fex.net Open in urlscan Pro
172.67.202.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fex.net/ru/s/ppdfxn5
Submission: On October 29 via manual (October 29th 2024, 7:44:31 am UTC) from ES — Scanned from ES

Summary HTTP 81 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 16 domains to perform 81 HTTP transactions. The main IP is 172.67.202.114, located in United States and belongs to CLOUDFLARENET, US. The main domain is fex.net. The Cisco Umbrella rank of the primary domain is 813038.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time fex.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	172.67.202.114 172.67.202.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
16	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
2	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
11	212.124.124.19 212.124.124.19	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
8	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4003:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
81	22

16 172.67.202.114 (United States)

ASN13335 (CLOUDFLARENET, US)

fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 212.124.124.19 (Reston, United States)

ASN47328 (TRI-AS DigitalOne AG, CH)

aj1913.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4003:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	447 KB
16	fex.net fex.net — Cisco Umbrella Rank: 813038 api.fex.net	1 MB
11	aj1913.online aj1913.online	130 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	197 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	126 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	340 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
2	hit.ua c.hit.ua — Cisco Umbrella Rank: 313252	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	7 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	1 KB
1	google.es www.google.es — Cisco Umbrella Rank: 26285	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	539 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	733 B
81	16

	Domain	Requested by
16	pagead2.googlesyndication.com	fex.net pagead2.googlesyndication.com aj1913.online
11	aj1913.online	fex.net aj1913.online
8	fonts.gstatic.com	fonts.googleapis.com
8	api.fex.net	fex.net
8	fex.net	fex.net
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	www.google-analytics.com	fex.net www.google-analytics.com
4	www.googletagmanager.com	fex.net www.googletagmanager.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	c.hit.ua	fex.net
2	www.facebook.com	fex.net
2	connect.facebook.net	fex.net connect.facebook.net
2	fonts.googleapis.com	fex.net
1	lh3.googleusercontent.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.google.es	fex.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	fex.net
81	20

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
fexnet.zendesk.com
apps.apple.com
fex.plus
www.facebook.com
www.instagram.com
t.me

Subject Issuer	Validity	Valid
fex.net WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-07` - `2024-11-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.es WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hit.ua E6	`2024-08-23` - `2024-11-21`	3 months	crt.sh
aj1913.online R11	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://fex.net/ru/s/ppdfxn5
Frame ID: FB6658E744B1E57B7E50398B00258799
Requests: 58 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468
Frame ID: 455027F57BF6BF2996F36F4E7C1AA23D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B6C8FCBE4E08ECC24A48D4B09BF04E26
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 2531864757E8C6DFB352738FA2118B5B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: EA9B77FF4A5F0AA80CBFFF362C2A3E77
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&adk=1812271804&adf=2373185777&abgtt=6&lmt=1730187868&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730187868269&bpp=2&bdt=212&idt=200&shv=r20241023&mjsv=m202410220101&ptt=9&saldr=aa&eoidce=1&nras=1&correlator=7838457386580&frm=23&ife=1&pv=2&nhd=1&u_tz=0&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1488&ish=105&ifk=3879840188&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95344187%2C95345280%2C95345789&oid=2&pvsid=257865539763624&tmod=1108907112&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=1.39zkli5tzkq7&fsb=1&dtd=220
Frame ID: 5EFC77BC25220244DC1704F93917DFC9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&h=280&slotname=7672271343&adk=1297842133&adf=3279755397&pi=t.ma~as.7672271343&w=1200&abgtt=6&fwrn=3&fwrnh=100&lmt=1730187868&rafmt=1&format=1200x280&url=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730187868271&bpp=1&bdt=214&idt=229&shv=r20241023&mjsv=m202410220101&ptt=9&saldr=aa&eoidce=1&prev_fmts=0x0&nras=1&correlator=7838457386580&frm=23&ife=1&pv=1&nhd=1&u_tz=0&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3879840188&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95344187%2C95345280%2C95345789&oid=2&pvsid=257865539763624&tmod=1108907112&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=2.hi5vr9y6mv26&fsb=1&dtd=239
Frame ID: 66B5C7993DC9384B9E3AE7BF1CF07505
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: E7776066E8C63880D5296EC88BBDAC8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Файлообменник http://FEX.NET - Храни до 50 GB бесплатно!

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

81
Requests

99 %
HTTPS

52 %
IPv6

16
Domains

20
Subdomains

22
IPs

6
Countries

2427 kB
Transfer

9253 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.labracode.fex_android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/fex-id/id1281961720

Search URL Search Domain Scan URL

URL: https://fexnet.zendesk.com/hc/ru
Title: Справочный центр

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/fon/id1395149445?l=ru
Title: FEX FON

Search URL Search Domain Scan URL

URL: https://fex.plus/ru
Title: FEX PLUS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FEX.CLOUD/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fex_net/

Search URL Search Domain Scan URL

URL: https://t.me/FEXNETWORK

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request ppdfxn5 Show response
fex.net/ru/s/ 8 KB
4 KB 333ms
279ms Document
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fex.net/ru/s/ppdfxn5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2363b9fae1b894b0008d0457f8f4696ed0375baba554faa374f230c0010b4d58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da18a4ec876c900-MAD
content-encoding: br
content-type: text/html
date: Tue, 29 Oct 2024 07:44:25 GMT
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4V82KyzuAiPNU7lJ%2Bd%2B3O3zIZAEOYYd54GE1xsjRIAb6qhulhLD%2FGX8gW4XrFxUlxXL1hlCg5PMM0fUrJxYkGPJSFDvFrV%2B81R0wiuRSnT8Peb2lovfMMbZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=35600&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4122&recv_bytes=4489&delivery_rate=488&cwnd=12000&unsent_bytes=0&cid=24f7c6be977b784c&ts=287&x=1" cfHdrFlush;dur=0
vary: accept-encoding
x-robots-tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 199ms
66ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbde9640f7bead77cc29df5c627f30d711f18e9f3d28456072a530b90c21c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 29 Oct 2024 07:38:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 28.67741ca0.chunk.css
fex.net/client/desktop/static/css/ 82 KB
13 KB 41ms
40ms Stylesheet
text/css 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/28.67741ca0.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67066a73-146d0"
age: 36060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rh30AQGbCkKHg43YJvEv93l%2BDKWG2CvcW8%2B1p6V0DAsBDsLOcoFJN8aNZ%2FJX12k%2BEHdiHodsEjmVY0t33ZqL1pzcmLqeT%2B7MzPgY0p8GkPryth%2BJhpor58WR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 09:43:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34829&sent=17&recv=16&lost=0&retrans=0&sent_bytes=8019&recv_bytes=5849&delivery_rate=119943&cwnd=12000&unsent_bytes=0&cid=24f7c6be977b784c&ts=335&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: text/css
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a5099dcc900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 main.886396ae.chunk.css
fex.net/client/desktop/static/css/ 288 KB
65 KB 77ms
75ms Stylesheet
text/css 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/main.886396ae.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7fe0bd3e04e27194f7411d0b141032448bc4cd980d2f016ee49a7f9abce49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67066a73-47f2f"
age: 36060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLgjhhrp1jgqfJDIlyuM1oyIzg8JwVtiH8li3rNzN7esijgnitXK%2F1OeTnwlJjrlNgANtHPq4AtQSOI4ph9gjjLPZPwasVcgZ2THjb%2FwyTVs%2BCkgOo5T6k%2FM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 09:43:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34829&sent=27&recv=16&lost=0&retrans=0&sent_bytes=20019&recv_bytes=5849&delivery_rate=119943&cwnd=12000&unsent_bytes=0&cid=24f7c6be977b784c&ts=336&x=1", cfHdrFlush;dur=32
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: text/css
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a5099dec900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 polyfill.min.js Show response
cdnjs.cloudflare.com/polyfill/v2/ 103 B
733 B 99ms
60ms Script
text/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/polyfill/v2/polyfill.min.js

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

x-compress-hint: on
content-encoding: gzip
cf-cache-status: HIT
age: 480909
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wQbp07ywssAC9h5rrBYK7Oj50h98WZkEHsujXeIlxmBjHW8pE1fRx1sPtIONRthqy4qbwJxPZ1I3kRFUK21Px01ngkURC0oQ0EbX5lUFNrvzLJtdGaq0HDe3hfrriE%2BpyTs6f3L"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,HEAD,OPTIONS
expires: Tue, 05 Nov 2024 07:44:25 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 23 Oct 2024 18:09:16 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=604800
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polyfill-version: 3.25.1
cf-ray: 8da18a50c8d66623-MAD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 28.99210b96.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
495 KB 79ms
78ms Script
application/javascript 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

379b4acc82f978f49655ce724d2fb42e717dc14fcdfe07f83afcfd04e795d967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67066a73-1c0aa3"
age: 892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UUSLjwTtccpvXgqhpLOlJbAnM2XWAwzOxDcMkEJtnkRboTAMGA6F2b03NsIzGQv989lJpsS6R9i2HfPRYUiShjE3DGQugEpua0OjmJD1f%2FjBYhBTtYoThli"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:29:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34829&sent=27&recv=16&lost=0&retrans=0&sent_bytes=20019&recv_bytes=5849&delivery_rate=119943&cwnd=12000&unsent_bytes=0&cid=24f7c6be977b784c&ts=338&x=1", cfHdrFlush;dur=30
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a5099dfc900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 main.3211455c.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
360 KB 78ms
77ms Script
application/javascript 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/main.3211455c.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d42c73884aebef45ddf03fc036104a02a0a682dd2411905ee865059aba7233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67066a73-197d2c"
age: 39559
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v05K0NLq0qA0tWzoD3YXjtre8%2BCg%2FalS3omjXop4BeFQQs234xusE8fNGDeBdGgq5swMtJiacP%2Fdcyq1qzguOHrkDkllUwyVsqEQ9Fc7vIWCLuU3Kp%2FEZdV5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 08:45:06 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34829&sent=27&recv=16&lost=0&retrans=0&sent_bytes=20019&recv_bytes=5849&delivery_rate=119943&cwnd=12000&unsent_bytes=0&cid=24f7c6be977b784c&ts=337&x=1", cfHdrFlush;dur=31
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a5099e0c900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 124ms
59ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-tRbJtk0a' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 07:44:25 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tRbJtk0a' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4452, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: CtA19wTspJUht3cMRJu8wb6FEbpiYsgB6N7nliFRgC/CLOBGlYiLgNNSwVzu2Mg2TuZNcVGqUV3gY075JJaVFw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
73 KB 214ms
73ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcddcf691e5aa8912b7cf6d1b2b91f155464af12cf24504f33d07bf96a997956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 29 Oct 2024 07:44:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 73808
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
36ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
age: 4177
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 08:34:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 06:34:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 170ms
155ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0393fe4ae1f758d14cf70811c29d9e39f836e78ec43378a0c2abc772a5797a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 07:44:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80705
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 translations.json Show response
fex.net/client/desktop/locales/ru/ 264 KB
76 KB 159ms
159ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/locales/ru/translations.json

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1458bcd90d2304e6f3dcaf295d87449eeda1e9f179909338066c1f114d141bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"67066a73-421a7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZbB3oQVn04cAqO%2BUpSXWGwlE5V56Iz%2F24YUJNjS03DlKQZQXRHgkMzfiQWXWLo4GMUmbogelvHCD5vsP96QVALXBtUTa5L%2BaAron72TQbAkTz6KocukzwZ9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36235&sent=877&recv=141&lost=25&retrans=25&sent_bytes=1014472&recv_bytes=11996&delivery_rate=844722&cwnd=314160&unsent_bytes=0&cid=24f7c6be977b784c&ts=894&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/json
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: accept-encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a535c78c900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 translations.json Show response
fex.net/client/desktop/locales/en/ 182 KB
38 KB 215ms
215ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/locales/en/translations.json

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a753904149c85458b70c3cf7dff1b0c3c108e1886ca3895aa93f984509b808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"67066a73-2d7da"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnKEUsC9b4rXKEUWmFv5ZPbDaUmFFfSTZL96NgkIn4MMzqeQOHnrAPz85UC43UoUg6HHZ9gj7HUKodr%2Fdsn5aWrVccsG%2BSvF4zhYdibE7SgCGiuLRMfQPyO9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35533&sent=944&recv=144&lost=25&retrans=25&sent_bytes=1094168&recv_bytes=12129&delivery_rate=188811&cwnd=314160&unsent_bytes=0&cid=24f7c6be977b784c&ts=950&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/json
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: accept-encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a535c7bc900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 890537036105828 Show response
connect.facebook.net/signals/config/ 77 KB
15 KB 60ms
60ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/890537036105828?v=2.9.174&r=stable&domain=fex.net&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c0368268129cb9493ca7da0bcb97dc7e4fdf2e261bf25fd0b1e756d677501aa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-lZPc4G8B' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-lZPc4G8B' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=74, mss=1232, tbw=67876, tp=63, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: X38RaGMHkMJys5vfyUOGJA+99KW/JKhcWKOMA6fmE7wFnrhVy3rPZqEqounOUn01byD1/h4ujOT+W4uXu0PFMQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15330
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 186ms
61ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=890537036105828&ev=PageView&dl=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&rl=&if=false&ts=1730187866224&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730187866221.247037686499655757&cs_est=true&ler=empty&cdl=API_unavailable&it=1730187866143&coo=false&rqm=GET

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=10, mss=1297, tbw=2954, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 424ms
299ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=890537036105828&ev=PageView&dl=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&rl=&if=false&ts=1730187866224&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730187866221.247037686499655757&cs_est=true&ler=empty&cdl=API_unavailable&it=1730187866143&coo=false&rqm=FGET

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431100301200093461"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 2466vUi3VcIi+VRnNsyruTEg23dEPLo2s6jrTn6Lgn1pWL0vKbAOuPzlC7WzhgT5fWknOdX9T1rlDm0/w7gPiQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431100301200093461", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=15, mss=1297, tbw=3268, tp=-1, tpl=-1, uplat=240, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

feaca870e395dcd212bf346d13c40847a06d67f6acd6da51b9e2c867dcb0af3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 07:44:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79607
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 341 KB
111 KB 79ms
78ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

333bac18afe507f5ffeed33f1d58efbdf0b11274a26579eb50ff4e9d58d65c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 07:44:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 113189
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
413 B 56ms
56ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=89066691&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&ul=es-es&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1665418934&gjid=303837755&cid=1492578227.1730187866&tid=UA-134700492-1&_gid=1022349311.1730187866&_r=1&gtm=457e4ao0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&jsscut=1&npa=1&z=1607423292

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fex.net/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://fex.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 anonymous Show response
api.fex.net/api/v1/config/ 4 KB
1 KB 364ms
324ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a695af99ecbec4514a3e4f50750bd3753da53e251d94b2239b3edadf152a23a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://fex.net/

Response headers

x-robots-tag: noindex, nofollow, noindex, nofollow
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FRTFflXLCXZBOF9O5a1XwFMwGDoF%2FuleXeDlffIAo3VUOWwMipV3NXZAEQWQqkKWGal%2BSL6zbj2QZRqleGtYcWQYlMetAcolNEBfl3XzGjixmX6f0gpnG35Z77VFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da18a577e72cc51-MAD
access-control-allow-origin: https://fex.net
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36747&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2185&recv_bytes=4333&delivery_rate=487&cwnd=12000&unsent_bytes=0&cid=c820cd0e5c112604&ts=329&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

OPTIONS
H3 200 anonymous
api.fex.net/api/v1/config/ Frame 0
0 326ms
274ms Preflight
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: OPTIONS, HEAD, GET
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da18a557c1fcc6b-MAD
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 07:44:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yyueuiSmAcQTXLMulFY%2Brs2aG57VXIiRhsVUeVVR4I9AfzeKNgjCk8KHb%2F5qv7xChVNMnLlSfS2pjWUzweSQSeH%2BT4v%2BuHIaRNx4NRdwWZa82FkXXZWQKAMF3GhfNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=33509&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4123&recv_bytes=4416&delivery_rate=456&cwnd=12000&unsent_bytes=0&cid=66cd827f3d1a0cc1&ts=283&x=1" cfHdrFlush;dur=0
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 150ms
54ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JXWQG3YTNG&gtm=45je4as0h2v9104324223za200&_p=1730187865877&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&cid=1492578227.1730187866&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1730187866&sct=1&seg=0&dl=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&en=page_view&_fv=1&_ss=1&tfd=1114
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://fex.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
539 B 166ms
55ms Ping
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JXWQG3YTNG&cid=1492578227.1730187866&gtm=45je4as0h2v9104324223za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://fex.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.es/ads/ 42 B
408 B 227ms
87ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JXWQG3YTNG&cid=1492578227.1730187866&gtm=45je4as0h2v9104324223za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101925629&tag_exp=101533421~101823848~101925629&z=2080125881

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 29 Oct 2024 07:44:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 favicon.ico
fex.net/client/desktop/icons/ 7 KB
3 KB 45ms
45ms Other
image/x-icon 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/icons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073b1cfa80f31ea7e9c655495aa9787ba10af464a898f3bbad38ad7c114e7175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/ru/s/ppdfxn5

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"67066a73-1cee"
age: 3470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqxBRz2aoQSq3rojzbuOHuD1WeSFFfHj7G7bNPdkSeitmBqDRmqvVIx%2FxiP4P9EOCtSo1GOVnUbifxJvWeg6SGMN%2FHX2GafeCvU%2FnHiBlK5GrdKMf5VaGVjY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34130&sent=979&recv=153&lost=25&retrans=25&sent_bytes=1134076&recv_bytes=12989&delivery_rate=919076&cwnd=314160&unsent_bytes=0&cid=24f7c6be977b784c&ts=1350&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:26 GMT
content-type: image/x-icon
last-modified: Wed, 09 Oct 2024 11:35:15 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da18a56e83ac900-MAD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 192ms
75ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d324ccb31eda72f4015aa2814c6487b5cb5a6102b6a815e7560a36970c84c444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 6930469660388547675
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53220
x-xss-protection: 0
server: cafe

OPTIONS
H3 200 upload-token
api.fex.net/api/v1/anonymous/ Frame 0
0 100ms
100ms Preflight
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/anonymous/upload-token
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: OPTIONS, HEAD, GET
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da18a59b893cc6b-MAD
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 07:44:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gP2iQgr%2F5i2zHbwO%2BOMhgRHekcQEfOAj82pFLLPkcWvYL9fGO4FsYDZZoZf5gjE1glrWM8COmgrY%2BzXc4NTZQTiwLXw1Ak3b0PAchTO8%2B1U7OCuQQ8kELqCixDPVOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=33454&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4898&recv_bytes=4775&delivery_rate=12932&cwnd=12000&unsent_bytes=0&cid=66cd827f3d1a0cc1&ts=791&x=1" cfHdrFlush;dur=0
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
26 B 66ms
66ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=89066691&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&dp=%2Fru%2Fs%2Fppdfxn5&ul=es-es&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1699678608&gjid=909484625&cid=1492578227.1730187866&tid=UA-134700492-1&_gid=1022349311.1730187866&_r=1&_slc=1&cd2=1730187866112.nqfgf4qc&cd3=anonymous&z=1598204296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fex.net/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://fex.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 hit Show response
c.hit.ua/ 315 B
592 B 284ms
89ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&r=&u=https%3A//fex.net/ru/s/ppdfxn5&0.5544964536821486
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: f7e431adb0af7095237b312df5fc1217fc56a801b0f8bb823bd80b8a9d3f5f5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="UNI"
date: Tue, 29 Oct 2024 07:44:27 GMT
pragma: no-cache
content-type: application/x-javascript
server: nginx/1.17.9

GET
H3 200 upload-token Show response
api.fex.net/api/v1/anonymous/ 202 B
1 KB 107ms
107ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/anonymous/upload-token
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48ad29ba96930befb7ad8d228df08686d8bbdeb4a0a92fb90d2dabe80af92ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://fex.net/

Response headers

x-robots-tag: noindex, nofollow, noindex, nofollow
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flImJU%2BQP7TycTjeWkPcjDXsuCaXltFsB07G9GhmUe2OQGYLRz03qE95yrM0PmiNgDpwWdj2%2B920oUR40R4wAhne3wo1CRHNLBgnQYEbOPj28spXWzKKODoVeQ1REA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da18a5a697acc51-MAD
access-control-allow-origin: https://fex.net
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36233&sent=13&recv=11&lost=0&retrans=0&sent_bytes=3617&recv_bytes=4868&delivery_rate=43150&cwnd=12000&unsent_bytes=0&cid=c820cd0e5c112604&ts=581&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 59ms
58ms Image
image/gif 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=89066691&t=pageview&_s=2&dl=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&ul=es-es&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=1492578227.1730187866&tid=UA-134700492-1&_gid=1022349311.1730187866&gtm=457e4ao0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925629&jsscut=1&cd2=1730187866112.nqfgf4qc&cd3=anonymous&npa=1&z=884267831

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

age: 61281
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 14:43:06 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 36 KB
37 KB 613ms
226ms Script
text/javascript 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?allpages
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 0f813b4f88c389aa3e83199cd3d6f6c1b3f4f09084de17843b97b351d4fe48ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

accept-ranges: bytes
content-length: 37242
etag: "041849816af9721a63678901219425019"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: text/javascript

GET
H3 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 126ms
59ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fonts.googleapis.com/

Response headers

age: 572399
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:44:28 GMT
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20860
x-xss-protection: 0
server: sffe

GET
H3 200 4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 18 KB
18 KB 215ms
147ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

bbeb7f7f618c8d82bce1600d57e67a9f6759bed1d00097935d1714440dcbdb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fonts.googleapis.com/

Response headers

age: 572969
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:34:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:34:58 GMT
last-modified: Wed, 27 Apr 2022 16:11:15 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18672
x-xss-protection: 0
server: sffe

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 128ms
60ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fonts.googleapis.com/

Response headers

age: 573012
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:34:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:34:15 GMT
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34852
x-xss-protection: 0
server: sffe

GET
H3 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 192ms
125ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fonts.googleapis.com/

Response headers

age: 573626
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:24:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:24:01 GMT
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30480
x-xss-protection: 0
server: sffe

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 150ms
83ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fonts.googleapis.com/

Response headers

age: 573897
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:19:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:19:30 GMT
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29752
x-xss-protection: 0
server: sffe

GET
H3 200 ppdfxn5 Show response
api.fex.net/api/v2/file/share/ 686 B
1013 B 221ms
220ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v2/file/share/ppdfxn5
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f0958c43fefb049c30942cb2f88da354fce00602eec391fcd988a8272820d8

Request headers

Authorization: Bearer eyJ0eXAiOiJVU0VSIiwiYWxnIjoiSFMyNTYifQ.eyJ1IjowLCJwIjoxLCJ1ayI6Ijg1NWE2Yzc2NWMyZjQyNjY4NDkxOTJlMyIsImV4cCI6MTczMDI3NDI2NywiaWF0IjoxNzMwMTg3ODY3fQ.hrcOs2PBu1hm0dn6xc56e9s4-oIbw9r_bmZre61s3Ck
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-robots-tag: noindex, nofollow, noindex, nofollow
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34LhlKtjm8zXONho3qQNJXUTmHJ72pvxFQ%2Fkmt7xiopdQNDDjObbULgu8LQR8B98t4nNJcmNQYcgIysL9pzZawl44V4NEQjkDSDUWwHZqKe3P%2B4F9Q%2B%2BY8x3zgCz2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da18a5bdab1cc51-MAD
access-control-allow-origin: https://fex.net
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35956&sent=15&recv=13&lost=0&retrans=0&sent_bytes=4707&recv_bytes=5720&delivery_rate=8141&cwnd=12000&unsent_bytes=0&cid=c820cd0e5c112604&ts=927&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

OPTIONS
H3 200 ppdfxn5
api.fex.net/api/v2/file/share/ Frame 0
0 116ms
116ms Preflight
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v2/file/share/ppdfxn5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: OPTIONS, HEAD, GET
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da18a5b1a2acc6b-MAD
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 07:44:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaguD8A0PbIDxhdJcc0jnpLb7O5U%2B6Ir3mOfiF51tTnpM86cB8bF8CR5f8rDdBNGTvfo1bMHwSqYTWdhN3wG98lAySE%2Bly6%2B2RaA8MrusyYCyloT12qBLqogLVpTfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=36497&sent=16&recv=14&lost=0&retrans=0&sent_bytes=5638&recv_bytes=5152&delivery_rate=5761&cwnd=12000&unsent_bytes=0&cid=66cd827f3d1a0cc1&ts=1019&x=1" cfHdrFlush;dur=0
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

GET
H3 200 5212096142 Show response
api.fex.net/api/v2/file/share/children/ppdfxn5/ 675 B
1 KB 194ms
194ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v2/file/share/children/ppdfxn5/5212096142?page=1&sort_by=name&per_page=500&is_desc=1
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec1145ac695429d7942501170b12a61e5a93e648836dd00ab2462330a1c8045

Request headers

Authorization: Bearer eyJ0eXAiOiJVU0VSIiwiYWxnIjoiSFMyNTYifQ.eyJ1IjowLCJwIjoxLCJ1ayI6Ijg1NWE2Yzc2NWMyZjQyNjY4NDkxOTJlMyIsImV4cCI6MTczMDI3NDI2NywiaWF0IjoxNzMwMTg3ODY3fQ.hrcOs2PBu1hm0dn6xc56e9s4-oIbw9r_bmZre61s3Ck
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-robots-tag: noindex, nofollow, noindex, nofollow
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FG%2Fx5YoCxF%2BBPzye4N7otgoCzEZZ%2B9VqHv%2F21t6ihaVFt3WbCH9m9Mq3LvB5f1dhZ9w%2B48Kzd%2FR6FsunZVZA6eqfgbgt5pCfOGMn%2F3w4zdKRe3pwboNfKdw6Yb%2B3zw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da18a5ddcbbcc51-MAD
access-control-allow-origin: https://fex.net
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35619&sent=17&recv=15&lost=0&retrans=0&sent_bytes=5767&recv_bytes=6617&delivery_rate=4235&cwnd=12000&unsent_bytes=0&cid=c820cd0e5c112604&ts=1226&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

OPTIONS
H3 200 5212096142
api.fex.net/api/v2/file/share/children/ppdfxn5/ Frame 0
0 102ms
101ms Preflight
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v2/file/share/children/ppdfxn5/5212096142?page=1&sort_by=name&per_page=500&is_desc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: OPTIONS, HEAD, GET
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da18a5d3c7ccc6b-MAD
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 07:44:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BI37HCzJ4kl0hVO9%2B%2F%2FP2ce8rMU3HNue0du7w2PnNrOVunkgCUnnM4ud8pLouz8%2BjrOrMXt3dDQyBY8fQgHTA7bbstmj4xWPjdUDhQiKBALtrP3wRfzoMtP0YQyWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=36541&sent=18&recv=16&lost=0&retrans=0&sent_bytes=6395&recv_bytes=5574&delivery_rate=5198&cwnd=12000&unsent_bytes=0&cid=66cd827f3d1a0cc1&ts=1349&x=1" cfHdrFlush;dur=0
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

POST
H/1.1 200 zo8cDjDMjlcLfFq5OzGeMCaDxeaSc5vAAwTf1ChFJR2wW6WlU04fYLf4wEGnmxGCFw54_-PzV3Nas1QPcCeSDaHyxCFp0rUUBE8FLFk8jbEVJlOMx6bIUQJqGiOxkDPMS2YLHW0Rpl-c0uRHyAwWCUy8P1hhLX-popRx_fGDeKrf9HduJS24jcRSeykeFKAr-9TuJ... Show response
aj1913.online/ 39 KB
14 KB 128ms
128ms XHR
application/json 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zo8cDjDMjlcLfFq5OzGeMCaDxeaSc5vAAwTf1ChFJR2wW6WlU04fYLf4wEGnmxGCFw54_-PzV3Nas1QPcCeSDaHyxCFp0rUUBE8FLFk8jbEVJlOMx6bIUQJqGiOxkDPMS2YLHW0Rpl-c0uRHyAwWCUy8P1hhLX-popRx_fGDeKrf9HduJS24jcRSeykeFKAr-9TuJMV78GUtKoGBloLlM2wHkmxs6nhVpz7vw2WnvklQI3UiCGUxJOlcc4fkI88x3F3X6Kg5AD0mDHhpne1ng8T9bXe3uEX3DSvv9llCQiHE5RgiLlnDht9CMiq3E3YR4UmEQLYiYnZf8P2vmLjbY6WzCxxawuc6IbtuL_lRJc48hWRjetcyhUff9gzf93lgotOnrAF3eVE6VPE2HgKt8Ep0AtY3V3ghTHwnz5EkV-P1Sa27NNAvWQWDxyTTVo6bx?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: fbf7010fab44488b370018c4ac892945780ccaa4f06f597390997d9ddd501fc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

transfer-encoding: chunked
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
access-control-allow-origin: https://fex.net
p3p: CP="CAO PSA OUR"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding

GET
H3 200 4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 18 KB
18 KB 59ms
59ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fonts.googleapis.com/

Response headers

age: 602869
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 08:16:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 08:16:39 GMT
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18200
x-xss-protection: 0
server: sffe

GET
H2 200 hit Show response
c.hit.ua/ 315 B
457 B 88ms
88ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&r=&u=https%3A//fex.net/ru/s/ppdfxn5&0.75518209089078
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.3211455c.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: f713b0b97fb14a31914da74e139e49a4ec72aefeb6bdf7d25d5437932b40a8ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
date: Tue, 29 Oct 2024 07:44:28 GMT
pragma: no-cache
content-type: application/x-javascript
server: nginx/1.17.9

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 36 KB
37 KB 118ms
117ms Script
text/javascript 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?fsaside
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: c046229f6e3f318b9e1d6cdf4f018292fe109309d5e60baf067a43f82b17e633

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

accept-ranges: bytes
content-length: 37245
etag: "0dc0e2f963ef36403b0f066fc0f33f437"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: text/javascript

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 36 KB
37 KB 239ms
117ms Script
text/javascript 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?f42f55ba01ba071a37f359d4c91557d5
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 0f813b4f88c389aa3e83199cd3d6f6c1b3f4f09084de17843b97b351d4fe48ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

accept-ranges: bytes
content-length: 37242
etag: "041849816af9721a63678901219425019"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: text/javascript

GET
H/1.1 200 zArLFczJsYjk-_i5mBdb-5sD-0O70HfhWyWLfgOLEzJySG3yAEFGxaVcDcUaYRtBfK3NhfvFq_zjem10hZu9ulowbSGsBca-Pm0WDOAbikm_Gf1iO5EUuDPRnUr8FoU0x-zHjk109VWzyT6rpJcudnS_UTlx-44DuJ7X2wNDErUW0YuFYiNO-0IV-YQvMQijF-l64...
aj1913.online/ 43 B
808 B 449ms
120ms Image
image/gif 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zArLFczJsYjk-_i5mBdb-5sD-0O70HfhWyWLfgOLEzJySG3yAEFGxaVcDcUaYRtBfK3NhfvFq_zjem10hZu9ulowbSGsBca-Pm0WDOAbikm_Gf1iO5EUuDPRnUr8FoU0x-zHjk109VWzyT6rpJcudnS_UTlx-44DuJ7X2wNDErUW0YuFYiNO-0IV-YQvMQijF-l64UNOEwSaJn99uqcHV-n9NXo1OUJ1RgmkztyFtFix14B-5CSiu2cR22OxO8mWXHzaBDOUwgniAMvMeOz4dOUQXxhA5606V4js_-dS9cyo2CYNnSbLAGxtJkYIskr2GGJrtDim8aSOKMwzkLtGmEspezm_gdgptN2wJbEdRvsFtV6hx-Qtw4jAtWWQjYRDmxiN9KMh5jHxu3Rk?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1726556492000"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
content-length: 43
date: Tue, 29 Oct 2024 07:44:28 GMT
last-modified: Tue, 17 Sep 2024 07:01:32 GMT
content-type: image/gif

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4550 155 KB
52 KB 85ms
84ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

84a936cf4c1d9614e205a171acafd2a6d561ffd6ee17baa022aece109adec6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 11677558534501879007
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53230
x-xss-protection: 0
server: cafe

POST
H/1.1 200 zb5O4ycswrKcUeILz6yd7hf9jiuxgBoriN5lKuFob6agMT43PRKFqfXUtNgHStP0x2uFWL_7KU4l__Mh9J2vcowguRAPGjiWWapKSkCb-dWR7q-D4g3lK_44505nx2yDcIgnVJXnIdA2fLruiw4zAe1Xcycwu0v91oY9BskpJm5XR1q2WItpucHYl5e950cQyYTXG... Show response
aj1913.online/ 1 KB
1 KB 220ms
119ms XHR
application/json 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zb5O4ycswrKcUeILz6yd7hf9jiuxgBoriN5lKuFob6agMT43PRKFqfXUtNgHStP0x2uFWL_7KU4l__Mh9J2vcowguRAPGjiWWapKSkCb-dWR7q-D4g3lK_44505nx2yDcIgnVJXnIdA2fLruiw4zAe1Xcycwu0v91oY9BskpJm5XR1q2WItpucHYl5e950cQyYTXGvC2TDyp2vOIey_2j2utJzcCub5Nxo6fzczxoC0V7mkErbBZwpPf5PvmuRq63oQ0HoMCWcQZZtgIiaOQulZmckGJnMheLwD4_epwtArv-U4cVjMjD3E8xLG5JGg5oXjidUtt8lzhxlqXgPbu3EsEgUePr8rGwOrdza3C7PWUZWZRYk3QJj6zm2idDrI890QbWJZwXTQ8MAa9C21Nj4ZtODr7usY2rmmpdCAjM3TCL8dNRkvAQm4Jopsti2_Gg9A?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?fsaside
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 9969d8e9b227e060653e668c766dc39c2d3febbe722ab84c1843f19ebe4becb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
access-control-allow-origin: https://fex.net
p3p: CP="CAO PSA OUR"
content-length: 1035
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json;charset=UTF-8

POST
H/1.1 200 zRXNbK_QRmER7-83hsuJoOxD_P_hfhuW778kcPsv6tmbUcTyuXOYokF0xvbsXgi8fZYEkitiYw7RUstlkpqfDk-IXR74JIAwpuIrvnI4oMR16Cm0kyBUhBxd8QljXH-hLnCeTqvVHV1drRFiL8v7mSehfAM53IxIgdWSZs_eJiWl5AfISWl6dXH7zlvIBHc2iWKo3... Show response
aj1913.online/ 1 KB
1 KB 233ms
118ms XHR
application/json 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zRXNbK_QRmER7-83hsuJoOxD_P_hfhuW778kcPsv6tmbUcTyuXOYokF0xvbsXgi8fZYEkitiYw7RUstlkpqfDk-IXR74JIAwpuIrvnI4oMR16Cm0kyBUhBxd8QljXH-hLnCeTqvVHV1drRFiL8v7mSehfAM53IxIgdWSZs_eJiWl5AfISWl6dXH7zlvIBHc2iWKo3b1Lgqhqk9TPVNIUGVp1Sd5OYMDDeJo_2rXKwDSu622hjJi6bpZp58C1xaovyovaVMNocDprBkP0nAgQJt6oTns2Oycn_VXbuThjjY8qT8SRsMi7BBA5RxCH1bRToKZLXA18kbcKjQp6pjKH2vVtR-MlmlhGpcim0Is8oIzSScHCIf3iETmwRNnwqrWJwk3uzp5NlNE1z53y619yLt1uV4UFcanh4dxC8TDiQEbFwqtjQ_1XvlJ9gp5ti1KSh9g?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?fsaside
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 1ea10555bd646e3191271c29198a3cdda67c771006d2951f6d1720051a7d333f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
access-control-allow-origin: https://fex.net
p3p: CP="CAO PSA OUR"
content-length: 1036
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: application/json;charset=UTF-8

POST
H/1.1 200 zhIDL-N20ZhWE3CHlsL2nF9NQn7Z6qnDdxYIj4KRj3eCqsz8KNlHxFtCDIMQZBQxEQK8jkkwLN6otW3QKetiLAJsMZosYOvqkFA7SAWUZcwEe1wAbzx08qw_snwYUYRECFPfNmVwS0siH5aZwV9Y6nUsvOntRtxwSo5H4k4LJ6310TKiEbryRiQNuraVvt6XsCwkK... Show response
aj1913.online/ 995 B
1 KB 242ms
120ms XHR
application/json 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zhIDL-N20ZhWE3CHlsL2nF9NQn7Z6qnDdxYIj4KRj3eCqsz8KNlHxFtCDIMQZBQxEQK8jkkwLN6otW3QKetiLAJsMZosYOvqkFA7SAWUZcwEe1wAbzx08qw_snwYUYRECFPfNmVwS0siH5aZwV9Y6nUsvOntRtxwSo5H4k4LJ6310TKiEbryRiQNuraVvt6XsCwkKMDxBlidLaBFzv1R8s24_Y_cVBzR22DRfA9xtyjRwIYURmLwyxQKrY4pEJR-KXYlIY1z6p1qh4Z4uv_jCTO-BatTpU69kqwShvr0J-t7lhE68Nu1ccEBXkUqe07bgei2ux7Lvq1wKImk-AKqiHO6hU58ETzCtHxcjM6JBLBsVc0diZUfzTISxZyJWxfZX65TGXBaFiv6-EAtiQEuZOTLmglHHafuwtW-EYF8gdBiEx6nuPpDWb0A68cszj6X7qg?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?fsaside
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: b39ea4cd37978423c2af3b4c4a4375720bb57a5014c421cfe8972de791c0f502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
access-control-allow-origin: https://fex.net
p3p: CP="CAO PSA OUR"
content-length: 995
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: application/json;charset=UTF-8

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/ Frame 4550 91 KB
32 KB 74ms
73ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

382905696705a40edf5c2e40b399e7803ed3c07cad9bcb2d9d34e701623cc57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 10929854475756803260
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 32315
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/ Frame 4550 434 KB
145 KB 91ms
90ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f77c9d95093768e6ccd9d043ccc016ef2e2af722bcbef3e220aaedf2e709c1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 913476950016125949
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147926
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B6C8 155 KB
0 192ms
75ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?fsaside

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d324ccb31eda72f4015aa2814c6487b5cb5a6102b6a815e7560a36970c84c444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 6930469660388547675
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53220
x-xss-protection: 0
server: cafe

GET
H/1.1 200 z64NxfMlw0LZO59RFxFi9BCc-GtkHRdVBy-T8mJOMJrxEfdskQ4Xr3JK8i49FibgZi1y_tpQAq-8CAWIGTj56ZibSR7AGHIWCHNu3EmO3n3EkxikCXftTHVKf5NMuNeQjyxQa1I7QFYlnoijp9bsrPi76Tj1wrCF6KoKLAgOJ7f89VrrydNoOcOjneJvVO3jtxSvn...
aj1913.online/ Frame B6C8 49 B
545 B 123ms
122ms Image
image/gif 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/z64NxfMlw0LZO59RFxFi9BCc-GtkHRdVBy-T8mJOMJrxEfdskQ4Xr3JK8i49FibgZi1y_tpQAq-8CAWIGTj56ZibSR7AGHIWCHNu3EmO3n3EkxikCXftTHVKf5NMuNeQjyxQa1I7QFYlnoijp9bsrPi76Tj1wrCF6KoKLAgOJ7f89VrrydNoOcOjneJvVO3jtxSvnrlh-k6QKtaaGhkLb7sfPlORtoKzsoypaEbYDxc0BkXeGptbTieiulCAtiZaSnJrTQVzpRYd4oyoKHisISluMpxFzQf2W5ZR9AJilZTBQ3uPPPyzaN-EtcYDtCIdcMeJON0tGANNkCMYUQmTf4YBuIFKyamvlJzC8ml337m_cWQY9mNHqqjYEcg?DC=DO
Requested by: Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1726556500000"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
content-length: 49
date: Tue, 29 Oct 2024 07:44:27 GMT
last-modified: Tue, 17 Sep 2024 07:01:40 GMT
content-type: image/gif

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ Frame B6C8 434 KB
145 KB 103ms
103ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31088519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a809725136061476f4eb67bafdc1d5b2eb27c08d953977a846b30dafe1cd7a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 17347376362379511161
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148009
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2531 155 KB
0 192ms
75ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?fsaside

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d324ccb31eda72f4015aa2814c6487b5cb5a6102b6a815e7560a36970c84c444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 6930469660388547675
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53220
x-xss-protection: 0
server: cafe

GET
H/1.1 200 zQUO43TSzLyK_VuFIjWliYKGP_dmyeMdXZFbkrQVj9n3_NtEgyh86XtfgB4iMynmdz9F0C4QUkylsg5DWyb2Lz3x59Sr3WsrcfmdyrZDnRUdrVJVZHXPs5E_8Y_KSJRI3T2PY_H88Ozzs3PPuuW3dBq8qFUS1Il85gl-QFbxKDJYu6nOMU8NkTRE3LdltFTmuOkwp...
aj1913.online/ Frame 2531 49 B
545 B 117ms
117ms Image
image/gif 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zQUO43TSzLyK_VuFIjWliYKGP_dmyeMdXZFbkrQVj9n3_NtEgyh86XtfgB4iMynmdz9F0C4QUkylsg5DWyb2Lz3x59Sr3WsrcfmdyrZDnRUdrVJVZHXPs5E_8Y_KSJRI3T2PY_H88Ozzs3PPuuW3dBq8qFUS1Il85gl-QFbxKDJYu6nOMU8NkTRE3LdltFTmuOkwpy4tOu_oeScBecQgEybHSwQAGWuzczFjQhCg4AZ2N10r6i_YxX27KK9_5ZWFy_HjuLDcOzg_HGy_YJJvjJfuSwaG_LBGprLpag0wXWbOgB2L6VnDHT3EgLPEFJnLdWsIdcGDiI-b1uoKcPigQhyDVTWs1qJPCtqS4TfkxKnCNLxeIE3lsQGMzzw?DC=DO
Requested by: Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1726556500000"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
content-length: 49
date: Tue, 29 Oct 2024 07:44:27 GMT
last-modified: Tue, 17 Sep 2024 07:01:40 GMT
content-type: image/gif

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ Frame 2531 434 KB
0 80ms
80ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31088519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a809725136061476f4eb67bafdc1d5b2eb27c08d953977a846b30dafe1cd7a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 17347376362379511161
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148009
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 434 KB
0 73ms
73ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31088519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a809725136061476f4eb67bafdc1d5b2eb27c08d953977a846b30dafe1cd7a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 17347376362379511161
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148009
x-xss-protection: 0
server: cafe

GET
H/1.1 200 ziCwMg1HzTviu7O-yhQ8lvXNT-NdCPuMRp07HLDj5aszJlmx3UHugFhXvfOtwWo3y4RxRmAt5HjggGhqx-1GSpQdE5yKRfdi1DDw9yVtOvQsdP3-PqHb48n8c17DrWXKpOKvqaSNqJRJShi-2s5Ch0-ZreWJqrmYs6KvgxAHshvmwzTZ9Xpdlcda6aVEQry9Tjh9y...
aj1913.online/ 49 B
545 B 117ms
117ms Image
image/gif 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/ziCwMg1HzTviu7O-yhQ8lvXNT-NdCPuMRp07HLDj5aszJlmx3UHugFhXvfOtwWo3y4RxRmAt5HjggGhqx-1GSpQdE5yKRfdi1DDw9yVtOvQsdP3-PqHb48n8c17DrWXKpOKvqaSNqJRJShi-2s5Ch0-ZreWJqrmYs6KvgxAHshvmwzTZ9Xpdlcda6aVEQry9Tjh9yarvTc2HQJjr2ynLthYlEB9CjB23n5cg5UkYuw_k4P8MCfj9K2XQMzmTqGAC0fmtM8-UYOgdFA9vyZY6AsL6Vbx3c-TqTHot9sQlRkQ9M5N94lzy_KtEPtpEy3LtsCbaMdR8s5zTq32p-BKVYrwKVU3mo51_zvobEQvHnHGm3yonyUAf8nvVuKw?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1726556500000"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: *
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
content-length: 49
date: Tue, 29 Oct 2024 07:44:28 GMT
last-modified: Tue, 17 Sep 2024 07:01:40 GMT
content-type: image/gif

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 4550 0
0 91ms
88ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fex.net/

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4550 0
20 B 92ms
92ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-8564894658009468&eid=44759875%2C44759926%2C95331833%2C95344187%2C95345280

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 29 Oct 2024 07:44:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241023/r20190131/ Frame EA9B 0
0 171ms
58ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 33684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Oct 2024 22:23:04 GMT
etag: 13108003645644964576
expires: Mon, 11 Nov 2024 22:23:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 5EFC 0
0 292ms
190ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&adk=1812271804&adf=2373185777&abgtt=6&lmt=1730187868&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730187868269&bpp=2&bdt=212&idt=200&shv=r20241023&mjsv=m202410220101&ptt=9&saldr=aa&eoidce=1&nras=1&correlator=7838457386580&frm=23&ife=1&pv=2&nhd=1&u_tz=0&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1488&ish=105&ifk=3879840188&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95344187%2C95345280%2C95345789&oid=2&pvsid=257865539763624&tmod=1108907112&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=1.39zkli5tzkq7&fsb=1&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 521
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 07:44:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 4550 16 KB
12 KB 142ms
74ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

021d1f122e4befb9e236030c5099e156cf8d02bb0b175a095e25b51c877c3a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12738
date: Tue, 29 Oct 2024 07:44:28 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4550 0
20 B 91ms
91ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-8564894658009468&eid=44759875%2C44759926%2C95331833%2C95344187%2C95345280%2C95345789

Requested by

Host: fex.net
URL: https://fex.net/ru/s/ppdfxn5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 29 Oct 2024 07:44:28 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 66B5 0
0 835ms
753ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&h=280&slotname=7672271343&adk=1297842133&adf=3279755397&pi=t.ma~as.7672271343&w=1200&abgtt=6&fwrn=3&fwrnh=100&lmt=1730187868&rafmt=1&format=1200x280&url=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730187868271&bpp=1&bdt=214&idt=229&shv=r20241023&mjsv=m202410220101&ptt=9&saldr=aa&eoidce=1&prev_fmts=0x0&nras=1&correlator=7838457386580&frm=23&ife=1&pv=1&nhd=1&u_tz=0&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3879840188&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95344187%2C95345280%2C95345789&oid=2&pvsid=257865539763624&tmod=1108907112&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=2.hi5vr9y6mv26&fsb=1&dtd=239

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 07:44:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-8564894658009468 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 234ms
86ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8564894658009468?href=https%3A%2F%2Ffex.net%2Fru%2Fs%2Fppdfxn5&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31088519

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1a2b838cab6d88f126622ec6bd30703c55b3bf6e73f3c52c3a368be87de61b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1wVw5WAPn4-9BPwiEhsvAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNGQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8d6Pl1iPAnGRxBXWBiC-3XSF9TEQM3y9wsoBxEI8HHeWNO1kEzjRMqWTWUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjE0MDIXM_APL7AAAAmYU1_"
content-security-policy: script-src 'report-sample' 'nonce-1wVw5WAPn4-9BPwiEhsvAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241023/r20190131/ 58 KB
22 KB 58ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241023/r20190131/rum_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

dae11dbca14a01950e798d4c3f0037b71745cf24d879b1a4459f80910f9709ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: br
etag: 1539623946277905679
age: 30022
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 23:24:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 28 Oct 2024 23:24:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 22705
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 4550 18 KB
7 KB 223ms
86ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:28 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 156ms
62ms Ping
image/gif 2a00:1450:4003:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m2u56nme&c=2773627036608458&e=44759875%2C44759926%2C95346097%2C31088482%2C95344190%2C95345281%2C31088519%2C31061691%2C31061692&ctx=1&met.3=166.2en_2~1001.2ev_1__1~1032.2i8~326.2jh_1~832.2jj~868.2jj~843.2i6_1e~1032.2k2~326.2k2~832.2k3~868.2k3~113.2ld_1~112.2lc_2&met.1=1.m2u56l12~6.0~7.1~8.d~9.d~10.1j~11.d~12.1j~13.99~14.9c~15.9e~16.mk~17.mk~18.mk~19.11g~20.11g~21.11g~22.fu~23.1fg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241023/r20190131/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame E777 0
0 180ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 07:08:52 GMT
expires: Tue, 29 Oct 2024 07:58:52 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWY7-RhNvmw9PCVSYGwDy6OC67Hprejf0IXFi005DVKWJqDTgrn9bUeFlk2HTdnJojNpsS9byNUnYbXeZumd-NgjpUB7tjbYfx4FTy2UoQ0L-P-8xqw6cC3aqUkjIGJC0U63dxpUQ== Show response
fundingchoicesmessages.google.com/f/ 398 KB
62 KB 117ms
116ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWY7-RhNvmw9PCVSYGwDy6OC67Hprejf0IXFi005DVKWJqDTgrn9bUeFlk2HTdnJojNpsS9byNUnYbXeZumd-NgjpUB7tjbYfx4FTy2UoQ0L-P-8xqw6cC3aqUkjIGJC0U63dxpUQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMTg3ODY4LDk5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mZXgubmV0L3J1L3MvcHBkZnhuNSIsbnVsbCxbWzgsImp3WW4wQWhKYnVjIl0sWzksImVzIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.jwYn0AhJbuc.es5.O/am=DgY/d=1/rs=AJlcJMxidgeBXLl_Aeps5W56NZvsFGciUg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98783c6e9cafc97d6660379c1ef2981128efcc6dfb31eb19eb11d017c5945258

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S_Ropbad8uEWuJiEJS9e4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:29 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRC3Bx3lzTtZBO4sLBDVUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjE0MDIXM_APL7AAABxS0gv"
content-security-policy: script-src 'report-sample' 'nonce-S_Ropbad8uEWuJiEJS9e4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 82ms
81ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.jwYn0AhJbuc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz4_v6DWp_ncNvumtUdVVQON0Ao4A/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d413bbe05501fb2a71c5566b9d2e5e3a9366e9f6f7ae7053ce674485aeface69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 07:44:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 29 Oct 2024 07:44:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 ZtNQawD5XDL4AP3swLhdXX6dDVnqx1j9r6oBm-6YnQffbNctdLYeDHV1WnBQ7WkgWHtp3LHs87SQiY3hYXedZ6OJ2VLeq17Ckk0nRr_SEPDTTN29Zw1x=h60
lh3.googleusercontent.com/ 1 KB
1 KB 191ms
61ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZtNQawD5XDL4AP3swLhdXX6dDVnqx1j9r6oBm-6YnQffbNctdLYeDHV1WnBQ7WkgWHtp3LHs87SQiY3hYXedZ6OJ2VLeq17Ckk0nRr_SEPDTTN29Zw1x=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6ff833b2b3bfef92af725cc72a7b0e323ed00e14b4f3b3192cd80f8b090a4f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://fex.net/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9308
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 05:09:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 05:09:21 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1201
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 58ms
57ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fex.net/

Response headers

age: 573382
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:28:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:28:07 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 59ms
59ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://fex.net
Referer: https://fex.net/

Response headers

age: 573382
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:28:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:28:07 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxWIoH_5GhmpOSeNIIr5PTAjrrhJti3XOX355-5A-_2FOORNm6N6VfYzVFnBwOa2aFQBnfCet2a9jaPwMIQxPFNgdyW5k4pJtKkFO7FXta5kKB16diyoS1ezJvBLx7Sbm32LzWPpQw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 137ms
71ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIoH_5GhmpOSeNIIr5PTAjrrhJti3XOX355-5A-_2FOORNm6N6VfYzVFnBwOa2aFQBnfCet2a9jaPwMIQxPFNgdyW5k4pJtKkFO7FXta5kKB16diyoS1ezJvBLx7Sbm32LzWPpQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-E2-b26JNusuBaHs-y_TIEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fex.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:29 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0gDi9BmsAUDsrnWR1R-I9368xHoUiBm-XmHlAGIhHo67S5p2sgnMOHVvFqOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0MDLXMzCPLzAAAE18Ld0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-E2-b26JNusuBaHs-y_TIEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://fex.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIoH_5GhmpOSeNIIr5PTAjrrhJti3XOX355-5A-_2FOORNm6N6VfYzVFnBwOa2aFQBnfCet2a9jaPwMIQxPFNgdyW5k4pJtKkFO7FXta5kKB16diyoS1ezJvBLx7Sbm32LzWPpQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f89WselwCFP7r4oMpvX4qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fex.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 07:44:29 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoAxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuLukaSebwIy_p2YzKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjcz0D8_gCAwBbfi4H"
content-security-policy: script-src 'report-sample' 'nonce-f89WselwCFP7r4oMpvX4qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://fex.net
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ Frame 4550 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=257865539763624&bg=!WFulWxTNAAZ-RxQpXkc7ADQBe5WfOCzLBUqVEcCyx0pg2Cjdk3elJlFsEUevmHxu0D5-At96z7l8gOGX_LzWPf1eff5PAgAAAFRSAAAAAmgBB34ANm_XVFCDlvMYm9FKjo8ySPNutE_aFp_p0-cIk5nEJSw21Axjquk-5_LY6m_vdwN3VM0RsID5WpkCnBui0sriRQ54uNTUA4rnsFS-YfOYUOTnhpfk3SD69KwyC7eGkSnHkPMBpIA8BJste3R1jpIi3oJDOeCuRxdX4GCxq6Yx96BOE4OIwGM7DkIy9qvOzHy5aj2fbgauo2pfErE7KDN1MCBgT_LhNhtAnfPTXobgOfftLiuWCfIR40YX6Cw49b6F_aRxE8SmsT4HjJ11I6QFZa59QRVqhlTINYwG-cvs9fjct0gVP7JlmtqNmvvNH5z35fPa-Gb6xzXxzopGrnGpErWJFLYI4JfNvh3HaudMW15gNU7J1eKX1dEH4rtdcmeU11A4k-h5u3fzEtz2VQ4Y5LOYqSxEDXkN0vrxTiDPks-gFFFaDrCdUzetLbWMHR72xIqAFWwpWhzCckvCMYg3aATrzCWEA1bNU2-kuaKIPb38wtJvW4kPw33hZ4tafziF4_8_ykA2_QAjezH4G_4bUCZzMn5A51RBu2HgGSvmMjtA_vC2wHQnkMnWiedps-M0WIfscf170eRRqI8ocuntOZLtcpAKVVp9gZOwGTAnPOCbzHvlj6LRMKlRjg8OGSc7ddrawejsPPtqrfwZTESeKpGU2lebpqanVXX0OW4Bv5t_zhIbhCU6E8JrKMFxenSZga_g_AFBuXa3ST4opLhuVI6TvXSGqKirCX8bqnieI-KDIGJVUAFehXPK6EHPGqlNKHoeLN1vQg0fjs_oO3rys7xQtTB1lK0hkN1tpoVR5ttfEAVai-9pS54cb4RC53f5GQuyyC2Z780ko0F3CUKJ3HDnWwhFY31HwyXWkrBherAxEPixDboSGSAfzE6PqT2mWI9nuz2Ved7444p0NtF-I9_CBkM7Kv3oOKAMSbw2zUtyfePeiOhVLOewhxFOFBo-A929tLIN

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fex.net/ru/s	1969-12-31 23:59:59	Name: b Value: b
.fex.net/	1970-01-21 00:37:54	Name: _gid Value: GA1.2.1022349311.1730187866
.fex.net/	1970-01-21 02:46:03	Name: _fbp Value: fb.1.1730187866221.247037686499655757
.fex.net/	1970-01-21 00:36:27	Name: _gat_gtag_UA_134700492_1 Value: 1
.fex.net/	1970-01-21 10:12:27	Name: _ga Value: GA1.1.1492578227.1730187866
.fex.net/	1970-01-21 10:12:27	Name: _ga_JXWQG3YTNG Value: GS1.1.1730187866.1.0.1730187866.60.0.0
.fex.net/	1969-12-31 23:59:59	Name: fex-uuid Value: 542b92223b2a4df09e662f923c7ea682
.fex.net/	1970-01-21 00:36:27	Name: _gat Value: 1
.fex.net/	1970-01-21 00:37:54	Name: token Value: eyJ0eXAiOiJVU0VSIiwiYWxnIjoiSFMyNTYifQ.eyJ1IjowLCJwIjoxLCJ1ayI6Ijg1NWE2Yzc2NWMyZjQyNjY4NDkxOTJlMyIsImV4cCI6MTczMDI3NDI2NywiaWF0IjoxNzMwMTg3ODY3fQ.hrcOs2PBu1hm0dn6xc56e9s4-oIbw9r_bmZre61s3Ck
.hit.ua/	1970-01-21 10:12:27	Name: uid Value: 801781175.1730187867.1136380850
.aj1913.online/	1970-01-21 10:12:27	Name: UUID Value: 282239fc-cacb-59f3-950f-17c02273da27
.aj1913.online/	1970-01-21 09:22:03	Name: bsc Value: 184-1730191468453-123-1--
.aj1913.online/	1970-01-21 09:22:03	Name: ucv Value: 20-ES-1730274268454-24--

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aj1913.online
api.fex.net
c.hit.ua
cdnjs.cloudflare.com
connect.facebook.net
csi.gstatic.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fex.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.es
www.googletagmanager.com
ep1.adtrafficquality.google
104.17.25.14
142.250.184.195
142.250.185.142
142.250.186.162
142.250.186.174
157.240.0.6
172.217.16.194
172.67.202.114
2001:4860:4802:32::178
2001:4860:4802:34::36
212.124.124.19
2a00:1450:4001:812::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4003:80c::2003
2a00:1450:400c:c0d::9a
2a03:2880:f177:185:face:b00c:0:25de
89.184.81.35
021d1f122e4befb9e236030c5099e156cf8d02bb0b175a095e25b51c877c3a54
0393fe4ae1f758d14cf70811c29d9e39f836e78ec43378a0c2abc772a5797a22
073b1cfa80f31ea7e9c655495aa9787ba10af464a898f3bbad38ad7c114e7175
0f813b4f88c389aa3e83199cd3d6f6c1b3f4f09084de17843b97b351d4fe48ac
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
1458bcd90d2304e6f3dcaf295d87449eeda1e9f179909338066c1f114d141bc2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ea10555bd646e3191271c29198a3cdda67c771006d2951f6d1720051a7d333f
2363b9fae1b894b0008d0457f8f4696ed0375baba554faa374f230c0010b4d58
23a753904149c85458b70c3cf7dff1b0c3c108e1886ca3895aa93f984509b808
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
333bac18afe507f5ffeed33f1d58efbdf0b11274a26579eb50ff4e9d58d65c1d
379b4acc82f978f49655ce724d2fb42e717dc14fcdfe07f83afcfd04e795d967
382905696705a40edf5c2e40b399e7803ed3c07cad9bcb2d9d34e701623cc57d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
44d42c73884aebef45ddf03fc036104a02a0a682dd2411905ee865059aba7233
4a695af99ecbec4514a3e4f50750bd3753da53e251d94b2239b3edadf152a23a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff833b2b3bfef92af725cc72a7b0e323ed00e14b4f3b3192cd80f8b090a4f9e
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a936cf4c1d9614e205a171acafd2a6d561ffd6ee17baa022aece109adec6a7
95f0958c43fefb049c30942cb2f88da354fce00602eec391fcd988a8272820d8
98783c6e9cafc97d6660379c1ef2981128efcc6dfb31eb19eb11d017c5945258
9969d8e9b227e060653e668c766dc39c2d3febbe722ab84c1843f19ebe4becb4
a809725136061476f4eb67bafdc1d5b2eb27c08d953977a846b30dafe1cd7a58
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b39ea4cd37978423c2af3b4c4a4375720bb57a5014c421cfe8972de791c0f502
bbeb7f7f618c8d82bce1600d57e67a9f6759bed1d00097935d1714440dcbdb7b
c0368268129cb9493ca7da0bcb97dc7e4fdf2e261bf25fd0b1e756d677501aa4
c046229f6e3f318b9e1d6cdf4f018292fe109309d5e60baf067a43f82b17e633
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
d324ccb31eda72f4015aa2814c6487b5cb5a6102b6a815e7560a36970c84c444
d413bbe05501fb2a71c5566b9d2e5e3a9366e9f6f7ae7053ce674485aeface69
d48ad29ba96930befb7ad8d228df08686d8bbdeb4a0a92fb90d2dabe80af92ae
dae11dbca14a01950e798d4c3f0037b71745cf24d879b1a4459f80910f9709ad
dcddcf691e5aa8912b7cf6d1b2b91f155464af12cf24504f33d07bf96a997956
dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec1145ac695429d7942501170b12a61e5a93e648836dd00ab2462330a1c8045
e1a2b838cab6d88f126622ec6bd30703c55b3bf6e73f3c52c3a368be87de61b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fe0bd3e04e27194f7411d0b141032448bc4cd980d2f016ee49a7f9abce49b2
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f713b0b97fb14a31914da74e139e49a4ec72aefeb6bdf7d25d5437932b40a8ce
f77c9d95093768e6ccd9d043ccc016ef2e2af722bcbef3e220aaedf2e709c1d3
f7e431adb0af7095237b312df5fc1217fc56a801b0f8bb823bd80b8a9d3f5f5c
fbde9640f7bead77cc29df5c627f30d711f18e9f3d28456072a530b90c21c233
fbf7010fab44488b370018c4ac892945780ccaa4f06f597390997d9ddd501fc3
feaca870e395dcd212bf346d13c40847a06d67f6acd6da51b9e2c867dcb0af3d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

fex.net Open in urlscan Pro 172.67.202.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

99 %HTTPS

52 %IPv6

16 Domains

20 Subdomains

22 IPs

6 Countries

2427 kBTransfer

9253 kBSize

13 Cookies

8 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fex.net Open in urlscan Pro
172.67.202.114 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

99 %
HTTPS

52 %
IPv6

16
Domains

20
Subdomains

22
IPs

6
Countries

2427 kB
Transfer

9253 kB
Size

13
Cookies

81 HTTP transactions
0 data transactions