fex.net Open in urlscan Pro
194.106.216.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fs24.fex.net/download/4566996032
Effective URL:
https://fex.net/403?file_id=4566996032
Submission Tags: falconsandbox
Submission: On July 13 via api (July 13th 2023, 7:03:20 am UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 98 HTTP transactions. The main IP is 194.106.216.70, located in Ukraine and belongs to CDNNET-AS, UA. The main domain is fex.net. The Cisco Umbrella rank of the primary domain is 785498.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 29th 2022. Valid for: a year.

This is the only time fex.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.109.240.5 193.109.240.5	21257 (CDNNET-AS) (CDNNET-AS)
8	194.106.216.70 194.106.216.70	21257 (CDNNET-AS) (CDNNET-AS)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8	199.80.53.138 199.80.53.138	40824 (WZCOM-) (WZCOM-)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
98	19

1 193.109.240.5 (Ukraine) 1 redirects

ASN21257 (CDNNET-AS, UA)

fs24.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.106.216.70 (Ukraine)

ASN21257 (CDNNET-AS, UA)

fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.80.53.138 (United States)

ASN40824 (WZCOM-, US)

aj1913.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	536 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	225 KB
11	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	80 KB
9	fex.net 1 redirects fs24.fex.net fex.net — Cisco Umbrella Rank: 785498 api.fex.net	976 KB
8	aj1913.online aj1913.online	92 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	258 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	113 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	912 B
2	google.de www.google.de — Cisco Umbrella Rank: 4752	515 B
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 3460	828 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 144453	593 B
98	14

	Domain	Requested by
17	pagead2.googlesyndication.com	fex.net aj1913.online pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com fex.net googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net fex.net
8	aj1913.online	fex.net aj1913.online
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	2 redirects tpc.googlesyndication.com
6	fex.net	fex.net
4	www.google-analytics.com	fex.net www.google-analytics.com
4	www.googletagmanager.com	fex.net www.googletagmanager.com
3	fonts.googleapis.com	fex.net googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google.de
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.fex.net	fex.net
2	cdn.polyfill.io	fex.net
1	c.hit.ua	fex.net
1	fs24.fex.net	1 redirects
98	21

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
fexnet.zendesk.com
apps.apple.com
fex.plus
www.facebook.com
www.instagram.com
t.me

Subject Issuer	Validity	Valid
*.fex.net Sectigo RSA Domain Validation Secure Server CA	`2022-07-29` - `2023-08-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
hit.ua R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
aj1913.online R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://fex.net/403?file_id=4566996032
Frame ID: 80C2BAFCCA0810A67F6B88E0408F795B
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: CF3674609140D98A77582233773B8B08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1509A143CB8DCB76C089568960FB57CA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4FDBA082D81F6FE92120E990E66247F4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796494&bpp=2&bdt=113&idt=232&shv=r20230711&mjsv=m202307120101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=2&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1591087533&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31071259%2C31075757%2C31075881%2C31076011%2C31076064%2C42531705%2C44788442%2C31061690&oid=2&pvsid=3947666796187297&tmod=1067531319&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nh7favxw4dt2&fsb=1&dtd=246
Frame ID: 3DA9781DDE528FCF999ADE29CEC7EF96
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198
Frame ID: A3353F3ED73F3811C354DF27918542AA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9579EDAA794E006C4959810969A0AB43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA784B7EFB29AC9FA3B2D269EDD73258
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F42157A5133BEF797E54ACF7CE990819
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C6D5BC9D362244BE06713F91C0B962A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4F225BCDEBF46615C02C144F8FB0C12D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: C7EE154209A188C7FF9C3CA4520369AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C1804926F43434E246F1A340658A3F91
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 11D9295C5B5A686C2B926A6CF17A05F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File Sharing and Transfer - Send Large Files via FEX.NET

Page URL History Show full URLs

https://fs24.fex.net/download/4566996032 HTTP 307
https://fex.net/403?file_id=4566996032 Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

98
Requests

100 %
HTTPS

79 %
IPv6

14
Domains

21
Subdomains

19
IPs

4
Countries

2309 kB
Transfer

7254 kB
Size

16
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.labracode.fex_android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/fex-id/id1281961720

Search URL Search Domain Scan URL

URL: https://fexnet.zendesk.com/hc/ru
Title: Help Center

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/fon/id1395149445?l=ru
Title: FEX FON

Search URL Search Domain Scan URL

URL: https://fex.plus/en
Title: FEX PLUS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FEX.CLOUD/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fex_net/

Search URL Search Domain Scan URL

URL: https://t.me/FEXNETWORK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fs24.fex.net/download/4566996032 HTTP 307
https://fex.net/403?file_id=4566996032 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

98 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 403 Show response
fex.net/
Redirect Chain

https://fs24.fex.net/download/4566996032
https://fex.net/403?file_id=4566996032

8 KB
3 KB

198ms
57ms

Document
text/html

194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fex.net/403?file_id=4566996032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0b891357773cf27318c39c59c5ceb3fa4c9a3f985e55139bc016356caf5fcea1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 13 Jul 2023 07:03:14 GMT
etag: W/"64a51108-1ec5"
last-modified: Wed, 05 Jul 2023 06:43:20 GMT
server: nginx/1.12.2

Redirect headers

content-length: 74
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 07:03:13 GMT
location: https://fex.net/403?file_id=4566996032
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 167ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be828d8e9227b8dd32133a440df4c9a8502a1dcdbf7855aec461b71a63531e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 07:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 06:58:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 07:03:14 GMT

GET
H2 200 28.67741ca0.chunk.css
fex.net/client/desktop/static/css/ 82 KB
12 KB 59ms
58ms Stylesheet
text/css 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/28.67741ca0.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/403?file_id=4566996032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 05 Jul 2023 06:43:20 GMT
server: nginx/1.12.2
content-encoding: gzip
etag: W/"64a51108-146d0"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 19:03:14 GMT

GET
H2 200 main.ddb8065f.chunk.css
fex.net/client/desktop/static/css/ 288 KB
65 KB 114ms
113ms Stylesheet
text/css 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/main.ddb8065f.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d80c46a5b0d04ddf2647cf82eb52c404b5598905f6e5e0708ae947f08cc37ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/403?file_id=4566996032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 05 Jul 2023 06:43:20 GMT
server: nginx/1.12.2
content-encoding: gzip
etag: W/"64a51108-47f1f"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 19:03:14 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 100 B
670 B 156ms
18ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 07:03:14 GMT
age: 4950563
detected-user-agent: Chrome/114.0.0
useragent_normaliser: chrome/114.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/114.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 28.99210b96.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
495 KB 170ms
169ms Script
application/javascript 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

379b4acc82f978f49655ce724d2fb42e717dc14fcdfe07f83afcfd04e795d967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/403?file_id=4566996032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 05 Jul 2023 06:43:20 GMT
server: nginx/1.12.2
content-encoding: gzip
etag: W/"64a51108-1c0aa3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 19:03:14 GMT

GET
H2 200 main.632446c1.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
360 KB 280ms
280ms Script
application/javascript 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/main.632446c1.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

a49cae7e3c523b5ff8ea361a63c83404ddcfe160d6b40707b57516b1f1de723f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/403?file_id=4566996032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 05 Jul 2023 06:43:20 GMT
server: nginx/1.12.2
content-encoding: gzip
etag: W/"64a51108-1984b4"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=43200
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 19:03:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
44 KB 76ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a822a340651e070aa75efcdb390fc31a2a3ecf599deb4e54fe1dc7121c26e0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44866
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jul 2023 07:03:14 GMT

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 100 B
158 B 20ms
20ms Other
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 07:03:14 GMT
age: 4950563
detected-user-agent: Chrome/114.0.0
useragent_normaliser: chrome/114.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/114.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 05:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7117
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jul 2023 07:04:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08a2d8ef479ba8877d855c2d207467c17c1a320006962e256922426f9030a18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 07:03:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80cf8660bd62171f300cc58f13258ffd4ae58fe4939cb5db33c1bbe9654435e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65035
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 07:03:14 GMT

GET
H2 200 translations.json Show response
fex.net/client/desktop/locales/en/ 182 KB
38 KB 61ms
60ms Fetch
application/json 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/locales/en/translations.json

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

eb87efb0fa120b6d9a1e1c9e0973fd86e0fb8e6fde67fd5ddb774bcb02c166ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/403?file_id=4566996032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 05 Jul 2023 06:43:20 GMT
server: nginx/1.12.2
content-encoding: gzip
etag: W/"64a51108-2d74a"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
85 KB 41ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43d6d670493d12a34c6effc4153835f4cfb8277abe1bb7d2c4509fe420356e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 07:03:14 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 26ms
25ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1635213556&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ul=en-us&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=500043845&gjid=1138511737&cid=57809916.1689231795&tid=UA-134700492-1&_gid=411862530.1689231795&_r=1&gtm=457e37a0&jsscut=1&z=1914087366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 anonymous
api.fex.net/api/v1/config/ Frame 0
0 200ms
61ms Preflight
text/html 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: GET, OPTIONS, HEAD
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 07:03:14 GMT
server: nginx/1.12.2
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

GET
H2 200 anonymous Show response
api.fex.net/api/v1/config/ 3 KB
4 KB 77ms
76ms Fetch
application/json 194.106.216.70
CDNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.632446c1.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.106.216.70 , Ukraine, ASN21257 (CDNNET-AS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 63c1c05492b023d81036f3b43be3e453425c44b9fc4661f8abaf23daf2937e47

Request headers

Referer: https://fex.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 13 Jul 2023 07:03:15 GMT
server: nginx/1.12.2
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, noindex, nofollow
content-length: 3473

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-134700492-1&cid=57809916.1689231795&jid=500043845&gjid=1138511737&_gid=411862530.1689231795&_u=aEDAAUAAAAAAACAAI~&z=130227380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Jul 2023 07:03:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 71ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JXWQG3YTNG&gtm=45je37a0&_p=1635213556&cid=57809916.1689231795&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689231794&sct=1&seg=0&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 80ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134700492-1&cid=57809916.1689231795&jid=500043845&_u=aEDAAUAAAAAAACAAI~&z=1082459913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 79ms
32ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134700492-1&cid=57809916.1689231795&jid=500043845&_u=aEDAAUAAAAAAACAAI~&z=1082459913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 780ms
121ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.632446c1.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

293a434ef0008bebbb03cfc0db4ec2a96643b691d33b1c03a901850dd27f7396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50415
x-xss-protection: 0
server: cafe
etag: 11386575258547102669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:15 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 42ms
41ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1635213556&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&dp=%2F403&ul=en-us&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1498588726&gjid=665919051&cid=57809916.1689231795&tid=UA-134700492-1&_gid=411862530.1689231795&_r=1&_slc=1&cd2=1689231794734.w5fibalp&cd3=anonymous&z=1213233989

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit Show response
c.hit.ua/ 315 B
593 B 709ms
48ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&r=&u=https%3A//fex.net/403%3Ffile_id%3D4566996032&0.15449508336447249
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.632446c1.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 99fc4d5ff0e88398d6b463435c34c9701a6b28dbeeb0d14872349db2dc24c884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: application/x-javascript
server: nginx/1.17.9
expires: 0

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 693ms
38ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:22:45 GMT
x-content-type-options: nosniff
age: 394830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:22:45 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 709ms
55ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:53:39 GMT
x-content-type-options: nosniff
age: 529776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 03:53:39 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
30 KB 674ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 22:16:18 GMT
x-content-type-options: nosniff
age: 377217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 22:16:18 GMT

GET
H2 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 699ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 09:06:21 GMT
x-content-type-options: nosniff
age: 511014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 09:06:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1635213556&t=pageview&_s=2&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ul=en-us&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=57809916.1689231795&tid=UA-134700492-1&_gid=411862530.1689231795&gtm=457e37a0&jsscut=1&cd2=1689231794734.w5fibalp&cd3=anonymous&z=1856357195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 00:23:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 36 KB
37 KB 790ms
147ms Script
text/javascript 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 099bc62518d641d9069e10e9960d2b864af50fa57f228bb08d0795d758ee33b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
accept-ranges: bytes
etag: "0f0d3ff539556b68583c002fd23508b66"
content-length: 37244
content-type: text/javascript

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 36 KB
37 KB 935ms
292ms Script
text/javascript 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?allpages
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 099bc62518d641d9069e10e9960d2b864af50fa57f228bb08d0795d758ee33b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:14 GMT
accept-ranges: bytes
etag: "0f0d3ff539556b68583c002fd23508b66"
content-length: 37244
content-type: text/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-134700492-1&cid=57809916.1689231795&jid=1498588726&gjid=665919051&_gid=411862530.1689231795&_u=aEDAAUABAAAAACAAI~&z=697552047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Jul 2023 07:03:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134700492-1&cid=57809916.1689231795&jid=1498588726&_u=aEDAAUABAAAAACAAI~&z=1657391833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134700492-1&cid=57809916.1689231795&jid=1498588726&_u=aEDAAUABAAAAACAAI~&z=1657391833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame CF36 10 KB
5 KB 72ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 14:59:54 GMT
etag: 12368291122986407432
expires: Wed, 26 Jul 2023 14:59:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 z3JkW8bTC2rVe8mxwo5HJjFyM6MtahiqhS3srZgAMCBDppaJm2ZqGEYNGGI5GzXzE0zxOFqVrmL9gPssfAchqxN7FYDZ3B2pcuIj0KFFd_ADCvKFdqCTHrEynPF0x2KO6BDGiFZqVJA6uttIu_JKuoMskH64QeRgMJVQrpZuYrrW2NYGPdvOT2xFfw7TlpIq-bfVu... Show response
aj1913.online/ 38 KB
14 KB 173ms
173ms XHR
application/json 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/z3JkW8bTC2rVe8mxwo5HJjFyM6MtahiqhS3srZgAMCBDppaJm2ZqGEYNGGI5GzXzE0zxOFqVrmL9gPssfAchqxN7FYDZ3B2pcuIj0KFFd_ADCvKFdqCTHrEynPF0x2KO6BDGiFZqVJA6uttIu_JKuoMskH64QeRgMJVQrpZuYrrW2NYGPdvOT2xFfw7TlpIq-bfVu7uAkxMnLqB5UrctiU0va2CgIdCwKVYWH-3J8nFvubL8sxhmbbc_jrxnVUrRqD3J2-0UPyCg1TitqRQgiIb2_1g9nLrS1ILplohD8Ks2MwYnjAMYulaMAlyOhKuqyHt6y5kOoO47XGVsvsRLLUcxhfflWi7y7vWxfssbGMRpMY-V9DSd33j7lmCEEtq8NB30aLGpvkYAOfWstZIxS9fGOgrFZ7UuwQVfGUnypd1qcFz7mVxj2oYKs8PtUE7GktssXYfXIMt2jp6c?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 4abb4e0beb158faa8d51aee60e956b321d20bee5e2d0c40829a06e1e407110f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
vary: accept-encoding
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zvoDgDy5c9O5GdCxaju9nUbuv8v_Yd0jWRRjAPVIWFrisWbmBf3Ok66D62oFa3_xyCvA73Cq0nz_Ae3EN6hJIwPzCJpcqtEaSKWeSTRY50Km2OOpqj2pSV2C3bLCdoUfvfxbtdg7BAnIgXWVZ6v0-C-1wDhXItNiGdqYXN5NXBBL8OtrLrcO3IWL792d-bY4fFekm... Show response
aj1913.online/ 985 B
2 KB 148ms
148ms XHR
application/json 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zvoDgDy5c9O5GdCxaju9nUbuv8v_Yd0jWRRjAPVIWFrisWbmBf3Ok66D62oFa3_xyCvA73Cq0nz_Ae3EN6hJIwPzCJpcqtEaSKWeSTRY50Km2OOpqj2pSV2C3bLCdoUfvfxbtdg7BAnIgXWVZ6v0-C-1wDhXItNiGdqYXN5NXBBL8OtrLrcO3IWL792d-bY4fFekm2sSd-0LIB6Yz0OqQz5ri_GbeK2LCcHE24enCS3xG2JEJR08UEpBHf4St8GNtK_anW-yKnmRj6bvI37aOxXwH73rw6NpTRSI9IntDUtTwbMDe1122UxoD1Bl5grkSVz1Oj9wjPpjjXgqSM7C6neltWvRfGqrhMtRvdLGZkX-pDMFf9cLiIYZy3s0X6pjffPTbF2Be6Ov0n4aIvIM1jxiTAxXyK9xsREnQGg3AJGD9i38roRKgRtfvEBFoN1Hp_6UOaPXLO9mpoqU?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: fafba96ea1024d8c196d1db88d1422a6b4c513f55baa4c41d0912acd9ad6e506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 985
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zx-T8BeVbdmiS--QypX4wTCGjhIPCkRnqCxZtc8QnkBqPmLD9aybEnUCJ-njOk1R5MjuoAQYuCOWeeS3ebFVfEETnoByavWf8bhkh4CQqnCdhTdWbzCzS9jLHFBo2hJnue53UfPOk9kzxtr5ZcHDB_5u6AP1Zssxal-aLRsCBfGhNKl4DGkSem5MQ2uwYfF7M39fw... Show response
aj1913.online/ 984 B
2 KB 155ms
155ms XHR
application/json 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zx-T8BeVbdmiS--QypX4wTCGjhIPCkRnqCxZtc8QnkBqPmLD9aybEnUCJ-njOk1R5MjuoAQYuCOWeeS3ebFVfEETnoByavWf8bhkh4CQqnCdhTdWbzCzS9jLHFBo2hJnue53UfPOk9kzxtr5ZcHDB_5u6AP1Zssxal-aLRsCBfGhNKl4DGkSem5MQ2uwYfF7M39fwIMQmdYK_ScDoWmmpmnXjx1vuq910thTOApCLww3VbXDhnN0HhQxZlWxePT6kegcflrvA9PJSWC2nOA0Ula_0nHWh4hYmj9YOgTwc9h5L8oVeuhfpsdmvDmcrIxWfDKpiswMbNhis8v97Dqh5w3PAnlKuLgmlqUgb4ndY5PUD2eF2qCFyv549G-YstYoVbAkadcsPUiQgs5k8wOOe1H77saMzCohCvPL9uwfIhrWJwO1dbry0fPJ2T-mD7u6phnxorpll2_On9g?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: db939783a662febdffe52d732e6075f4a9fcc6447364e05852bf780b69cf68bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 984
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1509 143 KB
49 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb30a0106f1e2704aab43807c89ab4ffaf7e2a6e8010cfd299353ffa0d2c2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50431
x-xss-protection: 0
server: cafe
etag: 4382176180628291063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:16 GMT

GET
H/1.1 200 zhL_p2HznsUGmKZeIlwjaVgY3wjp8JyWYl29pbVUng4hYvNGR64E-8uv64_y9aCUtQ0EtBotdgjqBcaYKFzEaUipFJVbO4CRuBg8euNo2gZvMUbT9P3ESHyTuH5jCvSQeMJKB5r9QdTA0RJpC8MsIDGcq9y7FO9y8S-HYZk-NkyrXHf59yJzRbeZc--IxjIBOuSPw...
aj1913.online/ Frame 1509 49 B
512 B 153ms
153ms Image
image/gif 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zhL_p2HznsUGmKZeIlwjaVgY3wjp8JyWYl29pbVUng4hYvNGR64E-8uv64_y9aCUtQ0EtBotdgjqBcaYKFzEaUipFJVbO4CRuBg8euNo2gZvMUbT9P3ESHyTuH5jCvSQeMJKB5r9QdTA0RJpC8MsIDGcq9y7FO9y8S-HYZk-NkyrXHf59yJzRbeZc--IxjIBOuSPwtdgIXuqyIH2SRWsY0Gh3bvKeUBwHTKBYA1-_ob091o17WHZAnNFss5XUxH_FpmrFuQEj9OJ69zGy5PX10h3MqgUkpYsR1RFO1aB42K5FH-NkWKmfW-ek1TNU13KhOYXjKnVVDoSJ3HVcFyMQdthsYzd4z4o0ZzCtnSqa_YlUkl-4T3gKYMtcYQ?DC=WZ
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
last-modified: Tue, 16 May 2023 20:36:06 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1684269366000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4FDB 143 KB
49 KB 155ms
155ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?ForbiddenPage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f31a27eb9abf7169be2d00591c6baf207e17aaed837e64c571cc7d88e1ce5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50462
x-xss-protection: 0
server: cafe
etag: 12880396602555740048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:16 GMT

GET
H/1.1 200 zNOwMKjZtrnjya-HprNxYUA2VRQNlSnCFtTYvIrL2gqWn0cM2Z7rGgWC1OD_mSCY9QWCET6QgRfZtZshyjbm9AtSXdPlGW1FlauIoDz6VT7pfkVTEyzZ6ICcqC_-TsOIIIZuYU2PyfHaXUboMMvxGA3va-50fcQ8ujP5w6PzY6MxHLuPc_Term2OTdoJVQy4zyEFU...
aj1913.online/ Frame 4FDB 49 B
512 B 147ms
147ms Image
image/gif 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zNOwMKjZtrnjya-HprNxYUA2VRQNlSnCFtTYvIrL2gqWn0cM2Z7rGgWC1OD_mSCY9QWCET6QgRfZtZshyjbm9AtSXdPlGW1FlauIoDz6VT7pfkVTEyzZ6ICcqC_-TsOIIIZuYU2PyfHaXUboMMvxGA3va-50fcQ8ujP5w6PzY6MxHLuPc_Term2OTdoJVQy4zyEFUNZE1m5EjC9xgKOoq_CwFWqfZHz0rnRfHCUNR0DiFICHGnmEC221K9a1F7A6Ad3GB4oH5I6Q19UQ7vQueXPiUrekJgZ2w0e6Eu5YxJpQCIWRK7fzaEKOfONiD2CvijRMtB8kF-4uAgSVB3oYb-iFgGQgJNibIqgWVhFtjDhO6lvpeJq4qoTK4Hw?DC=WZ
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
last-modified: Tue, 16 May 2023 20:36:06 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1684269366000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 z7Jq4AejrPY48ZT8gwPGFutC_79wWPCmeuUz5UJthi9sVSGBIL2d7g9PzWOVWdWgzOesYeLA_F-t-joKDEDh-z9--uhniU7QJwKSswG8I2vN8r7_BLcXP5BspG-TPXc-_pLn8EeR4hmnCGB1ryBP69c-EDpVEv_APmUPI4fgsszm1naHCXUYmmnwqyfYwEGqctzZI...
aj1913.online/ 43 B
777 B 148ms
148ms Image
image/gif 199.80.53.138
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/z7Jq4AejrPY48ZT8gwPGFutC_79wWPCmeuUz5UJthi9sVSGBIL2d7g9PzWOVWdWgzOesYeLA_F-t-joKDEDh-z9--uhniU7QJwKSswG8I2vN8r7_BLcXP5BspG-TPXc-_pLn8EeR4hmnCGB1ryBP69c-EDpVEv_APmUPI4fgsszm1naHCXUYmmnwqyfYwEGqctzZI72B91KiOLDKqVCPe5vwe6YjPtlaAvyGWWZXBuq6OiFHf687DGA_ymW8BPtqcX0E1ohqyIhAytt_Zo_rdzXEqLDHn1OS12AaXAQwru0vQel7-BbUBKxsYa_gn7_6VBFywv-6UCIUJsQQzEeMF8-1IcqMKWjm3EKNeoJ5-NY57X_JL37ASxeKfFnBopArtHLVeVlJ9Z9jRgfw?DC=WZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.80.53.138 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:15 GMT
last-modified: Tue, 16 May 2023 20:36:08 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1684269368000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120101/ Frame 1509 357 KB
123 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31076064

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7f97afeaea036678660c8e29050a48a847818ab755afc6be8c1bcc8c301a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125730
x-xss-protection: 0
server: cafe
etag: 5408390839810951103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:16 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110101/ Frame 4FDB 356 KB
122 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31076063

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d76731f2be8bac9f37cc96cc7c963889d49d0c93145c99867a424dd55c50237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125346
x-xss-protection: 0
server: cafe
etag: 378440956012446192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1509 381 B
598 B 73ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31076064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baed001b2d0c1e8bf8b8cd0a2aff17d621eeb59d8aeeb1795c0ed5d154bf0dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1509 107 B
456 B 77ms
28ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fex.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DA9 109 KB
37 KB 567ms
564ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796494&bpp=2&bdt=113&idt=232&shv=r20230711&mjsv=m202307120101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=2&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1591087533&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31071259%2C31075757%2C31075881%2C31076011%2C31076064%2C42531705%2C44788442%2C31061690&oid=2&pvsid=3947666796187297&tmod=1067531319&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nh7favxw4dt2&fsb=1&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63026fd129e63b61fb7c7dc4726f085b37c69029b8c91e2e7d716d59bfcbadf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37708
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:17 GMT
expires: Thu, 13 Jul 2023 07:03:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1509 15 KB
12 KB 107ms
68ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e3c5c7046e143c41a3e075276d16c4e9af2c1b3d1d4aa628fcb01e6d1d95410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11819
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4FDB 381 B
314 B 48ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fex.net&callback=_gfp_s_&client=ca-pub-8564894658009468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31076063

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1d6f40bd8bcfccfc9d91734ac1996ba3e067b2b9e5757f377075acf4d1909bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4FDB 107 B
165 B 53ms
38ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fex.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A335 109 KB
37 KB 931ms
930ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66106a42e5ef239fadb43642b742d056434f0cc1fc07e22440a332308d605e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38058
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:17 GMT
expires: Thu, 13 Jul 2023 07:03:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4FDB 15 KB
12 KB 73ms
68ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efcf3ffb1911db7224cc84c0d22d957456695b43398958d6cd027a1537c593c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11819
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4FDB 17 KB
7 KB 81ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 07:03:16 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1509 17 KB
6 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 07:03:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9579 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 13:59:48 GMT
expires: Thu, 11 Jul 2024 13:59:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA78 783 B
535 B 29ms
29ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b16a1a93d8a248ef16f59f21c75497b50a0bcde9129a723fcc64e568fd2d883

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ej3qKe2ivTVPbxTKI0brDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ej3qKe2ivTVPbxTKI0brDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:16 GMT
expires: Thu, 13 Jul 2023 07:03:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F421 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 13:59:48 GMT
expires: Thu, 11 Jul 2024 13:59:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C6D 783 B
536 B 28ms
28ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

03c94a7d9daf1b3af0d915fa51de50b6fff10d3b45a9fbe630c619f4ea0b871c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mcYWjzHFXYAEA6wL2dkdpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-mcYWjzHFXYAEA6wL2dkdpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:16 GMT
expires: Thu, 13 Jul 2023 07:03:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 9579 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA78 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=3059989856992328&rc=
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame F421 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C6D 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=3947666796187297&rc=
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9579 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Smk-aA
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F421 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0uJc4Q
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame 3DA9 9 KB
4 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796494&bpp=2&bdt=113&idt=232&shv=r20230711&mjsv=m202307120101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=2&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1591087533&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31071259%2C31075757%2C31075881%2C31076011%2C31076064%2C42531705%2C44788442%2C31061690&oid=2&pvsid=3947666796187297&tmod=1067531319&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nh7favxw4dt2&fsb=1&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 369d21e23798e41a4bd263e83a9ef671.js Show response
www.gstatic.com/mysidia/ Frame 3DA9 10 KB
5 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3DA9 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 07:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 05:41:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 07:03:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3DA9 2 KB
892 B 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:57:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 3DA9 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:57:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3DA9 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3DA9 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:57:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DA9 179 KB
57 KB 80ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:17 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 3DA9 33 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F22 143 B
166 B 18ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796494&bpp=2&bdt=113&idt=232&shv=r20230711&mjsv=m202307120101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=2&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1591087533&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31071259%2C31075757%2C31075881%2C31076011%2C31076064%2C42531705%2C44788442%2C31061690&oid=2&pvsid=3947666796187297&tmod=1067531319&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nh7favxw4dt2&fsb=1&dtd=246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 06:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3DA9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdeaacc471ec79310a27e5f78eb67b42eb30a80ad0958462e1c86a3c0225fdd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F22
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:17 GMT
expires: Thu, 13 Jul 2023 07:03:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3DA9 33 KB
33 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 361158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 02:43:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3DA9 0
23 B 65ms
64ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf8BHtKGvZLGrL_aCwuIP0LW8wAzG-aGUcc-sneqIENrZHhABIPajxUtglYKAgJQHoAHmgtKcA8gBAakCQcwcumgPhD6oAwHIA8MEqgS7AU_QZ2LMN2k_owpsgUSYF_Z9Z9KtWxGpPbfDbAfQbghtJ-7_O22ZGsfS46aQbQmzMFcYuQldvT0mdXH0jnjpN2E6t-rqoenhTXDxQGYp2iEMucb2xGzrFp7FqP0LA30gfrTRlL7pN1wMIdLrXX6_GaixuhIXMFpLLmHQILa2uRbnjwwFQ92RBiMWJw5HkGv7VtabbqvwuQlweGjoRP3Eda6bqCF9zhm7LJYzbvauK9v4kuRnTJ6oXlvBy_fABLrZzIKHBJIFBAgEGAGSBQQIBRgEoAZmgAeb7p3VAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO_SJdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDYgUDtAVAYAXAbIXHAoaCAASFHB1Yi04NTY0ODk0NjU4MDA5NDY4GAA&sigh=Nqf9l2nASFs&uach_m=[UACH]&cid=CAQSGwBpAlJWHwgQMibsonoFF8w_iwn5Fo_MImBjjxgB&cbvp=2&vis=1

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755396&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796494&bpp=2&bdt=113&idt=232&shv=r20230711&mjsv=m202307120101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=2&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1591087533&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31071259%2C31075757%2C31075881%2C31076011%2C31076064%2C42531705%2C44788442%2C31061690&oid=2&pvsid=3947666796187297&tmod=1067531319&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nh7favxw4dt2&fsb=1&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Jul 2023 07:03:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 07:03:17 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame C7EE 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4FDB 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=3059989856992328&bg=!paalpvLNAAb90kgr3dI7ADkAdvg8WuDrFwO8YBkM094-oI1b8NfMxGmVY9ojOzqGaio3YnItCDjm_Hpzi-grNl_TXJRw5QaICEsCAAAAelIAAAAGaAEHmQK2fvn7tusyjwNE1eF8Nkhg1vryGY-4n3BeZ2EhBhClbjFXZ7m7uZm1roW-t0TOFY35Lpmcr0I4Js1VbVwUyPIiewD6C1Kf3fzy_hCgHBWXw4aAZ-MdGn8xT_EiH2StqSVdEVQpxCpHZFcAqllojL_iK1BvcHy6M8gxI5_ChZh1tnVpPZCA8N31QcJOoHAWRxrm7A2gninrCLb74nNX8sl4HgJVmA1tN3oXN-t6_iaF7hz9J2ZRurBBViFeLcerm28i9NwJx1M_hmzv-2dNHXltnLv97gBSou0z3YBIGf5VwwS_09Ti-oRbJ2M9XMBB4uCMl_7q5WsM8gJp-aFDhGdWZUnTF47_3bye39XCeCi-Cm0feGY21LOv9m7vxiUrg3BeakIk939ZXxHczd1fktBx8rjzuu0eUKqo6YrbV6v_0PkZ4J079OsyFSTIjcpHyQ8v3S_h2FP6h9PQEHuERQFkoyb7QEv4XPg97HH5DyyYkd7aMZe4cN23u3zIoD54qCZr8J71yiphjx163m2ZRouI8WCHk9bIemYm3XnpwT19A5Cg6nCMl8KMtonw6wTw5ay381RlFD2KMXIZ6xjFXbqXtuzQMnpIYutTq0eHDSvr0_qHH-kQELHYvSH6dvsJVUBou1YK7pP7PDhdrQm7oAJJ-eCn3OM5sqrl_kzpS4JK_nYVJ8nELs6miI9AVI-iVMLAT6jPKGWJDdKwFrpbvCjOw2wA86tYUGG8TJw6IV6WaaQ7HsVzzVbKu6GPUpFMUbuwvKYdcv8DAQuiBTa7zWpnBCtXTpF4iorN1AauBwd1nppFRqnzBlIWyvEZhLOgEiRJpLgMHYQoLH4cKB2tnK9Lj5KuJ7hPPiNh-3_d7vNTk-ps3xYn1AF2qGC217JtfH1TkZPuKl8HxXaMnxVxXXkdzFow214nLg
Requested by: Host: fex.net
URL: https://fex.net/403?file_id=4566996032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1509 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=3947666796187297&bg=!CwilCFzNAAb90kgr3dI7ADkAdvg8Wj078WGyOT5YrwnpXmF_v93_ZafAtKo5q-NrBGhGm4d5YCtZXEhXr51Xfv2mRoHRMd3jVc4CAAAAcFIAAAAFaAEHmQKsBYdqD5HsKE4Y-WXhN_lfdXXTz3f0EXNPUBo_Zfu5jsismaOBBeHzgS97nVlc0RN_5j8t7mFk7j75YV7-LKere6e7uTEXYbhARyeKyx2hWGZ1RFUqlFrwG-Ziov-QyME_nulDslOMK0_KRq9CdzSXsNGh2ccvFL9IcNhfoqd1F8nAS_cCjQ0wXPaeHizmZVOxVXlQYIYAY2w1bgj7YI-KCM9mGH5aSC8guRxDCaP6-9Wb4_NYyHzbmuBC7IgjJgXv-tpHKXHTimkAuGfKcTfyadxZWHdnJV5qTPPIY44fC0xb1-ymDOqYQWFTz3-QfTfCCRkFU_6RW50kvhMJSOnUn_vg1P5niijO3dkK44hlAw1JEuAt44zZX29CvBXr9essgPN4kMaNVGktDXDz-daxjqTN0GKv7svmRpOvkqeIaxGypx9RP8I2lbdN1DyaMu1l8_ofkr3xW_e3ALxko5afGo6H5wbCJG4f-VVPvDHZx1XcDvsJ6QzVH4alrT0LHysUQ1EQuZnvN8POM8raat7XtcpFsDKHyU4TIF5xnJOxB2nVn7Xm5GfASl1Y48Pz-NG0pA6ATsIFVXOP0NnWNdBMrCaU91iQcPu1I1kM9ZG5-tz_6D_Ww-fomeMz9cr5cb2BxrL2fsP0rgZnjj38QhlEbxYmj0iPfCnWXmbVzCz3x59QtoCH2egGORDkdFCKyzj8zMbf1-wtiOTBTySV9d36dT_Xdw8puozazDmJdY4P2JB80-onXHJvmNVGvHbVDh_h0zwajdukjUKFe-vZQab1hXnhIQda6Nl9dU5_ec3fA-fmi16ngmNehcZ2DzNaoaBucaS3ba2766Edld5e8watbzh8V6rpFlmTzfa_z7mGCMUtnVht1HoVe84j4X_KVk6QzM0VNDznak7Nms4m
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame A335 9 KB
4 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 369d21e23798e41a4bd263e83a9ef671.js Show response
www.gstatic.com/mysidia/ Frame A335 10 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A335 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 07:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 05:36:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 07:03:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame A335 2 KB
892 B 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:57:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame A335 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:57:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame A335 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame A335 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:57:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A335 179 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 07:03:17 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame A335 33 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C180 143 B
166 B 19ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 06:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A335 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b9e11f32c024f1b4e06026bb19fa09a78cdef11384d0af2f2c93122ead31db1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C180
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
63ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:17 GMT
expires: Thu, 13 Jul 2023 07:03:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 07:03:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A335 33 KB
33 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 361158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 02:43:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A335 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVimUtKGvZKOOMcqqtweu0afIDMb5oZRxz6yd6ogQ2tkeEAEg9qPFS2CVgoCAlAegAeaC0pwDyAEBqQJBzBy6aA-EPqgDAcgDwwSqBLsBT9BKZo9MLGPyhtNY3McUjP5H3TfFOGnAGO7XKgM789YLjEvQxM_Wc1JIO89v1F4V_f-qQ5yvf6cxnLQroDDcAWBeV9nkAZKpD_4Ul_vk-oF1GAuVUH8wEinw54VVZgoEhGdC457SedXi-x26lIbXW6EaIngEfhT_hBU0kqZMKz91aU94btn7TUaC8QHbeKGBezONEb2Wur7M0n1FT_zIHAP0taYsbsIJ8v7T_ME2Dai41lLSJVGiX6Bmk8AEutnMgocEkgUECAQYAZIFBAgFGASgBmaAB5vundUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQq-Aa0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMNiBQO0BUBgBcBshccChoIABIUcHViLTg1NjQ4OTQ2NTgwMDk0NjgYAA&sigh=RXuAJQmcYWA&uach_m=[UACH]&cid=CAQSGwBpAlJWwmhSxarfvtD-ECsndixT5mi2-VeHdBgB&cbvp=2&vis=1

Requested by

Host: fex.net
URL: https://fex.net/403?file_id=4566996032

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Jul 2023 07:03:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 11D9 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8564894658009468&output=html&h=400&slotname=5046050220&adk=4045543562&adf=3279755399&pi=t.ma~as.5046050220&w=240&fwrn=3&lmt=1689231796&format=240x400&url=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689231796575&bpp=3&bdt=186&idt=183&shv=r20230711&mjsv=m202307110101&ptt=9&saldr=aa&correlator=2663158141768&frm=23&ife=5&pv=1&ga_vid=57809916.1689231795&ga_sid=1689231797&ga_hid=1079924561&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=400&biw=1600&bih=1200&isw=240&ish=400&ifk=1088675118&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31075758%2C31076063%2C44788442%2C44796479&oid=2&pvsid=3059989856992328&tmod=20299503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wpmvl3ajq80i&fsb=1&dtd=198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DA9 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7zVPNkdBL_SZiMApJOY26vi8DMIIRPGk5kLSiaVPBAK-PoiKN3CoQ7AfGYqvBXIrBMxSGDw_SJ4NeD5dtJD_vYSbbztGCG9WcCkUNn5InSjDVG1ZVw3cSmx7vpgaJgw0z7DrM2NjP9SMb&sai=AMfl-YQtnKyqWCrnyOpgR2_KJNM4nbuRstpVomMvPjpId9mdI2rZUmWxDFRZg5lyVCbjXyheGbi_yvRAnt-o&sig=Cg0ArKJSzJz8HBqaM5GUEAE&cid=CAQSGwBpAlJWHwgQMibsonoFF8w_iwn5Fo_MImBjjxgB&id=lidar2&mcvt=1000&p=0,0,400,240&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4045543562&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689231796742&rpt=791&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A335 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4Dp6JYo7bZZHXPX6DuCXlMBsUEmAslfrdbEZx46ljDqOaagEbol90gz4DrUlIn-ObkuUUYj5LwfFMrhkdWeUibCSWdA8XltL7iHS1GbFDJWqLXmCj-BL5j2vIxjhR8SvryRBxzP1JWQQl&sai=AMfl-YS8NyHWasr2-AyrBYLDcbriqARhQqkgxy3cTrP-H2A_6vN7NV32N4H5oJAEDrxjgn2MnuruOVLiutF3&sig=Cg0ArKJSzGjO5JfucvTVEAE&cid=CAQSGwBpAlJWwmhSxarfvtD-ECsndixT5mi2-VeHdBgB&id=lidar2&mcvt=1000&p=0,0,400,240&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4045543562&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689231796775&rpt=1108&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 26ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JXWQG3YTNG&gtm=45je37a0&_p=1635213556&cid=57809916.1689231795&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1689231794&sct=1&seg=0&dl=https%3A%2F%2Ffex.net%2F403%3Ffile_id%3D4566996032&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 07:03:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fex.net/	1970-01-20 13:15:18	Name: _gid Value: GA1.2.411862530.1689231795
.fex.net/	1970-01-20 13:13:51	Name: _gat_gtag_UA_134700492_1 Value: 1
.fex.net/	1970-01-20 22:49:51	Name: _ga Value: GA1.1.57809916.1689231795
.fex.net/	1970-01-20 22:49:51	Name: _ga_JXWQG3YTNG Value: GS1.1.1689231794.1.0.1689231794.0.0.0
.fex.net/	1969-12-31 23:59:59	Name: fex-uuid Value: 4acc3dfd3c9d48d8ac69c2117a09c23b
.fex.net/	1970-01-20 13:13:51	Name: _gat Value: 1
fex.net/	1969-12-31 23:59:59	Name: b Value: b
.hit.ua/	1970-01-20 22:49:51	Name: uid Value: 2214385890.1689231795.3426321287
.aj1913.online/	1970-01-20 22:49:51	Name: UUID Value: 3ad3e3ae-bf51-5a94-ad28-2ad971afd6ec
.aj1913.online/	1970-01-20 21:59:27	Name: bsc Value: 184-1689235396487-123-1--
.aj1913.online/	1970-01-20 21:59:27	Name: ucv Value: 20-DE-1689318196488-24--
.fex.net/	1970-01-20 22:35:27	Name: __gads Value: ID=47799f7ab3121864-222dc49f26de008d:T=1689231796:RT=1689231796:S=ALNI_MblaxqiHdDW9lF6Oi0bZpRrD0bwtQ
.fex.net/	1970-01-20 22:35:27	Name: __gpi Value: UID=00000c3c7fd72036:T=1689231796:RT=1689231796:S=ALNI_MYVuLerpbJ0op0KQGir9Bn-x_tDdQ
.doubleclick.net/	1970-01-20 13:13:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:35:27	Name: IDE Value: AHWqTUlrVeTba0Sz879lDDKd0qexD3h-ykYsivFIdn3t47YgfeNgQNpNmHfYBrZhiJM
.doubleclick.net/	1970-01-20 13:13:52	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
aj1913.online
api.fex.net
c.hit.ua
cdn.polyfill.io
fex.net
fonts.googleapis.com
fonts.gstatic.com
fs24.fex.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
193.109.240.5
194.106.216.70
199.80.53.138
2001:4860:4802:32::36
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9a
2a04:4e42:400::282
89.184.81.35
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
03c94a7d9daf1b3af0d915fa51de50b6fff10d3b45a9fbe630c619f4ea0b871c
08a2d8ef479ba8877d855c2d207467c17c1a320006962e256922426f9030a18b
099bc62518d641d9069e10e9960d2b864af50fa57f228bb08d0795d758ee33b7
0b891357773cf27318c39c59c5ceb3fa4c9a3f985e55139bc016356caf5fcea1
0f31a27eb9abf7169be2d00591c6baf207e17aaed837e64c571cc7d88e1ce5f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
293a434ef0008bebbb03cfc0db4ec2a96643b691d33b1c03a901850dd27f7396
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
379b4acc82f978f49655ce724d2fb42e717dc14fcdfe07f83afcfd04e795d967
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3e3c5c7046e143c41a3e075276d16c4e9af2c1b3d1d4aa628fcb01e6d1d95410
43d6d670493d12a34c6effc4153835f4cfb8277abe1bb7d2c4509fe420356e7e
4abb4e0beb158faa8d51aee60e956b321d20bee5e2d0c40829a06e1e407110f3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63026fd129e63b61fb7c7dc4726f085b37c69029b8c91e2e7d716d59bfcbadf1
63c1c05492b023d81036f3b43be3e453425c44b9fc4661f8abaf23daf2937e47
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66106a42e5ef239fadb43642b742d056434f0cc1fc07e22440a332308d605e0e
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7d76731f2be8bac9f37cc96cc7c963889d49d0c93145c99867a424dd55c50237
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80cf8660bd62171f300cc58f13258ffd4ae58fe4939cb5db33c1bbe9654435e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b16a1a93d8a248ef16f59f21c75497b50a0bcde9129a723fcc64e568fd2d883
8b9e11f32c024f1b4e06026bb19fa09a78cdef11384d0af2f2c93122ead31db1
99fc4d5ff0e88398d6b463435c34c9701a6b28dbeeb0d14872349db2dc24c884
a49cae7e3c523b5ff8ea361a63c83404ddcfe160d6b40707b57516b1f1de723f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a822a340651e070aa75efcdb390fc31a2a3ecf599deb4e54fe1dc7121c26e0c6
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
baed001b2d0c1e8bf8b8cd0a2aff17d621eeb59d8aeeb1795c0ed5d154bf0dce
be828d8e9227b8dd32133a440df4c9a8502a1dcdbf7855aec461b71a63531e8a
c1d6f40bd8bcfccfc9d91734ac1996ba3e067b2b9e5757f377075acf4d1909bf
cdeaacc471ec79310a27e5f78eb67b42eb30a80ad0958462e1c86a3c0225fdd3
d80c46a5b0d04ddf2647cf82eb52c404b5598905f6e5e0708ae947f08cc37ded
db939783a662febdffe52d732e6075f4a9fcc6447364e05852bf780b69cf68bb
dbb30a0106f1e2704aab43807c89ab4ffaf7e2a6e8010cfd299353ffa0d2c2eb
dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
eb87efb0fa120b6d9a1e1c9e0973fd86e0fb8e6fde67fd5ddb774bcb02c166ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcf3ffb1911db7224cc84c0d22d957456695b43398958d6cd027a1537c593c5
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f7f97afeaea036678660c8e29050a48a847818ab755afc6be8c1bcc8c301a00a
fafba96ea1024d8c196d1db88d1422a6b4c513f55baa4c41d0912acd9ad6e506
fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

fex.net Open in urlscan Pro 194.106.216.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

79 %IPv6

14 Domains

21 Subdomains

19 IPs

4 Countries

2309 kBTransfer

7254 kBSize

16 Cookies

8 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fex.net Open in urlscan Pro
194.106.216.70 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

79 %
IPv6

14
Domains

21
Subdomains

19
IPs

4
Countries

2309 kB
Transfer

7254 kB
Size

16
Cookies

98 HTTP transactions
2 data transactions