urlscan.io logo urlscan.io
SecurityTrails logo

exe.app Open in urlscan Pro
2606:4700:e0::ac40:6f04  Public Scan

Go To Rescan Add Verdict Report
URL: https://exe.app/DBGH2
Submission: On March 16 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 24 HTTP transactions. The main IP is 2606:4700:e0::ac40:6f04, located in United States and belongs to CLOUDFLARENET, US. The main domain is exe.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 3rd 2020. Valid for: a year.
This is the only time exe.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:e0::ac40:6f04 (United States)

ASN13335 (CLOUDFLARENET, US)
exe.app
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.109.82.143 (Netherlands)

ASN7979 (SERVERS-COM, US)
venuegirtjive.com
1    2600:9000:2182:dc00:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)
dmmzkfd82wayn.cloudfront.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)
zunsoach.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.83.99 (United States)

ASN16509 (AMAZON-02, US)
hattimeivelog.biz
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Domain Requested by
4 www.googletagmanager.com exe.app
www.googletagmanager.com
4 exe.app exe.app
3 onmarshtompor.com zunsoach.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 zunsoach.com exe.app
2 fonts.gstatic.com fonts.googleapis.com
1 my.rtmark.net onmarshtompor.com
1 hattimeivelog.biz dmmzkfd82wayn.cloudfront.net
1 cdnjs.cloudflare.com exe.app
1 dmmzkfd82wayn.cloudfront.net exe.app
1 venuegirtjive.com exe.app
1 fonts.googleapis.com exe.app
24 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-03 -
2021-12-02		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
venuegirtjive.com
R3		 2021-02-01 -
2021-05-02		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
zunsoach.com
R3		 2021-02-20 -
2021-05-21		 3 months crt.sh
hattimeivelog.biz
Amazon		 2021-02-22 -
2022-03-23		 a year crt.sh
onmarshtompor.com
R3		 2021-01-13 -
2021-04-13		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://exe.app/DBGH2
Frame ID: 4764279F6DB0EFB5B7D4B17D30BC342C
Requests: 21 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=4d3d76e4a8444ec1b09988b50e4a9449&oaidts=1615877849
Frame ID: 01AF6062BD8F957EC78D2D10AC26D6BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

24
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

12
Subdomains

14
IPs

4
Countries

389 kB
Transfer

1129 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DBGH2
exe.app/ 		62 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d9061cd4b97b5123bf757b93d83d1bdf9696d289dddc411768de2f7b539dc12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
exe.app
:scheme
https
:path
/DBGH2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de416a1b2cd1b0c00c16dc78cab9bc2001615877849; expires=Thu, 15-Apr-21 06:57:29 GMT; path=/; domain=.exe.app; HttpOnly; SameSite=Lax; Secure AppSession=47ca1bffe5783b4f779ed6c327554922; path=/; HttpOnly csrfToken=bd2f6a4dd2442aa9679a08b3f42fdce53cbb263c2e257644e19e80e8a044a9ea0d3841e5f1b5e62b3e0e0e70a357eb8791b7d5962bba429989cbf59e0f3fccd0; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
08db6c59fc00004e493414f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sSHlNdHZ0lzGAxgGejLGPRyJ%2BMBn3%2BhbWGgagDZc4KaQN4Zb1T4vYP%2FqEVTgO60Z9Z0tKK9%2BvABcwWEnTQDXLTeIHZCNHwb5oW0cLqT9j%2F4aQCP%2F"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
630c166ff9b94e49-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		10 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed7417187bc535fe583beec5f8796cd36869aff2763265a2c29536530319c59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 06:32:23 GMT
server
ESF
date
Tue, 16 Mar 2021 06:57:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 06:57:29 GMT
continue.css
exe.app/css/ 		179 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exe.app/css/continue.css
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exe.app/DBGH2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
227042
cf-polished
origSize=211643
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08db6c5a7100004e49dc251000000001
last-modified
Fri, 20 Nov 2020 17:25:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HE9258%2BFDVW11564802mggVLGZqkV9gKQQzuFtsuOezk8nJohL%2FPV%2BvBp0OR7x68f62lR4esHYKdEcMDDj5p8bkIM%2FOrTvXW1YgcTS9FIiZRPo9g"}]}
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
630c1670ba9e4e49-FRA
expires
Mon, 12 Apr 2021 15:53:27 GMT
api.js
exe.app/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exe.app/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/DBGH2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1jMAEx6f3gwo4HnozLVVkPnrr8lPcLQZkqZRMHv04Ww6ZGjfCvRHysk%2FXMoKicMmn1d8t5SvJ%2B12DbbZFM%2BYZ9zYFhDgM2u5LZdkJiFhUtUrD1C4"}]}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
630c1670baa04e49-FRA
cf-request-id
08db6c5a7200004e4901831000000001
29529
venuegirtjive.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://venuegirtjive.com/1clkn/29529
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.143 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 06:57:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
/
dmmzkfd82wayn.cloudfront.net/ 		288 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmmzkfd82wayn.cloudfront.net/?kzmmd=837035
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:dc00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ae638bc2beb9df81bc236be5b36d747b1c5ae6b40773f06ac2ffa1f27f8a3018

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 06:24:38 GMT
content-encoding
gzip
age
1971
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
DUS51-C1
content-length
91886
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
x-amz-cf-id
WuX6m6jP8-3G0dLjZw3UwXHNLiMl8mBz5IyLC2JVJOY6CDRoBh6Ztg==
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135952122-1
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30af5902452b38233f7a9d3dbf2d377e833dee3bb889125b7499983ca048ccbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39769
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 06:57:29 GMT
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-182436003-3
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59fb504250aba5bb01130df58e906693549be9c851167b8ba773e9d04681e7ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39824
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 06:57:29 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://exe.app
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
449600
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 11 Mar 2022 02:04:09 GMT
/
zunsoach.com/5/3309933/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zunsoach.com/5/3309933/?oo=1
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f70fee2623f6a01a944de2154431697dc5ba9c943a76c42ef02b3868bc6e6993

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
d7778576d966ddaeda8b63e362c5cb56
pragma
no-cache, no-cache
date
Tue, 16 Mar 2021 06:57:23 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://exe.app
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
zunsoach.com/ 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zunsoach.com/tag.min.js
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9517270889e511d31be677dc1c53d9bbceb1dc5819b7f6d6cf52fde30c08ba8a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-length
22119
x-trace-id
39854e16719bdf231c911af2ef836cdb
pragma
no-cache
last-modified
Mon, 15 Mar 2021 15:28:51 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bceefed3c8f1b7b60a6cc21acd808b892210c74aef9f27ed72c7980389ee10a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39491
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://exe.app
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 06:57:29 GMT
fuckadblock.min.js
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
Requested by
Host: exe.app
URL: https://exe.app/DBGH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://exe.app
Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6922798
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1309
cf-request-id
08db6c5ab1000005cca093b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e6b-1285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wtjgx8KnRePj9qw4KpGUNRFyt8iRN%2BiMzsJRaKkG8tg1GaQsJ%2B3XhkEGbcSWBNNh%2F296KVT1ZVyMDfuR0PTj57JqggXF8BuZ8hrQJgAVEg0w9rLN1N%2FBRVzuZ1dGpDpOvA%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
630c16711f6905cc-FRA
expires
Sun, 06 Mar 2022 06:57:29 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://exe.app
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 10:24:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:37 GMT
server
sffe
age
246781
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13780
x-xss-protection
0
expires
Sun, 13 Mar 2022 10:24:28 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135952122-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182436003-3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff268f13ce728983526408b0dd0884d0badbc8f7fa3d578810e4d4352b6909cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38983
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 06:57:29 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3294
date
Tue, 16 Mar 2021 06:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 16 Mar 2021 08:02:35 GMT
utx
hattimeivelog.biz/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hattimeivelog.biz/utx?cb=kYNp8khagqgo&top=exe.app&tid=837035
Requested by
Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=837035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.83.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 06:57:29 GMT
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://exe.app
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
FBlZ-xT_guKzY0TdsCtLuekgA14vlyilhqi78XSkTxmKTeobgbs6wQ==
result
exe.app/cdn-cgi/bm/cv/ 		0
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exe.app/cdn-cgi/bm/cv/result?req_id=630c166ff9b94e49
Requested by
Host: exe.app
URL: https://exe.app/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exe.app/DBGH2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 06:57:29 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NG0bbCVoDHXBqsokZOf0QFv5kMno2%2BJmWEyuPmFx9qzWQjQOv%2F0Q9FtGBxcTcpQPzLGJUQV09MXHDUsnsrJIti%2BlbbKxVq8I6Cp2Yf3yB2htnMjt"}]}
cf-ray
630c1671dc2e4e49-FRA
cf-request-id
08db6c5b2800004e49f2130000000001
collect
www.google-analytics.com/j/ 		1 B
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=312650070&t=pageview&_s=1&dl=https%3A%2F%2Fexe.app%2FDBGH2&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1275505142&gjid=1797402730&cid=299639031.1615877850&tid=UA-135952122-1&_gid=697322777.1615877850&_r=1&gtm=2ou330&z=1609870412
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 06:57:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exe.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=312650070&t=pageview&_s=1&dl=https%3A%2F%2Fexe.app%2FDBGH2&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=283341147&gjid=761393456&cid=299639031.1615877850&tid=UA-182436003-3&_gid=697322777.1615877850&_r=1&gtm=2ou330&z=1376488265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 06:57:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exe.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fac.php
onmarshtompor.com/ Frame 01AF 		203 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/fac.php?OAID=4d3d76e4a8444ec1b09988b50e4a9449&oaidts=1615877849
Requested by
Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8ead8710d0b9d122ebdf02419d6b8b1d03f093b6730e428ecfe082a4c301503c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onmarshtompor.com
:scheme
https
:path
/fac.php?OAID=4d3d76e4a8444ec1b09988b50e4a9449&oaidts=1615877849
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://exe.app/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://exe.app/

Response headers

server
nginx
date
Tue, 16 Mar 2021 06:57:29 GMT
content-type
text/html; charset=utf8
content-length
203
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
x-trace-id
9edd252c6271fff6a289bb5991fd51c0
set-cookie
OAID=4d3d76e4a8444ec1b09988b50e4a9449; expires=Wed, 16 Mar 2022 06:57:30 GMT; path=/; secure; SameSite=None oaidts=1615877849; expires=Wed, 16 Mar 2022 06:57:30 GMT; path=/; secure; SameSite=None
strict-transport-security
max-age=1
x-content-type-options
nosniff
img.gif
my.rtmark.net/ Frame 01AF 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=4d3d76e4a8444ec1b09988b50e4a9449
Requested by
Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=4d3d76e4a8444ec1b09988b50e4a9449&oaidts=1615877849
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://onmarshtompor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 06:57:30 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
options
onmarshtompor.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/options?option_args=CO2CygESIDRkM2Q3NmU0YTg0NDRlYzFiMDk5ODhiNTBlNGE5NDQ5Gi9odHRwOi8venVuc29hY2guY29tL2FwdS5waHA_em9uZWlkPTMzMDk5MzMmb289MSIQaHR0cHM6Ly9leGUuYXBwLzIkMDU2OTM1MjUtYWU5My00ZGY0LTgwMTQtYzA0YjJhMWFmODE3
Protocol
H2
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://exe.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 16 Mar 2021 06:57:30 GMT
access-control-allow-origin
https://exe.app
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
options
onmarshtompor.com/ 		0
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/options?option_args=CO2CygESIDRkM2Q3NmU0YTg0NDRlYzFiMDk5ODhiNTBlNGE5NDQ5Gi9odHRwOi8venVuc29hY2guY29tL2FwdS5waHA_em9uZWlkPTMzMDk5MzMmb289MSIQaHR0cHM6Ly9leGUuYXBwLzIkMDU2OTM1MjUtYWU5My00ZGY0LTgwMTQtYzA0YjJhMWFmODE3
Requested by
Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://exe.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-trace-id
45ec3ffbf8e8d18ebbb8be949f48fcb3
pragma
no-cache
date
Tue, 16 Mar 2021 06:57:29 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf8
access-control-allow-origin
https://exe.app
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| a0_0x433e function| a0_0x3d7e string| k object| _le345jsjkwh object| we1i7ssm7tn object| zfgformats function| setImmediate function| clearImmediate function| _pocoavi function| _uewbwo function| gtag object| dataLayer function| disableItToContinue object| importFAB object| __CF$cv$params object| google_tag_manager function| FuckAdBlock object| fuckAdBlock object| google_tag_data string| GoogleAnalyticsObject function| ga number| LAST_CORRECT_EVENT_TIME number| _592817105 object| gaplugins object| gaGlobal object| gaData function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup

11 Cookies

Domain/Path Name / Value
onmarshtompor.com/ Name: oaidts
Value: 1615877849
onmarshtompor.com/ Name: OAID
Value: 4d3d76e4a8444ec1b09988b50e4a9449
.exe.app/ Name: __PPU_BACKCLCK_3309933
Value: true
.exe.app/ Name: _gat_gtag_UA_135952122_1
Value: 1
.exe.app/ Name: _gid
Value: GA1.2.697322777.1615877850
.exe.app/ Name: _gat_gtag_UA_182436003_3
Value: 1
.exe.app/ Name: _ga
Value: GA1.2.299639031.1615877850
exe.app/ Name: AppSession
Value: 47ca1bffe5783b4f779ed6c327554922
.exe.app/ Name: __cf_bm
Value: 52900992b71707f8de9e6bdfea65ddb8bd764d9c-1615877849-1800-AY4leVG6zR+obDW41LGKh9uQmbsNWm35XEzeDhFL+4gUUtmijqZYUUJ/vgA3gOKLT8y1OO3y7xlgHgn2Z1VrP6AMWUs/9Zozl+X7YfO4SMe/CU2CyxhjhRuLRhr5zOJ+Lk7tTw5AmOncvhFkF5UlJfs=
exe.app/ Name: csrfToken
Value: bd2f6a4dd2442aa9679a08b3f42fdce53cbb263c2e257644e19e80e8a044a9ea0d3841e5f1b5e62b3e0e0e70a357eb8791b7d5962bba429989cbf59e0f3fccd0
.exe.app/ Name: __cfduid
Value: de416a1b2cd1b0c00c16dc78cab9bc2001615877849

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dmmzkfd82wayn.cloudfront.net
exe.app
fonts.googleapis.com
fonts.gstatic.com
hattimeivelog.biz
my.rtmark.net
onmarshtompor.com
venuegirtjive.com
www.google-analytics.com
www.googletagmanager.com
zunsoach.com
139.45.195.8
139.45.197.243
139.45.197.248
23.109.82.143
2600:9000:2182:dc00:6:2e3c:5fc0:21
2606:4700::6810:125e
2606:4700:e0::ac40:6f04
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
65.9.83.99
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
30af5902452b38233f7a9d3dbf2d377e833dee3bb889125b7499983ca048ccbd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
59fb504250aba5bb01130df58e906693549be9c851167b8ba773e9d04681e7ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8d9061cd4b97b5123bf757b93d83d1bdf9696d289dddc411768de2f7b539dc12
8ead8710d0b9d122ebdf02419d6b8b1d03f093b6730e428ecfe082a4c301503c
9517270889e511d31be677dc1c53d9bbceb1dc5819b7f6d6cf52fde30c08ba8a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
ae638bc2beb9df81bc236be5b36d747b1c5ae6b40773f06ac2ffa1f27f8a3018
bceefed3c8f1b7b60a6cc21acd808b892210c74aef9f27ed72c7980389ee10a0
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f2d5487d860696dee2e6037ae07ff063ae5959b8d4b4658a284f9dc9711ca1
ed7417187bc535fe583beec5f8796cd36869aff2763265a2c29536530319c59e
f70fee2623f6a01a944de2154431697dc5ba9c943a76c42ef02b3868bc6e6993
ff268f13ce728983526408b0dd0884d0badbc8f7fa3d578810e4d4352b6909cb