk/GnpWMyVLZn4yNToaSAw6HQNgFzIvMHkQMCoCTCwDGRJbABlXAG8EPiQeaQMeJDNbHAArBXoUAiM3ahc1LwRPbwk4EmIiFjgdcBcJNABuMTIoMFMHBy0VcSYCLzBoEzsdNW8QADwYahwCJgVTYRdeEXQHFVoBfDEAJBlqLjcsBVwjA10CWwUZGgV5AD0hBHouNSoFU24TBg5aADg7Fn46JTkxUwM1OQF2Yh8WDloAOxk3YABoPTZTDCk6EmphFT8CXAJjWxx5IXwJA3cuPTkcXxshJjhXMgBdP0IUPR4GYgMIKAB+BGY2Al8UFAcNYhA9HThaPTIqFmluNisWYjQHByNpAxAnHmE6ECwDaQM7LGVPExBcYXAyBywFYgMECgxuFGg/BgkyBFxhcBcpARx0BAMsFX0YZCMjYjcEOQJ/FARWAFwxdwQnVzghUxtZFGQZPFs+OBk6
Frame ID: 3121570FF610E3C899EDA509704E45D3
Requests: 2 HTTP requests in this frame

Frame: https://alukizeia.one/V0FINXE2IytYTjZ8KhMEJS11EEMRZHpzFWUyKk8GOiIvABA6M3sbEjsuPVEXJS4mQV85JDwQQxE7BVgdDhYifyMVKxENNQIYCWU2NAoKWQEmIwl4JBY4OwQpEgsdeQkCCixMODMAP3Q5HikSXCY7eBh5MhUWDAQdcnMKex0ZIgxYJ28XeUI6DRY7YCQgcX5vBg4UAHEdORl5BSUaFRJQJGc5OX0wNCIfbUA4ACBaFBoVGmIpBXU6UwYWAgpMCXJzDnQwHRgpfSAUB3laEDE2CXY5PQR4dzANDClNFg8ADl4WNQARVyUQMTlgQR4bBnFIERc/RgsacRFtJi9sfUMwBhcAVEMgGQlzHSAMHkU2FQUaEEMRAABzPDYsOFAmIAhxUwYWAgxfQWIWHgQwMRYvdiQGBDl7J24ZHHIeNAI/Zzk2CRlyMxF4O1EwDgkccgEmEB54IRgSIFc3ZjItVwYSBxoHBSQHDVEkcSs7Wh8nfD96SRIKDWxDYgoGDRk6
Frame ID: 967A7261D7E265A71C269E523FCEFFCB
Requests: 2 HTTP requests in this frame

Frame: https://alukizeia.one/UmF6M3EzAxleTjNcGBUEIA1HFkMUREh1FWASGEkGPwIdBhA/E0kdEj4OD1cXIA4UR188BA4WQxQENAIzAgUyaSQCGD9gIgcsT3hBPi4+AR1lNS96Ix0LDVE2FwUOeQk5AyNaODAlEGI5NgsJfDQ1ER1SIzU5LWcVKzQSfSsfUjB1JBQ4Sn8kPiI/YCB3Uzx0CWIqMEoaBidKflRgJypLKBc3ImpHFDQOUiEoNB50HSEZG1goJSAUBlRgJy9mIBoEPlQVFSc3FkMULjtXJRA2O1swFCw8ajlnJC1yFWMHPmklEDY7BzkABjhpNiIpNHE7OwcNSzATUhZCIzk7LXo1f1kjdkETUDZhSTQwSWVIHwo3ditgJzJiMxgIHAIGNjkDYhgVJzd1NGARPWEdIVQwcTcGIy1yHhczLFAhYDsoYTAxGzBEKAg2EGUAAAs7fCs/Jz9kMBwMH2YzCyBIZQAACiB2PAEKLHE3Z1AcZzsWIz1XGQBRO2E7CihcWQI9DwoOGT8ML0ElKCNK
Frame ID: EA1673A83272E2C4488FF2A5306FFD84
Requests: 2 HTTP requests in this frame

Frame: https://alukizeia.one/QU5KUFcgLCk9aCBzKHYiMyJ3dWUHa3gWM3N4KzQlOXcpYzlxIzt+NC0hPzQxMyEkJHkvKz51ZQd5GGIZMxh4GTwFDx8oDxUDARRlMSwuFiciFww0PwIcLWQTBSovFz0uIy4qBgYPIgEuCCc9JQUFAxAUZTEdEwFvCgEbBmETH35lFhk+GQQDGAkABmInLRgJZAUPCCEROCUCFD0EAgEBDhEtGDM6GSkTZBACehoSLRsGLgMBJCscGj4UGD51ZQcIGWQZBTQtBhkEFBAKIDY0GDw7Lxt5NBkWfQACFRQUEAovFDsOBmYrHHkBPxUjHAMHcBgsNjwlfx8nei4gDzkkBgYOGRYNDyU2NC0PCAY7KSkeGAUXGicGBCM5LRQeNnY4AjsqGxhjARUMMGQdCCUQCg02GyMRFgB6GWIdExkwARwPHz0XGioqexoBCyYeGDMPFngWAiJ+ezYOKip7BS8mfAgTDhMPJBoGABgQCQ4ENnoGAnEnEidxKz0lPid8PycUZxYjHyYiAAkz
Frame ID: 46DBFB9A36576886BA45D0BBC32C5CDD
Requests: 2 HTTP requests in this frame

Frame: https://alukizeia.one/VDRoOG81VgtVUDUJCh4aJlhVHV0SEVp+C2YCCVwdLA0LCwFkWRkWDDhbHVwJJlsGTEE6URwdXRJVOmAHLHo9YQISTFFsCgBxOn4+PBFafgsBRCF5NzBeLV8lNX8sbikcfCV9KhAMXWI7FUEpeTUObSx9LBJlAAo2LGU5bxYSADBQPTZ+MFAlAgU5USVkYi59FR0FLkAAHWQReQ4SclhTIiwEO2kCFUMvbRcNfzwAPRxiA1Y2EVtbeSg8BTBtIhJWAnE9HAUtSCIzQD16XA1GLH4+HFAGaiYMQz5SCz5EPXpcDU0talcQVwV6IxlMKggLBXYgeThtUztTQhJhJlI6AXItcQUeTCVhPgN6W2gEBXMLbxsYZhB6XzBiKVk3AH0HfikFfCpvLR9lPlMZGFxZbS1nbQFwPR5RI28XMGUfbQMYZQddOBd6D2sFN3kLfxsdbB9+GDcEEF4uDHoPawQScyJBIg51WUAFME5dfS06chprXzdgJQsIcl4bVwEkCQV+LQFzIGgZP0wfVA
Frame ID: AAEB5C9352A8708AB9B83C9BB5AC93CD
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/088308167711.png
Frame ID: DCC75584828AA07D6258AC70B99CF99D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Page URL History Show full URLs

https://exe.io/IPrKpeW1 Page URL
https://exey.io/IPrKpeW1 Page URL

Page Statistics

78
Requests

100 %
HTTPS

69 %
IPv6

23
Domains

26
Subdomains

26
IPs

4
Countries

704 kB
Transfer

1823 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://exe.io/IPrKpeW1 Page URL
https://exey.io/IPrKpeW1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 IPrKpeW1 Show response
exe.io/ 588 B
1 KB 87ms
67ms Document
text/html 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exe.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dbc18df3c08635e19445c6419ed0bf50b73683dea0445f0b0e6abfa4f5b496e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAjj3%2FI9NPqfZwCZMtSgc2AqmJKmy1Eoo0UbQi%2FqZvxtX%2FlsTUyGK1YcinR1xFGphCh6l%2F18y3ubz3J%2BlK0eDWB40%2BVm4x7zPLvRy4e2tL5wFnH1UY%2BMBGXQ7xKNX7EOODkLGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b50da682a887033-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 api.js Show response
exe.io/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 10ms
9ms Script
text/javascript 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exe.io/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: exe.io
URL: https://exe.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exe.io/IPrKpeW1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf4kGbCY3Je1v%2BvycQLrGSmsHAEMlq%2Boi07KoKWh%2F751nVRfjkpTgak4pYXZnSfTfj3tCwcuTJsCZMBalJ%2B93uO2C7Ei8lsWWQSUlx1Mvf1C8JbUCB0FFXlPNhzi%2FpuvrWBrHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6b50da68bb567033-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Primary Request IPrKpeW1 Show response
exey.io/ 111 KB
43 KB 85ms
59ms Document
text/html 2606:4700:3033::ac43:b444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:b444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57b874ae9ae24220ee3cc1e330a88e387c8e6018c7247acda51695b550065598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://exe.io/

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujU5Vp0%2BgyKDR8bkNafBP5XR6HLzFX1Q9EcGH1jPg0kCX5Rw3ZY2tVY6CibXC3d6L9MigmE%2FxvvIFyByUOzS0wpnpqzNRizwKBdwhYaoVYCMFzREClx0QTcqcCi%2BbJLghFxveI7c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b50da68fa8f2b89-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 204 result
exe.io/cdn-cgi/bm/cv/ 0
767 B 15ms
14ms XHR
text/plain 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exe.io/cdn-cgi/bm/cv/result?req_id=6b50da682a887033
Requested by: Host: exe.io
URL: https://exe.io/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://exe.io/IPrKpeW1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKDPxvyc8JF7qq%2F8jTxFzM61Lt%2Fm3O1%2FLFvZmP1BgEFxZQm5sgaI1At92CifCGlhzRTRCSaDwa7Mi3pdsBCG43hUuaqyE6cV2fXz7hUzOY5IP81Q7uxBaCeNW5DmQEPjCGG9Og%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6b50da6938d8d711-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66219bc99ac30a346552ced8a3a2739c915b441219cfd9cf3dbef943cf7ca7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 03:28:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 04:29:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 04:29:04 GMT

GET
H3 200 continue.css
exey.io/css/ 179 KB
41 KB 36ms
23ms Stylesheet
text/css 2606:4700:3033::ac43:b444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/css/continue.css

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:b444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/IPrKpeW1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 389031
cf-polished: origSize=211643
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 17:25:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raFfj4EZRYmyVIKDyQaAgqEKMKuSTio1R0ZHj76hpIjjXHRHxjSuxiHwIjQMhjUMNKkDp8SpU6NA8jiqAsP5GxhzWJEgxj9cYZy4A%2BFtmPkCWYQS6xxTC%2Fc0q3HcUIMdNSwhs%2Bf6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6b50da698b8f3128-FRA
expires: Thu, 23 Dec 2021 16:25:13 GMT

GET
H3 200 nr.js Show response
exey.io/js/scripts/ 186 B
778 B 34ms
21ms Script
application/javascript 2606:4700:3033::ac43:b444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exey.io/js/scripts/nr.js

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:b444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26bbadf324d400b12bea32f232b42870889357c483db6c1c4b1baa0202a41539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/IPrKpeW1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2224531
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 May 2021 10:32:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FjmrSK%2FWOzgBxchmkpWO3g6jgenMBlM4VOWIsZ1lxv4sQSg767xRMbCw4fNp1U1NMVM2LCIfk0o6C0mEy5xqLfk%2BwV6pdyRSuDyDQVvn59JkJdFdDROAbnC8IP0Fde96wZMIqqq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6b50da698b8c3128-FRA
expires: Thu, 02 Dec 2021 10:33:33 GMT

GET
H2 200 / Show response
d2sbzwmcg5amr3.cloudfront.net/ 344 KB
112 KB 58ms
23ms Script
text/plain 2600:9000:2182:8200:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49ac7b0911a6a81dc2331711bc245d81d0eadbebf6e5de902a10f5a122b9d5c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:21:14 GMT
content-encoding: gzip
age: 470
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: DUS51-C1
content-length: 113932
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-id: 1d5553Dvfj03rKcg75JbyDhgClSe7M9RJz-T92t0St_PAT7puJoi9w==

GET
H2 200 / Show response
d26adrx9c3n0mq.cloudfront.net/ 215 KB
71 KB 48ms
16ms Script
text/plain 2600:9000:2182:2200:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 91fb1c757bc4430756d9b6571d977612cca6f0033a5acbfdc2210e00b4983a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:21:14 GMT
content-encoding: gzip
age: 470
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: DUS51-C1
content-length: 72050
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-id: r7cV1nOyHrZwthAFT8MUgWCc9RVdOZAbNwc3x8zcou6J6z87un0b6Q==

GET
H/1.1 200
OK 29529 Show response
punyvamos.com/1clkn/ 6 B
1 KB 63ms
16ms Script
application/javascript 23.109.82.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://punyvamos.com/1clkn/29529

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.18 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 131ms
44ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a71fd61942c317a2e7663f0e565f85e4703c2f238c1b7b8bc2f64b47452a5297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36133
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Nov 2021 04:29:04 GMT

GET
H2 204 utx Show response
alukizeia.one/ 0
408 B 122ms
97ms XHR
text/plain 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/utx?cb=pMwLeibrMQ3c&top=exey.io&tid=822524
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 2mFIoS94z5iEu9RE01GL3_I2jsyS5Y5iONtGfzdLa9Wp9GgHro3dZw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 124ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exey.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 139023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ 17 KB
17 KB 173ms
89ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exey.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:26:25 GMT
x-content-type-options: nosniff
age: 396160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:26:25 GMT

GET
H2 200 FARWAFwxdwQnVzghUxtZFGQZPFs+OBk6 Show response
alukizeia.one/OFZRblRZNDIDa1lrM0ghSjpsS2Z+c2MoMAolMxQjVTU2WzVVJGJAN1Q5JAoySjk/GnpWMyVLZn4yNToaSAw6HQNgFzIvMHkQMCoCTCwDGRJbABlXAG8EPiQeaQMeJDNbHAArBXoUAiM3ahc1LwRPbwk4EmIiFjgdcBcJNABuMTIoMFMHBy0VcSY... Frame 3121 3 KB
2 KB 99ms
99ms Document
text/html 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/OFZRblRZNDIDa1lrM0ghSjpsS2Z+c2MoMAolMxQjVTU2WzVVJGJAN1Q5JAoySjk/GnpWMyVLZn4yNToaSAw6HQNgFzIvMHkQMCoCTCwDGRJbABlXAG8EPiQeaQMeJDNbHAArBXoUAiM3ahc1LwRPbwk4EmIiFjgdcBcJNABuMTIoMFMHBy0VcSYCLzBoEzsdNW8QADwYahwCJgVTYRdeEXQHFVoBfDEAJBlqLjcsBVwjA10CWwUZGgV5AD0hBHouNSoFU24TBg5aADg7Fn46JTkxUwM1OQF2Yh8WDloAOxk3YABoPTZTDCk6EmphFT8CXAJjWxx5IXwJA3cuPTkcXxshJjhXMgBdP0IUPR4GYgMIKAB+BGY2Al8UFAcNYhA9HThaPTIqFmluNisWYjQHByNpAxAnHmE6ECwDaQM7LGVPExBcYXAyBywFYgMECgxuFGg/BgkyBFxhcBcpARx0BAMsFX0YZCMjYjcEOQJ/FARWAFwxdwQnVzghUxtZFGQZPFs+OBk6
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: 0776b1ad8300d4ae23f6c672fa08170e1d85592460b31bf1968e00759401653a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/

Response headers

content-type: text/html
content-length: 1228
date: Sun, 28 Nov 2021 04:29:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: Nl3YhZGxrYVhzugpN3BhBCxJH_quQ4CMMjSl2oDOzjO8-BB5M9g_pg==

GET
H2 200 Zzk2CRlyMxF4O1EwDgkccgEmEB54IRgSIFc3ZjItVwYSBxoHBSQHDVEkcSs7Wh8nfD96SRIKDWxDYgoGDRk6 Show response
alukizeia.one/V0FINXE2IytYTjZ8KhMEJS11EEMRZHpzFWUyKk8GOiIvABA6M3sbEjsuPVEXJS4mQV85JDwQQxE7BVgdDhYifyMVKxENNQIYCWU2NAoKWQEmIwl4JBY4OwQpEgsdeQkCCixMODMAP3Q5HikSXCY7eBh5MhUWDAQdcnMKex0ZIgxYJ28XeUI6DRY... Frame 967A 3 KB
2 KB 98ms
98ms Document
text/html 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/V0FINXE2IytYTjZ8KhMEJS11EEMRZHpzFWUyKk8GOiIvABA6M3sbEjsuPVEXJS4mQV85JDwQQxE7BVgdDhYifyMVKxENNQIYCWU2NAoKWQEmIwl4JBY4OwQpEgsdeQkCCixMODMAP3Q5HikSXCY7eBh5MhUWDAQdcnMKex0ZIgxYJ28XeUI6DRY7YCQgcX5vBg4UAHEdORl5BSUaFRJQJGc5OX0wNCIfbUA4ACBaFBoVGmIpBXU6UwYWAgpMCXJzDnQwHRgpfSAUB3laEDE2CXY5PQR4dzANDClNFg8ADl4WNQARVyUQMTlgQR4bBnFIERc/RgsacRFtJi9sfUMwBhcAVEMgGQlzHSAMHkU2FQUaEEMRAABzPDYsOFAmIAhxUwYWAgxfQWIWHgQwMRYvdiQGBDl7J24ZHHIeNAI/Zzk2CRlyMxF4O1EwDgkccgEmEB54IRgSIFc3ZjItVwYSBxoHBSQHDVEkcSs7Wh8nfD96SRIKDWxDYgoGDRk6
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: 66b04442cdec89f673a5d9ab17e6428fd0d321de0dc1af76491387ebaf589a25

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/

Response headers

content-type: text/html
content-length: 1220
date: Sun, 28 Nov 2021 04:29:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: eQimCFAI-03f_s4DuOhHQNQ2pKX6oMDkUa5Gskw0YcJ1QSsSet1U0A==

GET
H2 204 utx Show response
alukizeia.one/ 0
410 B 100ms
99ms XHR
text/plain 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/utx?cb=v6yLr7X0CDOF&top=exey.io&tid=889494
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: J6RkCd7Dexs66q3Mq2SREGCF8E46wZWVxlLrcEu_bA1wQOCvLCx9zA==

GET
H2 200 Jz9kMBwMH2YzCyBIZQAACiB2PAEKLHE3Z1AcZzsWIz1XGQBRO2E7CihcWQI9DwoOGT8ML0ElKCNK Show response
alukizeia.one/UmF6M3EzAxleTjNcGBUEIA1HFkMUREh1FWASGEkGPwIdBhA/E0kdEj4OD1cXIA4UR188BA4WQxQENAIzAgUyaSQCGD9gIgcsT3hBPi4+AR1lNS96Ix0LDVE2FwUOeQk5AyNaODAlEGI5NgsJfDQ1ER1SIzU5LWcVKzQSfSsfUjB1JBQ4Sn8kPiI... Frame EA16 3 KB
2 KB 99ms
99ms Document
text/html 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/UmF6M3EzAxleTjNcGBUEIA1HFkMUREh1FWASGEkGPwIdBhA/E0kdEj4OD1cXIA4UR188BA4WQxQENAIzAgUyaSQCGD9gIgcsT3hBPi4+AR1lNS96Ix0LDVE2FwUOeQk5AyNaODAlEGI5NgsJfDQ1ER1SIzU5LWcVKzQSfSsfUjB1JBQ4Sn8kPiI/YCB3Uzx0CWIqMEoaBidKflRgJypLKBc3ImpHFDQOUiEoNB50HSEZG1goJSAUBlRgJy9mIBoEPlQVFSc3FkMULjtXJRA2O1swFCw8ajlnJC1yFWMHPmklEDY7BzkABjhpNiIpNHE7OwcNSzATUhZCIzk7LXo1f1kjdkETUDZhSTQwSWVIHwo3ditgJzJiMxgIHAIGNjkDYhgVJzd1NGARPWEdIVQwcTcGIy1yHhczLFAhYDsoYTAxGzBEKAg2EGUAAAs7fCs/Jz9kMBwMH2YzCyBIZQAACiB2PAEKLHE3Z1AcZzsWIz1XGQBRO2E7CihcWQI9DwoOGT8ML0ElKCNK
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: ceb93c008225fc32ea73464e6698202e0a956e3cc266802f3be0dfcadcf2bd61

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/

Response headers

content-type: text/html
content-length: 1228
date: Sun, 28 Nov 2021 04:29:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: UNkGgXXXpD0bABFSeNi9JWROgVMpJbQYe7ZDwCpXrY3JGHQpf2nXqQ==

GET
H2 204 MgxaYiUiUB8xJWsATS04MF5WYiBrAEV3YngDWGpgcEUbJTFrAE00IiJdVnVgZQlbc2VhBV50Z28
uleqasfor.one/VlYxa0R5aVIYeRsTWRsRZGJ3DShjOmY6HmMOAzklFR4EMR0QORcfLTJrCVl2Y2QFTTQ/ 0
529 B 132ms
103ms Image
text/plain 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/VlYxa0R5aVIYeRsTWRsRZGJ3DShjOmY6HmMOAzklFR4EMR0QORcfLTJrCVl2Y2QFTTQ/MgxaYiUiUB8xJWsATS04MF5WYiBrAEV3YngDWGpgcEUbJTFrAE00IiJdVnVgZQlbc2VhBV50Z28
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbJafpKQayWE6u1YqsH%2Bd4j25MdMnwZhUGFO2v4y2v7ZSFakXXYmK4lQ30Lq9Vo0NyB%2Bsl0XE%2BDTWTMz21EbaRxWnGRNTKff60hmbOIaOGavUV0Dh8ZvvxEpDJKlIVCNA71qNPb%2FPlBtsC82"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b50da6b0a1e4a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 187ms
172ms Image
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 195ms
105ms Image
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 358ms
268ms Image
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 204 TmpIdjNhVSsFDhpZHkJifQZxImZ3WBsuaQw7EDxjKAF5O1Z+L24CWipXcE4KelN8UEMnDnVHFT0eKQJGPVd5UFogDCdLFThXeVgAekR6RR14TDwGUilXeVBDOh4kSwJ4WXBGBH1dfEMDdlk
uleqasfor.one/ 0
257 B 135ms
107ms Image
text/plain 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/TmpIdjNhVSsFDhpZHkJifQZxImZ3WBsuaQw7EDxjKAF5O1Z+L24CWipXcE4KelN8UEMnDnVHFT0eKQJGPVd5UFogDCdLFThXeVgAekR6RR14TDwGUilXeVBDOh4kSwJ4WXBGBH1dfEMDdlk
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdXE2PMF18wEF1BhCy3cwrJ6bNoAy0xsN4%2FXafGabalN1Bvoblok%2BgwbCoNo5ilT1WtkUkHTVj0J7Kxw%2BDaru2%2F9aq6EHysgiMFNkSR9At3G0NCFC2Hs89f7%2BjDX7c3%2Bafvs0Hz3Dty3ANJI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b50da6b0a204a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
d301cxwfymy227.cloudfront.net/ 47 B
452 B 61ms
15ms Fetch 2600:9000:2182:cc00:12:fc33:3bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d301cxwfymy227.cloudfront.net/
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:cc00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:21:14 GMT
content-encoding: gzip
age: 471
x-cache: Hit from cloudfront
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-length: 73
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
x-amz-cf-id: Kts4aGSVy9eoV_Pk3_nW7qTqRjO_dBPHx-9SWP6IIZjqN-Cw3O7Yyg==

GET
H2 200 QU5KUFcgLCk9aCBzKHYiMyJ3dWUHa3gWM3N4KzQlOXcpYzlxIzt+NC0hPzQxMyEkJHkvKz51ZQd5GGIZMxh4GTwFDx8oDxUDARRlMSwuFiciFww0PwIcLWQTBSovFz0uIy4qBgYPIgEuCCc9JQUFAxAUZTEdEwFvCgEbBmETH35lFhk+GQQDGAkABmInLRgJZAUPC... Show response
alukizeia.one/ Frame 46DB 3 KB
2 KB 187ms
187ms Document
text/html 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/QU5KUFcgLCk9aCBzKHYiMyJ3dWUHa3gWM3N4KzQlOXcpYzlxIzt+NC0hPzQxMyEkJHkvKz51ZQd5GGIZMxh4GTwFDx8oDxUDARRlMSwuFiciFww0PwIcLWQTBSovFz0uIy4qBgYPIgEuCCc9JQUFAxAUZTEdEwFvCgEbBmETH35lFhk+GQQDGAkABmInLRgJZAUPCCEROCUCFD0EAgEBDhEtGDM6GSkTZBACehoSLRsGLgMBJCscGj4UGD51ZQcIGWQZBTQtBhkEFBAKIDY0GDw7Lxt5NBkWfQACFRQUEAovFDsOBmYrHHkBPxUjHAMHcBgsNjwlfx8nei4gDzkkBgYOGRYNDyU2NC0PCAY7KSkeGAUXGicGBCM5LRQeNnY4AjsqGxhjARUMMGQdCCUQCg02GyMRFgB6GWIdExkwARwPHz0XGioqexoBCyYeGDMPFngWAiJ+ezYOKip7BS8mfAgTDhMPJBoGABgQCQ4ENnoGAnEnEidxKz0lPid8PycUZxYjHyYiAAkz
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: 6116e4808d220f8d9c0d38e62095e3f01537effd03236acd77fa414f9bb53cd8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/

Response headers

content-type: text/html
content-length: 1233
date: Sun, 28 Nov 2021 04:29:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 3s14Ox65YYM1eamfSOAihV1_VdxU10-h3okTQKWidSwXD_VoKXJ5AQ==

GET
H2 204 utx Show response
alukizeia.one/ 0
409 B 187ms
186ms XHR
text/plain 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/utx?cb=qvl0ZYWFjrQc&top=exey.io&tid=902941
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://exey.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: e-Y2wkB3Gkt_ZKXZ8C7uUtiuwvw99-u1CPejgHApi9za3pQp7DW1BA==

GET
H2 200 VDRoOG81VgtVUDUJCh4aJlhVHV0SEVp+C2YCCVwdLA0LCwFkWRkWDDhbHVwJJlsGTEE6URwdXRJVOmAHLHo9YQISTFFsCgBxOn4+PBFafgsBRCF5NzBeLV8lNX8sbikcfCV9KhAMXWI7FUEpeTUObSx9LBJlAAo2LGU5bxYSADBQPTZ+MFAlAgU5USVkYi59FR0FL... Show response
alukizeia.one/ Frame AAEB 3 KB
2 KB 191ms
190ms Document
text/html 18.66.139.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alukizeia.one/VDRoOG81VgtVUDUJCh4aJlhVHV0SEVp+C2YCCVwdLA0LCwFkWRkWDDhbHVwJJlsGTEE6URwdXRJVOmAHLHo9YQISTFFsCgBxOn4+PBFafgsBRCF5NzBeLV8lNX8sbikcfCV9KhAMXWI7FUEpeTUObSx9LBJlAAo2LGU5bxYSADBQPTZ+MFAlAgU5USVkYi59FR0FLkAAHWQReQ4SclhTIiwEO2kCFUMvbRcNfzwAPRxiA1Y2EVtbeSg8BTBtIhJWAnE9HAUtSCIzQD16XA1GLH4+HFAGaiYMQz5SCz5EPXpcDU0talcQVwV6IxlMKggLBXYgeThtUztTQhJhJlI6AXItcQUeTCVhPgN6W2gEBXMLbxsYZhB6XzBiKVk3AH0HfikFfCpvLR9lPlMZGFxZbS1nbQFwPR5RI28XMGUfbQMYZQddOBd6D2sFN3kLfxsdbB9+GDcEEF4uDHoPawQScyJBIg51WUAFME5dfS06chprXzdgJQsIcl4bVwEkCQV+LQFzIGgZP0wfVA
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e69f795c950783a7d63fb1e113f81c9a7c05f240eb422ec52d111c01a03d77c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/

Response headers

content-type: text/html
content-length: 1230
date: Sun, 28 Nov 2021 04:29:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9c920cc684a38b53bc9c7a44ba794875.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: lyqOWC3AnO4A23FS9399cOm3YyL-yhl41qY0VCH_Hw434JyS7A56Ug==

GET
H2 204 NiFgIyQiBVMpJjU7dgkBUTNed1cXAFZySFBQBXhERRlbK0xQXBQ8BQIdRzxMUk9bIRcMVBQ5TFNHAGFAV0cHaQUTCFVyQEUZRjsdXlgEfElTXgF4RVZYA38
uleqasfor.one/Mk9xY2kdcBIQVH0YOyU8XxY/ 0
261 B 118ms
117ms Image
text/plain 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/Mk9xY2kdcBIQVH0YOyU8XxY/NiFgIyQiBVMpJjU7dgkBUTNed1cXAFZySFBQBXhERRlbK0xQXBQ8BQIdRzxMUk9bIRcMVBQ5TFNHAGFAV0cHaQUTCFVyQEUZRjsdXlgEfElTXgF4RVZYA38
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pX6YkXG%2FgYcqiLzvuxMNZZUh%2FBkRNQG0nUnG9KTJFGRIfF%2FwYP2MCS0R2CxeE8fog6ASrRFj6iVbdcWOp%2BTsB4upbHqIzz%2FZr9XsfV2pIbQCXAuMXvgsgQIdLyiKo5AJElySyN8DyJ%2FsjJdh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b50da6b2a3a4a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 QkFpN1JtfgpEbycEL0YwL3QoUwQqFj8HYzsZWFM3EwkFZApzKk9DOyZ8UAdge3VYESIrJVQGdDE1CEMnMXxYETssJwYKdDR8WBlhdm9bBHx0Zx1HMyV8WBEiNjUFCmN0clEHZXF2XQJjcHc
uleqasfor.one/ 0
258 B 106ms
105ms Image
text/plain 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/QkFpN1JtfgpEbycEL0YwL3QoUwQqFj8HYzsZWFM3EwkFZApzKk9DOyZ8UAdge3VYESIrJVQGdDE1CEMnMXxYETssJwYKdDR8WBlhdm9bBHx0Zx1HMyV8WBEiNjUFCmN0clEHZXF2XQJjcHc
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKW4BNKnaNxpLvix3%2FOfa8eNa%2BP1pbB9AcEO0YBiNIe4qqyBeO5eIFMCaQYgUxI25DEQXtvNuo4kBM10DtKIjqp0H%2FmmWnTP9%2BZegcHBpdB%2FzmnY9gTE8xbqVxnv7Ab1E9bL8lB%2B0vd8SO35"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b50da6b2a3b4a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 3230648 Show response
forfrogadiertor.com/400/ 66 KB
25 KB 66ms
28ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/400/3230648

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

71d7aae13cfd4efef9685805dc31c17586d4d7637fc653740c486338df9087a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 75ca2a86a83c81f9676d7c7bb0ce0b06
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
29 KB 89ms
45ms Fetch
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25b9373c2fe3e4a42745b2dbebf64e446dfa9b01713a5e7175637da2d1d79e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30001
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://exey.io
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 35ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Origin: https://exey.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2604742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1309
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgAyrRpysvJTVLgDOUnnCW1fX9LLVuNs0OOqxhsoTnzxm8MqVq4LV%2Bd1NyMVoxUFBSMkuQWwRddMPqE%2B6jij8PDpgaUSST9ZeTDYjE07q5QCLYi54CHp2cvAduCx5rHgI7AIKoIV01djGf%2FW2xl%2BWfoq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b50da6b7ec50ea7-FRA
expires: Fri, 18 Nov 2022 04:29:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 141ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5278
date: Sun, 28 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Nov 2021 05:01:07 GMT

GET
H2 200 / Show response
freychang.fun/ 15 B
343 B 132ms
106ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ad64784a427d4617cdce56efa04225c02554e4835f33649287ed43a169b7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHv1G3PlSil5TcEe2niWC%2BPNpLPY20Ze2ErPI66wEJKpjgkNHdiqGEtc5uRV%2B9Fn%2BAN3VfBtTRA0N%2FJ3py7wYj4rQbnEIwkAUR91FXmfp0%2BGgg06O6v7ZXHGGHQiDdwnjcWcPgWlAqbOgpjq"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b50da6c78504345-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
freychang.fun/ 16 B
719 B 112ms
100ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64e6aeca362be5273cd6e6621080f7443bda9992f2f6ae18dda79e0bd8031f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ4cFE2QfUIvqNH4U3gPWsV0jgnHFV9E0%2FD27YKv7phYRHbhDKmfEtevUxuIzHfDIXr621lH%2BhNmQe3DDhhkoM3zHqdk9OmFmtsYsq7hq1MwcR1JJ6SzRlAw3sN00RmI2iCymDDqYDwjvfyY"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b50da6c78524345-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ddTNpZksWXAcAdAFaDVtzRwFcVH9TWRoJJQUOJgcJQEQBBSMcRAdAPw9XVFZtGVIHAXZTVgcFdkQVCAIpSAdPEjsaWFQRLRJSHQk7F0ELQD4UDgQJMRxfBQduR3VcSHtQAVlOPBxdDQk8BhZbViUBFltWekUdWUN4NxZbVjwcXV9SbkZxTFR7DQVdT25HAw-gWOxl... Show response
d2sbzwmcg5amr3.cloudfront.net/ Frame 3121 639 B
738 B 183ms
182ms Script
text/plain 2600:9000:2182:8200:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/ddTNpZksWXAcAdAFaDVtzRwFcVH9TWRoJJQUOJgcJQEQBBSMcRAdAPw9XVFZtGVIHAXZTVgcFdkQVCAIpSAdPEjsaWFQRLRJSHQk7F0ELQD4UDgQJMRxfBQduR3VcSHtQAVlOPBxdDQk8BhZbViUBFltWekUdWUN4NxZbVjwcXV9SbkZxTFR7DQVdT25HAw-gWOxlWHgMpHlodQ3kzBlpRZUYFTFR7XVgBEiYZFlslbkcDBQ8gEBZbViwQUAIJYlABWQUjB1wEA25HdVBQZUUdXVB9QR1dU25HAxoHLRRBAEN5MwZaUWVGBU8Tdg
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/OFZRblRZNDIDa1lrM0ghSjpsS2Z+c2MoMAolMxQjVTU2WzVVJGJAN1Q5JAoySjk/GnpWMyVLZn4yNToaSAw6HQNgFzIvMHkQMCoCTCwDGRJbABlXAG8EPiQeaQMeJDNbHAArBXoUAiM3ahc1LwRPbwk4EmIiFjgdcBcJNABuMTIoMFMHBy0VcSYCLzBoEzsdNW8QADwYahwCJgVTYRdeEXQHFVoBfDEAJBlqLjcsBVwjA10CWwUZGgV5AD0hBHouNSoFU24TBg5aADg7Fn46JTkxUwM1OQF2Yh8WDloAOxk3YABoPTZTDCk6EmphFT8CXAJjWxx5IXwJA3cuPTkcXxshJjhXMgBdP0IUPR4GYgMIKAB+BGY2Al8UFAcNYhA9HThaPTIqFmluNisWYjQHByNpAxAnHmE6ECwDaQM7LGVPExBcYXAyBywFYgMECgxuFGg/BgkyBFxhcBcpARx0BAMsFX0YZCMjYjcEOQJ/FARWAFwxdwQnVzghUxtZFGQZPFs+OBk6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b9bbe22ff2e713a5a17ebb9e9e252e6e3e0940a5158534e5ed6a07142815dc39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 460
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-id: 4MoFqPF4kdvH8SFgaJm5UXSv1IA8cYgduZ7b2Y5l9yA-zeBMWJLp3w==

GET
H2 200 AHFMampeWwI9fwACDj05WV1AfWgCUQEqNV9XTGocCwRHaHQGBF9sdAYHTGpqQVMPOShbF1sebwEFR2tsFEdU Show response
d2sbzwmcg5amr3.cloudfront.net/zMmlYWjJRBjY8DUYAPGcKBlpqbAMUAys1XEJULxUKdyIdAwAHIhZiWl9PLCBWD1l+NlNcDmV8V1wKZWsUUw06ZwYUHDlnX10TMTZeU0xqHAccWX1oAhoeMTRWXR4rfwACByx/AAJYaHQCF1oafwACHjE0BAZMaxgXAFkgbA... Frame 967A 178 B
461 B 183ms
183ms Script
text/plain 2600:9000:2182:8200:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/zMmlYWjJRBjY8DUYAPGcKBlpqbAMUAys1XEJULxUKdyIdAwAHIhZiWl9PLCBWD1l+NlNcDmV8V1wKZWsUUw06ZwYUHDlnX10TMTZeU0xqHAccWX1oAhoeMTRWXR4rfwACByx/AAJYaHQCF1oafwACHjE0BAZMaxgXAFkgbAYbTGpqU0IZND9FVwszM0YXWx-5vAQVHa2wXAFlwMVpGBDR/AHFMampeWwI9fwACDj05WV1AfWgCUQEqNV9XTGocCwRHaHQGBF9sdAYHTGpqQVMPOShbF1sebwEFR2tsFEdU
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/V0FINXE2IytYTjZ8KhMEJS11EEMRZHpzFWUyKk8GOiIvABA6M3sbEjsuPVEXJS4mQV85JDwQQxE7BVgdDhYifyMVKxENNQIYCWU2NAoKWQEmIwl4JBY4OwQpEgsdeQkCCixMODMAP3Q5HikSXCY7eBh5MhUWDAQdcnMKex0ZIgxYJ28XeUI6DRY7YCQgcX5vBg4UAHEdORl5BSUaFRJQJGc5OX0wNCIfbUA4ACBaFBoVGmIpBXU6UwYWAgpMCXJzDnQwHRgpfSAUB3laEDE2CXY5PQR4dzANDClNFg8ADl4WNQARVyUQMTlgQR4bBnFIERc/RgsacRFtJi9sfUMwBhcAVEMgGQlzHSAMHkU2FQUaEEMRAABzPDYsOFAmIAhxUwYWAgxfQWIWHgQwMRYvdiQGBDl7J24ZHHIeNAI/Zzk2CRlyMxF4O1EwDgkccgEmEB54IRgSIFc3ZjItVwYSBxoHBSQHDVEkcSs7Wh8nfD96SRIKDWxDYgoGDRk6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49372305a487a7edcc6df60b94d4080e14b0b85efa23f904fc18c9dfa053b35b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 183
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-id: ygLVmoHSzOin05PMBRL-cAlPLgsYqce5c_jVDw1jaYIitY36lWJSKQ==

GET
H2 200 apu.php Show response
cdn.itskiddoan.club/ 68 KB
27 KB 75ms
29ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddoan.club/apu.php?zoneid=3472522

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

00b058ed3ba5d2bfc039bdb7f527e1756f3fc2d3e570ad89b554e253e8d7ee87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: bc5ecbf791760b544f49851bfb2a5dc7
pragma: no-cache
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
cdn.itphanpytor.club/ 7 KB
4 KB 62ms
16ms Script
text/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/1?z=4041180
Requested by: Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6e96876226490820baab3bc478bbdfafddf2d52cd6ce537d96f9679c31d44d51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-sc: kIvmicG8p5YydJ5L4OUbtTKbQBgIEFl8eW8VDQ12p1fOr3Egyg_SP6xU23lfwMsf5hQ6Q9gOVvNZ3Q6kJl3S-dI-T9c=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.js Show response
tagcachestaticx.com/ 50 KB
18 KB 42ms
18ms Script
application/javascript 2606:4700:3033::ac43:b4cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tagcachestaticx.com/tag.js
Requested by: Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9554e80e9205a72958e651c671af8454206f962a3b73a8d1d1da08436020fc48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 19:04:24 GMT
server: cloudflare
age: 1231
etag: W/"619fde38-c7ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uom9ckmb3gidEDwNQs8w6QyzrmSNIxNNpQ2ac8vH%2Bi7eBhG%2BqBcE%2FP0itfpDhQgPqK0Xra3vU7V%2BPuEqa6mmMXsJxxb2uDZAHAgiJl79ZRMddAsVN2Ytl9kf2MFisZCfOpSKRaAGG9EDQ2SvFM%2FyXi28"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b50da6cbf390601-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 OAdTBWAhAFMFYH5EWAd1fDZTBWA4HRgBZGpHNBJifwxAA3lqRkZWID-8YE0A1LR8fQ3V9MkMEZ2FHQBJif1wdXyQiGFMFE2pGRls5JBFTBWAoERVcP2ZRRAczJwYZWjVqRjAOZmFEWANmeUBYA2VqRkZEMSkVBF51fTJDBGdhR0ARJXI Show response
d2sbzwmcg5amr3.cloudfront.net/eN1BPdHZUPyESSUM5K0lOD2l7TUIROjwbGEdtJxkbYiIbDjQHdjsOEgpgaRgXWTdyUhNZM3JFUFY0LUlCESQ/Gx0KJykTF0M/PxYEVXY6FUtaPzUdGlsxakYwAn5/UUQHeDgdGFM/ Frame EA16 809 B
854 B 172ms
172ms Script
text/plain 2600:9000:2182:8200:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/eN1BPdHZUPyESSUM5K0lOD2l7TUIROjwbGEdtJxkbYiIbDjQHdjsOEgpgaRgXWTdyUhNZM3JFUFY0LUlCESQ/Gx0KJykTF0M/PxYEVXY6FUtaPzUdGlsxakYwAn5/UUQHeDgdGFM/OAdTBWAhAFMFYH5EWAd1fDZTBWA4HRgBZGpHNBJifwxAA3lqRkZWID-8YE0A1LR8fQ3V9MkMEZ2FHQBJif1wdXyQiGFMFE2pGRls5JBFTBWAoERVcP2ZRRAczJwYZWjVqRjAOZmFEWANmeUBYA2VqRkZEMSkVBF51fTJDBGdhR0ARJXI
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/UmF6M3EzAxleTjNcGBUEIA1HFkMUREh1FWASGEkGPwIdBhA/E0kdEj4OD1cXIA4UR188BA4WQxQENAIzAgUyaSQCGD9gIgcsT3hBPi4+AR1lNS96Ix0LDVE2FwUOeQk5AyNaODAlEGI5NgsJfDQ1ER1SIzU5LWcVKzQSfSsfUjB1JBQ4Sn8kPiI/YCB3Uzx0CWIqMEoaBidKflRgJypLKBc3ImpHFDQOUiEoNB50HSEZG1goJSAUBlRgJy9mIBoEPlQVFSc3FkMULjtXJRA2O1swFCw8ajlnJC1yFWMHPmklEDY7BzkABjhpNiIpNHE7OwcNSzATUhZCIzk7LXo1f1kjdkETUDZhSTQwSWVIHwo3ditgJzJiMxgIHAIGNjkDYhgVJzd1NGARPWEdIVQwcTcGIy1yHhczLFAhYDsoYTAxGzBEKAg2EGUAAAs7fCs/Jz9kMBwMH2YzCyBIZQAACiB2PAEKLHE3Z1AcZzsWIz1XGQBRO2E7CihcWQI9DwoOGT8ML0ElKCNK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 96069b5280449feb9eed844f8c45f328e8fb2e96046599d081b0354dde890b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 577
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-id: q10bDrc8MyJt7F1Aw-mArXrhG6haseNyMKx77sy9zu2odleVTYBOog==

GET
H2 200 FS4NDzgVNEZZZwwzRllnU3dNW3JRBUZZZxUuDV1jR3QhTmVSP1Vffkd1Uw-onEisGHDIALAofclABVlhgTHRVTmVSbwgDIw8rRlkUR3VTBz4JIkZZZwUiAAA4S2JRWzQKNQwGMkd1JVJhTHdNX2FUc01fYkd1Uxg2BCYRAnJQAVZYYEx0VU0iXw Show response
d26adrx9c3n0mq.cloudfront.net/7R2NrV2IkDAUxXTMKD2pbdFpcYFdhCRg4DDdeGjomdzQGAhQyIiwuRDMZD2pSYQ8KOQV6RQ45AXpSTTYGJV5fcRY3DABqFykHDjELKQYPcRcmXgY4GC4PBzZHdSVeeVJiUVt/ Frame 46DB 240 B
508 B 172ms
171ms Script
text/plain 2600:9000:2182:2200:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/7R2NrV2IkDAUxXTMKD2pbdFpcYFdhCRg4DDdeGjomdzQGAhQyIiwuRDMZD2pSYQ8KOQV6RQ45AXpSTTYGJV5fcRY3DABqFykHDjELKQYPcRcmXgY4GC4PBzZHdSVeeVJiUVt/FS4NDzgVNEZZZwwzRllnU3dNW3JRBUZZZxUuDV1jR3QhTmVSP1Vffkd1Uw-onEisGHDIALAofclABVlhgTHRVTmVSbwgDIw8rRlkUR3VTBz4JIkZZZwUiAAA4S2JRWzQKNQwGMkd1JVJhTHdNX2FUc01fYkd1Uxg2BCYRAnJQAVZYYEx0VU0iXw
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/QU5KUFcgLCk9aCBzKHYiMyJ3dWUHa3gWM3N4KzQlOXcpYzlxIzt+NC0hPzQxMyEkJHkvKz51ZQd5GGIZMxh4GTwFDx8oDxUDARRlMSwuFiciFww0PwIcLWQTBSovFz0uIy4qBgYPIgEuCCc9JQUFAxAUZTEdEwFvCgEbBmETH35lFhk+GQQDGAkABmInLRgJZAUPCCEROCUCFD0EAgEBDhEtGDM6GSkTZBACehoSLRsGLgMBJCscGj4UGD51ZQcIGWQZBTQtBhkEFBAKIDY0GDw7Lxt5NBkWfQACFRQUEAovFDsOBmYrHHkBPxUjHAMHcBgsNjwlfx8nei4gDzkkBgYOGRYNDyU2NC0PCAY7KSkeGAUXGicGBCM5LRQeNnY4AjsqGxhjARUMMGQdCCUQCg02GyMRFgB6GWIdExkwARwPHz0XGioqexoBCyYeGDMPFngWAiJ+ezYOKip7BS8mfAgTDhMPJBoGABgQCQ4ENnoGAnEnEidxKz0lPid8PycUZxYjHyYiAAkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9e51f67f448f9e4815af58ea0bf6c1c012f9969beff06e855d1ee2c2f8232c5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 231
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-id: YexmMQydit1Zs4fXMldNAm_fWB5HQKjrOrojLnhQM4AvHe-5Nj1pJg==

GET
H2 200 dUpIAXdjEgJaKDVFHHMEED85ZTAuAAZZYDECFQh2YxQQWyF4XhRbJXhJV1QiJ0VFEzI1FxoIPyAaFF0kMx0SQmAwGUxYKT8RHVknYEo3AGh1XUMFbjIRH1EpMgtUB3YrDFQHdnRIXwVjdjpUB3YyER8DcmBLMxB0dQBHAW9gSk-FUNjUUFEIjJxMYQWN3PkQGcWtL... Show response
d26adrx9c3n0mq.cloudfront.net/aRXhxNUYmFx9TeTERFQh/ Frame AAEB 808 B
860 B 174ms
173ms Script
text/plain 2600:9000:2182:2200:b:b271:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26adrx9c3n0mq.cloudfront.net/aRXhxNUYmFx9TeTERFQh/dUpIAXdjEgJaKDVFHHMEED85ZTAuAAZZYDECFQh2YxQQWyF4XhRbJXhJV1QiJ0VFEzI1FxoIPyAaFF0kMx0SQmAwGUxYKT8RHVknYEo3AGh1XUMFbjIRH1EpMgtUB3YrDFQHdnRIXwVjdjpUB3YyER8DcmBLMxB0dQBHAW9gSk-FUNjUUFEIjJxMYQWN3PkQGcWtLRxB0dVAaXTIoFFQHBWBKQVkvLh1UB3YiHRJeKWxdQwUlLQoeWCNgSjcMcGtIXwFwc0xfAXNgSkFGJyMZA1xjdz5EBnFrS0cTM3g
Requested by: Host: alukizeia.one
URL: https://alukizeia.one/VDRoOG81VgtVUDUJCh4aJlhVHV0SEVp+C2YCCVwdLA0LCwFkWRkWDDhbHVwJJlsGTEE6URwdXRJVOmAHLHo9YQISTFFsCgBxOn4+PBFafgsBRCF5NzBeLV8lNX8sbikcfCV9KhAMXWI7FUEpeTUObSx9LBJlAAo2LGU5bxYSADBQPTZ+MFAlAgU5USVkYi59FR0FLkAAHWQReQ4SclhTIiwEO2kCFUMvbRcNfzwAPRxiA1Y2EVtbeSg8BTBtIhJWAnE9HAUtSCIzQD16XA1GLH4+HFAGaiYMQz5SCz5EPXpcDU0talcQVwV6IxlMKggLBXYgeThtUztTQhJhJlI6AXItcQUeTCVhPgN6W2gEBXMLbxsYZhB6XzBiKVk3AH0HfikFfCpvLR9lPlMZGFxZbS1nbQFwPR5RI28XMGUfbQMYZQddOBd6D2sFN3kLfxsdbB9+GDcEEF4uDHoPawQScyJBIg51WUAFME5dfS06chprXzdgJQsIcl4bVwEkCQV+LQFzIGgZP0wfVA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 60e48cfc86fe1a199e7b1d3abd35b2674a22f3501ddd2ce9d88e3445f5a442e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alukizeia.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 584
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-id: XyCt7C5wpC2fq2ow-Tsj9OYK6dk2NiH8iv7NK1eCHeUspC87zFlmKw==

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 153ms
58ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tagcachestaticx.com
URL: https://tagcachestaticx.com/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 14845577203849278557
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 179ms
92ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 136ms
50ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 143ms
57ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 182ms
97ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 133ms
48ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: exey.io
URL: https://exey.io/IPrKpeW1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Nov 2021 04:29:05 GMT

GET
H2 200 bbb07d681d5b5503eca0adbbc4bd0c9f Show response
cdn.itphanpytor.club/27/ 384 KB
123 KB 29ms
26ms Script
application/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itphanpytor.club/27/bbb07d681d5b5503eca0adbbc4bd0c9f

Requested by

Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4041180

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

307eefdc0600ba0495c999ff6fd97baa6e33a1d780414a4970cc5b760d523b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 07:33:35 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Tue, 16 Dec 2081 07:33:35 GMT

GET
H2 200 38 Show response
cdn.itphanpytor.club/42/ 0
494 B 41ms
39ms Script
text/plain 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/42/38?z=4041180
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4041180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
539 B 46ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=b517ce96c81249b08d0b86b8bf65478d

Requested by

Host: cdn.itskiddoan.club
URL: https://cdn.itskiddoan.club/apu.php?zoneid=3472522

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6a67fafea90451f778831799db3cf4a3f5984313c6d379feedfbbfba29d27dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exey.io
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 93ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1158602852&t=pageview&_s=1&dl=https%3A%2F%2Fexey.io%2FIPrKpeW1&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2036874214&gjid=1498912458&cid=917777979.1638073746&tid=UA-135952122-1&_gid=1099032809.1638073746&_r=1&gtm=2ouba1&z=1435504191

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exey.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
537 B 23ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e007c3c48969bc85d8a0923546480fea93d782771f7cc8fdea6f78df7ce4aa6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exey.io
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

OPTIONS
H2 204 9
cdn.itphanpytor.club/ Frame 0
0 39ms
12ms Preflight 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=4041180&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://exey.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 28 Nov 2021 04:29:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://exey.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 9 Show response
cdn.itphanpytor.club/ 7 B
539 B 15ms
15ms XHR
application/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=4041180&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/bbb07d681d5b5503eca0adbbc4bd0c9f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 /
cdn.itskiddoan.club/ 0
0 17ms
16ms Fetch 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddoan.club/?rb=JOigeokbKY590cHSjN34-H9Sc9IWazPkkhoV0TywPXCnRftrNUSeDRIzDMCCUO4LzatwuQ5YoH8xjYbSXBV49zXpb_F8ZLnAEYdnR80uq_fa58VCqZpL4TUN7x7KwfhE3LkHzhdi3z1iNdUZwX5-DRKMbs5NiFeDjd0yHbxZcy65Kf7j4LzMAjM7y97USZtrJpS8fNDjkxBJmdUDea7bVUt5rfSQYPn7bitP9f8-e2DePrbQThAO7NGb1rTdjmhxCMxhDVpAyVtEwVTT&zoneid=3472522&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=5052fd76-15fb-4ea2-ada9-c330b2df7173&userId=b517ce96c81249b08d0b86b8bf65478d&m=link

Requested by

Host: cdn.itskiddoan.club
URL: https://cdn.itskiddoan.club/apu.php?zoneid=3472522

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 1bda7a3ae0d92cefef39acd34d3cbf7f
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exey.io
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
forfrogadiertor.com/500/ Frame 0
0 37ms
12ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/3230648?excludes=&oaid=f3e02517fb3e407ea68e282f4c017804&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://exey.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 28 Nov 2021 04:29:05 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://exey.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3230648 Show response
forfrogadiertor.com/500/ 4 KB
2 KB 16ms
16ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c218a574b61aab98007c481278f22f863b84dacca1e300e1bcf714cbebd7817

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 40569b1846558a73e909d3aae429d7b0
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
432 B 94ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 03:05:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 04:29:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 04:29:05 GMT

POST
H3 200 tc Show response
onasider.top/ 1 KB
1 KB 256ms
244ms Fetch
application/json 2606:4700:3034::ac43:d5ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onasider.top/tc
Requested by: Host: d26adrx9c3n0mq.cloudfront.net
URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=939775
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d5ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ed6f56ab8b6cf1898581c18a1ee036f342f86bb486f9c955cbfdb814d3638b

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Nov 2021 04:29:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://exey.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrKO9mh0JAYxX1HjzkDqwoj0uElS%2B5R4U411fGclyZIjv6lnlnmnaQDsplaHlleobRHBPi3MiyI4gxievwBKr6RVK7S4dbtkVlB1JzobmpOSdINt6hUfODyyYpXyLWVoNvjYYrXty%2BRbNo4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b50da6f2e58c29a-FRA
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H2 204 tc
onasider.top/ Frame 0
0 128ms
101ms Preflight 2606:4700:3034::ac43:d5ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onasider.top/tc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d5ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://exey.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 28 Nov 2021 04:29:05 GMT
access-control-allow-origin: https://exey.io
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rc5OyXq3gpRW%2FsfKfoOQte2vsdUwJ8HDDgFMR%2BeRP%2Bk%2FlKpXBGhgjlXB9MPXCbaNq5qc5%2BDUcRfiggzS99VDjndKXGgOM%2FnyqWIKXGupOUch%2F8jz6pj7kpzORqoPs6qCJ7AAG0R0sj%2BVUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b50da6e7fab7034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 088308167711.png
static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/ 2 KB
3 KB 68ms
20ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/088308167711.png
Requested by: Host: exey.io
URL: https://exey.io/IPrKpeW1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 64c0bd3667e1ef5d9ab4faf2a92275cf9d89e9e839b94bd6adc92ac24a58dba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:05 GMT
Last-Modified: Thu, 15 Oct 2020 15:00:58 GMT
Server: nginx
ETag: "5f88642a-792"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1938

GET
H3 200 popunder.gif
uleqasfor.one/ 35 B
660 B 29ms
14ms Image
image/gif 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uleqasfor.one/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 28 Nov 2021 04:29:05 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 21:24:59 GMT
server: cloudflare
age: 111846
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNbNx065nBXTngSw3iNECsHfVc4hEyoIkaDprBCnHonfFxx3hzcPz9F0%2Fk8OJUsjuqJqG8zsoi7dMdUK9N3epQye6Ta2dwDtMbvIRbrb01jDmly6HMebuSZDp7EliZoYW1ml%2Bdy2xDy17JcN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b50da6f4ea76907-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 XZlpfsZbvg-k8i--kjlzP67okNcpgyyAMSLS5WLmvkHRPtcOpux7Ac5wFv4IZ3Kr360UXVlYhYEapAUk59qz_tRYzTZDDEdTj8MpsvZgbKMcnONeAvpKi6-U5ghZETFO6_PwkUJe-fX7U9Ku4vIImCMDRFFnpUVKVXrB9aknKuqSDF_i-6Mm6jm9YR8eW8MfwaUCM...
forfrogadiertor.com/impression/ 43 B
421 B 15ms
15ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forfrogadiertor.com/impression/XZlpfsZbvg-k8i--kjlzP67okNcpgyyAMSLS5WLmvkHRPtcOpux7Ac5wFv4IZ3Kr360UXVlYhYEapAUk59qz_tRYzTZDDEdTj8MpsvZgbKMcnONeAvpKi6-U5ghZETFO6_PwkUJe-fX7U9Ku4vIImCMDRFFnpUVKVXrB9aknKuqSDF_i-6Mm6jm9YR8eW8MfwaUCMqYeK5hxzlYXgsaq9KmBBWsoKV60zmuPdr-5SD2UrIkC1KHt_GzJW_YnjJ-nxW7XhYdmHseKWfj23NOfr2ptyVZz22urvwP0Vb6BrMdY0EIJsQlVy_zru5AKL8Fam52NmQ0Qolu1OaUAPnENkHdW0SJL8-kULxo06uBlEpkbnQkIonek6lrpthcq3d_FkomssA==?_z=3230648&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: d0a9e478533906bcb7ec8af24af0ed4a
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:05 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK add
tagcachedataxrt.com/log/ Frame 0
0 47ms
12ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tagcachedataxrt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://exey.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.19.10
Date: Sun, 28 Nov 2021 04:29:09 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://exey.io
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK add Show response
tagcachedataxrt.com/log/ 12 B
477 B 14ms
14ms Fetch
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tagcachedataxrt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tagcachestaticx.com
URL: https://tagcachestaticx.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json;charset=utf-8

Response headers

Date: Sun, 28 Nov 2021 04:29:09 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://exey.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 3230648 Show response
forfrogadiertor.com/500/ 4 KB
2 KB 25ms
24ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/3230648?excludes=8466920&oaid=f3e02517fb3e407ea68e282f4c017804&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

448d168c375cd24bd820efdbf951376e38180388c2f642b70b7ec493df010c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a1c576b43171a30fbea3bf7c84ec0bdf
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
forfrogadiertor.com/500/ Frame 0
0 12ms
12ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://exey.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 28 Nov 2021 04:29:06 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://exey.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 0233580931136.png
static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/ 984 B
2 KB 13ms
12ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/0233580931136.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1704b5646565ec4a94432bd3c4f016d8146b64bff6d07c2c1d32bada5619340e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:06 GMT
Last-Modified: Thu, 31 Jan 2019 10:53:19 GMT
Server: nginx
ETag: "5c52d39f-3d8"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 984

GET
H/1.1 200
OK 088308167711.png
static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/ Frame DCC7 2 KB
3 KB 12ms
12ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/088308167711.png
Requested by: Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 64c0bd3667e1ef5d9ab4faf2a92275cf9d89e9e839b94bd6adc92ac24a58dba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:06 GMT
Last-Modified: Thu, 15 Oct 2020 15:00:58 GMT
Server: nginx
ETag: "5f88642a-792"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1938

GET
H2 200 adJ5B17OOLT5B0Bljq8Sl3lVMB6VcCsGgxkbSohaDQzykkZwEpafP0PET3GkOC0ntOa81H91mEemvj3FMHmz3eJ90pR6ulkJ5ZGOPvdwaH4nhRAqe-uHhFFMnaUjA3Kf5LEGhGv5mH2P7v1pKuFYiLqDStRlWreRr0kxDBq7QYud7KWhxUlH27W9YZFcnVVpL1QsA...
forfrogadiertor.com/impression/ 43 B
421 B 14ms
13ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forfrogadiertor.com/impression/adJ5B17OOLT5B0Bljq8Sl3lVMB6VcCsGgxkbSohaDQzykkZwEpafP0PET3GkOC0ntOa81H91mEemvj3FMHmz3eJ90pR6ulkJ5ZGOPvdwaH4nhRAqe-uHhFFMnaUjA3Kf5LEGhGv5mH2P7v1pKuFYiLqDStRlWreRr0kxDBq7QYud7KWhxUlH27W9YZFcnVVpL1QsAIO11KjoIJcsHwMDSDfPsYEgsqh9k1eX6QFEkbikgVAOhEEo-pek9wkMIcgwFuqG2VDF6O_zj-W-g5bSaQyAvedRFFj6a3b1HZJx46njDuS4lF8Vy2NzObj69DBmgLHxvciAqnI6SKb1ZKaDE0kNwk8hSNzCPU1ooBwkmCe4x8wmv8murv6lpZFd4gRJ6b5U2Q==?_z=3230648&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 6b8c437fcb07f39919403c5cc09bbf9d
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:06 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 3230648 Show response
forfrogadiertor.com/500/ 1 KB
1 KB 18ms
17ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/3230648?excludes=8466920,8466921&oaid=f3e02517fb3e407ea68e282f4c017804&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

22dcfe7213af6f65016391e45f33a482a551f7d79714103f752fc80364d629dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://exey.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 858d59382ceb93715ee95e1a0b9f18d7
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://exey.io
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3230648
forfrogadiertor.com/500/ Frame 0
0 14ms
12ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://exey.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 28 Nov 2021 04:29:07 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://exey.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 12ms
12ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:07 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

GET
H/1.1 200
OK 0233580931136.png
static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/ Frame DCC7 984 B
2 KB 12ms
12ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/0233580931136.png
Requested by: Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1704b5646565ec4a94432bd3c4f016d8146b64bff6d07c2c1d32bada5619340e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:07 GMT
Last-Modified: Thu, 31 Jan 2019 10:53:19 GMT
Server: nginx
ETag: "5c52d39f-3d8"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 984

GET
H2 200 GZFnXC5G43lF4hezMhGHQgyUFLYlqv_7Uj7HtBHEp_Lh9Wet-vP1NYSytdE5rd7lOxLfO7kKEl_z8e3xlS6ZmTEnaGga5DrqrDJC9CJlQLWktjU0e2f-H-RyJ5F_zi4xk2BDMnnpE2xHja3UTcUSBYKdTciRI4JxJEJYQhtN9Kgw4bEwEz8QVhtjmZ7eRUSNBiemS...
forfrogadiertor.com/impression/ 43 B
421 B 15ms
14ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forfrogadiertor.com/impression/GZFnXC5G43lF4hezMhGHQgyUFLYlqv_7Uj7HtBHEp_Lh9Wet-vP1NYSytdE5rd7lOxLfO7kKEl_z8e3xlS6ZmTEnaGga5DrqrDJC9CJlQLWktjU0e2f-H-RyJ5F_zi4xk2BDMnnpE2xHja3UTcUSBYKdTciRI4JxJEJYQhtN9Kgw4bEwEz8QVhtjmZ7eRUSNBiemSUOUpDYurkXzJNUPn959uXe9BJ3alNgj3jop0soYfBpz-XBXfwSOqPIHi1uU_vRcfYeq2HN62wuKvQPCgezI8FU1Kgi7RA0MX0fBkI4=?_z=3230648&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fexey.io%2FIPrKpeW1&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exey.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 33136a5d0dd7b16c00bf4ef23cbdff08
pragma: no-cache
date: Sun, 28 Nov 2021 04:29:08 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ Frame DCC7 2 KB
3 KB 12ms
12ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3230648
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 04:29:08 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.itphanpytor.club/42	1970-01-20 07:46:49	Name: OAID Value: 3ae22a9a62c4428d8c0c0ad3a76fef65
cdn.itphanpytor.club/42	1970-01-20 07:46:49	Name: oaidts Value: 1638073745
exe.io/	1969-12-31 23:59:59	Name: AppSession Value: 90a5bf25935db1760cf287673aa90e96
exe.io/	1969-12-31 23:59:59	Name: csrfToken Value: 7863e1f6b69207a5f33a3cda21dc5e2cc0cfa0e05131a7e91babab677151adc70c1809e55cb4ba3dd8ac5246a984f7132b0c8aacbb4c7b5e6b19953ebf72725a
.exe.io/	1970-01-19 23:01:15	Name: __cf_bm Value: JiWNywZ9GOLDoOwhcsGHGMbr7ywLoqWySO2yfFXMg24-1638073744-0-AT9LUlLig6opHZdIeCk7geQFYs4RX9vIFwTUpGWgHRcGr4Kq7fMXM8LbemS+xisnNfJScTXUDvaSQvLqODXhh6L7ALKd5BQwemvwHNX+7hEpOW/GGRAQxROfPSdBdtwu9A==
exey.io/	1969-12-31 23:59:59	Name: AppSession Value: 10af8863a659413b6540853d1d8b099f
exey.io/	1969-12-31 23:59:59	Name: csrfToken Value: 0f53b36776735559fd8914e98d3a8a19553edd66ace1c858415563e6f4d43a6854ddae9a5dfd04b247e8a7b30b2ba82487dad6c39ee4f4a4bf7e4cbbde89bc0b
punyvamos.com/	1970-01-19 23:02:40	Name: GL_UI4 Value: eJw9jUtugzAYhHnTKAV1JA6QIzgRUFhWPUSXyGCbuAH%2FkXGDevtaldrVfJqHJgiCqCoRPrIY8RdvcBpr1nWK1e2oet68MnXp21qpqWvFpemUwkFvg%2BPjIl2C51kaafU0TCRkgRcf%2FTk3Q7tJkI6WG1EgXX1jKZCPlvZN2ipGYvgqkb1fLXlNV%2F5JFlHfetTGY8gQ0VbF5QH5hzbC78ojojMriyzA8b5wp8iugxZZiHS2XEiEb3iauJMz2W%2FkQm43R3eAFjH8939v4%2F3MkAn50JP%2FJneV9gd3Ukq3
punyvamos.com/	1970-01-19 23:02:40	Name: GL_GI10 Value: eJxljNFqwjAYhWs6u5UN5YAP0BewkJW63W7azZtd%2BQAh1L8SRpPwJ8q6p9cpyMC7w3fOd5IkEbMJhPGYyte6fJZVKeu6lIsF0h05iFWDp9btbeRBWd0T7j%2BJe20HZEw74yzEusHjJavWbQnjVTP%2Fx87WeE0hEO5aEwfgg7X97vYcC90XX9pY5H%2FFRZ%2Bd9NtBaoIHKilfqmJDfDAtheLtHbmlqIIn2iJfOvaOdSRMrvT8maV4MEF5dj9DNsI0mp5%2BnSXlui5QPKHRIRNH5TBPzg%3D%3D
cdn.itphanpytor.club/	1970-01-20 07:46:49	Name: scm Value: 1
cdn.itphanpytor.club/	1970-01-20 07:46:49	Name: OAID Value: 3ae22a9a62c4428d8c0c0ad3a76fef65
cdn.itphanpytor.club/	1970-01-20 07:46:49	Name: oaidts Value: 1638073745
cdn.itskiddoan.club/	1970-01-20 07:46:49	Name: OAID Value: b517ce96c81249b08d0b86b8bf65478d
cdn.itskiddoan.club/	1970-01-20 07:46:49	Name: oaidts Value: 1638073745
.exey.io/	1970-01-20 16:32:25	Name: _ga Value: GA1.2.917777979.1638073746
.exey.io/	1970-01-19 23:02:40	Name: _gid Value: GA1.2.1099032809.1638073746
.exey.io/	1970-01-19 23:01:13	Name: _gat_gtag_UA_135952122_1 Value: 1
my.rtmark.net/	1970-01-20 07:46:49	Name: ID Value: f3e02517fb3e407ea68e282f4c017804
exey.io/	1970-01-19 23:01:13	Name: prefetchAd_3472522 Value: true
cdn.itskiddoan.club/	1970-01-19 23:11:18	Name: syncedCookie Value: true
forfrogadiertor.com/	1970-01-20 07:46:49	Name: OAID Value: f3e02517fb3e407ea68e282f4c017804
onasider.top/	1970-01-19 23:02:40	Name: ci Value: 754651395234143

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://tagcachestaticx.com/tag.js Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
alukizeia.one
cdn.itphanpytor.club
cdn.itskiddoan.club
cdnjs.cloudflare.com
d26adrx9c3n0mq.cloudfront.net
d2sbzwmcg5amr3.cloudfront.net
d301cxwfymy227.cloudfront.net
exe.io
exey.io
fonts.googleapis.com
fonts.gstatic.com
forfrogadiertor.com
freychang.fun
my.rtmark.net
onasider.top
pagead2.googlesyndication.com
punyvamos.com
static.cdnativepush.com
tagcachedataxrt.com
tagcachestaticx.com
uleqasfor.one
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
139.45.195.254
139.45.195.8
139.45.197.188
139.45.197.236
139.45.197.239
139.45.197.241
18.66.139.30
23.109.82.18
2600:9000:2182:2200:b:b271:7c80:21
2600:9000:2182:8200:1d:bf0d:abc0:21
2600:9000:2182:cc00:12:fc33:3bc0:21
2606:4700:20::681a:267
2606:4700:3030::6815:2dcf
2606:4700:3030::ac43:8a0d
2606:4700:3033::ac43:b444
2606:4700:3033::ac43:b4cb
2606:4700:3034::ac43:d5ae
2606:4700::6810:135e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200e
2a03:2880:f12d:83:face:b00c:0:25de
00b058ed3ba5d2bfc039bdb7f527e1756f3fc2d3e570ad89b554e253e8d7ee87
0776b1ad8300d4ae23f6c672fa08170e1d85592460b31bf1968e00759401653a
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
1704b5646565ec4a94432bd3c4f016d8146b64bff6d07c2c1d32bada5619340e
22dcfe7213af6f65016391e45f33a482a551f7d79714103f752fc80364d629dd
25b9373c2fe3e4a42745b2dbebf64e446dfa9b01713a5e7175637da2d1d79e54
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
26bbadf324d400b12bea32f232b42870889357c483db6c1c4b1baa0202a41539
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2c218a574b61aab98007c481278f22f863b84dacca1e300e1bcf714cbebd7817
307eefdc0600ba0495c999ff6fd97baa6e33a1d780414a4970cc5b760d523b01
448d168c375cd24bd820efdbf951376e38180388c2f642b70b7ec493df010c55
49372305a487a7edcc6df60b94d4080e14b0b85efa23f904fc18c9dfa053b35b
49ac7b0911a6a81dc2331711bc245d81d0eadbebf6e5de902a10f5a122b9d5c9
4dbc18df3c08635e19445c6419ed0bf50b73683dea0445f0b0e6abfa4f5b496e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54ad64784a427d4617cdce56efa04225c02554e4835f33649287ed43a169b7bf
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
57b874ae9ae24220ee3cc1e330a88e387c8e6018c7247acda51695b550065598
60e48cfc86fe1a199e7b1d3abd35b2674a22f3501ddd2ce9d88e3445f5a442e6
6116e4808d220f8d9c0d38e62095e3f01537effd03236acd77fa414f9bb53cd8
64c0bd3667e1ef5d9ab4faf2a92275cf9d89e9e839b94bd6adc92ac24a58dba0
66219bc99ac30a346552ced8a3a2739c915b441219cfd9cf3dbef943cf7ca7bf
66b04442cdec89f673a5d9ab17e6428fd0d321de0dc1af76491387ebaf589a25
6a67fafea90451f778831799db3cf4a3f5984313c6d379feedfbbfba29d27dd6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e96876226490820baab3bc478bbdfafddf2d52cd6ce537d96f9679c31d44d51
71d7aae13cfd4efef9685805dc31c17586d4d7637fc653740c486338df9087a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
91fb1c757bc4430756d9b6571d977612cca6f0033a5acbfdc2210e00b4983a97
9554e80e9205a72958e651c671af8454206f962a3b73a8d1d1da08436020fc48
96069b5280449feb9eed844f8c45f328e8fb2e96046599d081b0354dde890b65
9e51f67f448f9e4815af58ea0bf6c1c012f9969beff06e855d1ee2c2f8232c5e
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a64e6aeca362be5273cd6e6621080f7443bda9992f2f6ae18dda79e0bd8031f5
a71fd61942c317a2e7663f0e565f85e4703c2f238c1b7b8bc2f64b47452a5297
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b9bbe22ff2e713a5a17ebb9e9e252e6e3e0940a5158534e5ed6a07142815dc39
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
ceb93c008225fc32ea73464e6698202e0a956e3cc266802f3be0dfcadcf2bd61
e007c3c48969bc85d8a0923546480fea93d782771f7cc8fdea6f78df7ce4aa6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69f795c950783a7d63fb1e113f81c9a7c05f240eb422ec52d111c01a03d77c4
e8ed6f56ab8b6cf1898581c18a1ee036f342f86bb486f9c955cbfdb814d3638b
e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

exey.io Open in urlscan Pro 2606:4700:3033::ac43:b444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

78 Requests

100 %HTTPS

69 %IPv6

23 Domains

26 Subdomains

26 IPs

4 Countries

704 kBTransfer

1823 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exey.io Open in urlscan Pro
2606:4700:3033::ac43:b444 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

69 %
IPv6

23
Domains

26
Subdomains

26
IPs

4
Countries

704 kB
Transfer

1823 kB
Size

22
Cookies

78 HTTP transactions
0 data transactions