fex.net Open in urlscan Pro
2606:4700:3033::6815:5aa1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tt.vg/hMYUF
Effective URL:
https://fex.net/?file_id=
Submission: On September 07 via manual (September 7th 2024, 4:58:24 pm UTC) from TR — Scanned from NL

Summary HTTP 59 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3033::6815:5aa1, located in United States and belongs to CLOUDFLARENET, US. The main domain is fex.net. The Cisco Umbrella rank of the primary domain is 506417.
TLS certificate: Issued by WE1 on July 30th 2024. Valid for: 3 months.

This is the only time fex.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	194.106.216.232 194.106.216.232	21257 (CDNNET-AS) (CDNNET-AS)
5	2606:4700:303... 2606:4700:3033::6815:5aa1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
12	172.67.202.114 172.67.202.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
11	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
6	212.124.124.19 212.124.124.19	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
59	18

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tt.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.106.216.232 (Ukraine) 1 redirects

ASN21257 (CDNNET-AS, UA)

fs.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:5aa1 (United States)

ASN13335 (CLOUDFLARENET, US)

fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.202.114 (United States)

ASN13335 (CLOUDFLARENET, US)

fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.124.124.19 (Reston, United States)

ASN47328 (TRI-AS DigitalOne AG, CH)

aj1913.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	fex.net 1 redirects fs.fex.net fex.net — Cisco Umbrella Rank: 506417 api.fex.net	1 MB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	292 KB
6	aj1913.online aj1913.online	90 KB
4	gstatic.com fonts.gstatic.com	114 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	327 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 205464	593 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 9563	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	248 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	747 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	tt.vg 1 redirects tt.vg	730 B
59	15

	Domain	Requested by
13	fex.net	fex.net
11	pagead2.googlesyndication.com	fex.net pagead2.googlesyndication.com
6	aj1913.online	fex.net aj1913.online
4	fonts.gstatic.com	fonts.googleapis.com
4	api.fex.net	fex.net
4	www.google-analytics.com	fex.net www.google-analytics.com
4	www.googletagmanager.com	fex.net www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.facebook.com	fex.net
2	connect.facebook.net	fex.net connect.facebook.net
1	c.hit.ua	fex.net
1	www.google.nl	fex.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	fex.net
1	fonts.googleapis.com	fex.net
1	fs.fex.net	1 redirects
1	tt.vg	1 redirects
59	18

This site contains links to these domains. Also see Links.

Domain
fex.plus
apps.apple.com
play.google.com
itunes.apple.com
fexnet.zendesk.com
www.facebook.com
www.instagram.com
t.me

Subject Issuer	Validity	Valid
fex.net WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.nl WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hit.ua E6	`2024-08-23` - `2024-11-21`	3 months	crt.sh
aj1913.online R10	`2024-08-06` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://fex.net/?file_id=
Frame ID: 9FCFE82D986F4997CFB3E0C4DE8CCE01
Requests: 46 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468
Frame ID: 03B12240A1DB0C707108C4EDD5BBAFCA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html
Frame ID: 3CD71572E0FBF9941130253D5EAE2C32
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&adk=1812271804&adf=2373185777&abgtt=6&lmt=1725728301&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725728301209&bpp=2&bdt=241&idt=103&shv=r20240904&mjsv=m202409050101&ptt=9&saldr=aa&eoidce=1&nras=1&correlator=8260368774433&frm=23&ife=1&pv=2&nhd=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1488&ish=105&ifk=3289790850&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086639%2C31086691%2C44798934%2C95331687%2C95338229%2C95338243%2C95341664%2C31086843%2C95340844%2C95340252%2C95340254&oid=2&pvsid=687758456060060&tmod=265085000&uas=0&nvt=1&fsapi=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=1.6yh4yr9riei8&fsb=1&dtd=116
Frame ID: 5E1FB71962FDF3213B5F3EF701CA4A3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&h=280&slotname=7672271343&adk=1297842133&adf=3279755397&pi=t.ma~as.7672271343&w=1200&abgtt=6&fwrn=3&fwrnh=100&lmt=1725728301&rafmt=1&format=1200x280&url=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725728301211&bpp=1&bdt=244&idt=119&shv=r20240904&mjsv=m202409050101&ptt=9&saldr=aa&eoidce=1&prev_fmts=0x0&nras=1&correlator=8260368774433&frm=23&ife=1&pv=1&nhd=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3289790850&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086639%2C31086691%2C44798934%2C95331687%2C95338229%2C95338243%2C95341664%2C31086843%2C95340844%2C95340252%2C95340254&oid=2&pvsid=687758456060060&tmod=265085000&uas=0&nvt=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=2.fnjd12v3cs6y&fsb=1&dtd=124
Frame ID: E7F0C0B82B4A76C6DDA7A8C367785E66
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE797B03AF28368E287E271BEB460217
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File Sharing and Transfer - Send Large Files via FEX.NET

Page URL History Show full URLs

http://tt.vg/hMYUF HTTP 307
https://tt.vg/hMYUF HTTP 301
https://fs.fex.net/zip/35167327?filename=2m_asi_Turk_Data.rar&download_guid=997dda9ef33e497bb6f... HTTP 307
https://fex.net/?file_id= Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

59
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

18
IPs

6
Countries

2439 kB
Transfer

7097 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://fex.plus/en
Title: FEX PLUSAnonymous mailGo to

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/fon/id1395149445?l=ru
Title: FEX FONInternet radioGo to

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.labracode.fex_android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/fex-id/id1281961720

Search URL Search Domain Scan URL

URL: https://fexnet.zendesk.com/hc/ru
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FEX.CLOUD/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fex_net/

Search URL Search Domain Scan URL

URL: https://t.me/FEXNETWORK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tt.vg/hMYUF HTTP 307
https://tt.vg/hMYUF HTTP 301
https://fs.fex.net/zip/35167327?filename=2m_asi_Turk_Data.rar&download_guid=997dda9ef33e497bb6f44cc9ffe7fd86 HTTP 307
https://fex.net/?file_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fex.net/
Redirect Chain

http://tt.vg/hMYUF
https://tt.vg/hMYUF
https://fs.fex.net/zip/35167327?filename=2m_asi_Turk_Data.rar&download_guid=997dda9ef33e497bb6f44cc9ffe7fd86
https://fex.net/?file_id=

8 KB
4 KB

219ms
159ms

Document
text/html

2606:4700:3033::6815:5aa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fex.net/?file_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d447fb6469b54159106760768d972fb71b541749d22b713b59ff0797e18ba16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bf83e2b5cfb8f30-FRA
content-encoding: br
content-type: text/html
date: Sat, 07 Sep 2024 16:58:18 GMT
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OMExDdZdz3mUK3hYjXO7Jcc92OFqafGNDdpEfcc%2BwfBA8xnfT3jhA4zGL2k4Lxd566w%2B7x%2Fi5lQIt%2FlI8e3ax0QmaofmcIBI2gFDP9q0a7a55uNag04h9tbJnYasOHZcTSWmIRl"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

content-length: 138
content-type: text/html; charset=utf-8
date: Sat, 07 Sep 2024 16:58:18 GMT
location: https://fex.net?file_id=
vary: Origin
x-request-id: f3924655-fcbf-4f51-9b26-a5dd5543f4fe

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 121ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51a47ba4e832c99ffc2cc8ddc042cf87bccfbf352e8f17863e1f76d5a73e362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Sep 2024 16:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Sep 2024 16:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Sep 2024 16:58:19 GMT

GET
H2 200 28.67741ca0.chunk.css
fex.net/client/desktop/static/css/ 82 KB
13 KB 30ms
28ms Stylesheet
text/css 2606:4700:3033::6815:5aa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/28.67741ca0.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5aa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:18 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-146d0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dl4WZwxvKDFzP0foaJPCzKvtVuz7WNPexH5MGpSYU0DNG9yYKA8QDlC0cpQtW1VTn9wpI3lJJ%2FJxoYTAu0fIHJgcyfesbvoSkLv1OuOB8U0xmL7vZUaBahUV7Nno9I3wGdhofmpL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e2c6e328f30-FRA
expires: Sun, 08 Sep 2024 04:42:11 GMT

GET
H2 200 main.886396ae.chunk.css
fex.net/client/desktop/static/css/ 288 KB
65 KB 94ms
93ms Stylesheet
text/css 2606:4700:3033::6815:5aa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/main.886396ae.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5aa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7fe0bd3e04e27194f7411d0b141032448bc4cd980d2f016ee49a7f9abce49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:18 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 1948
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-47f2f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEuoarjr7%2BuNchMlfvN9UL4lLkpJKVZjM5SYJsnzSgzysvQfrvvLgsd%2FCuYOQFt3uL80sOeOrXR8hR9itGD78G9iqqU3A3TqIUEvI70ZAhAfF%2BaHofrwghr2eK%2BldLId%2F%2FtR3nUb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e2c6e338f30-FRA
expires: Sun, 08 Sep 2024 04:25:50 GMT

GET
H3 200 polyfill.min.js Show response
cdnjs.cloudflare.com/polyfill/v2/ 103 B
747 B 97ms
74ms Script
text/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/polyfill/v2/polyfill.min.js

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
strict-transport-security: max-age=15780000
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2509512
alt-svc: h3=":443"; ma=86400
x-compress-hint: on
last-modified: Fri, 09 Aug 2024 15:53:07 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FC6WRm6tjpkg0KWF08aifgUr3qmGWlNIC9oH7AWtSVTH4WSv8su9xzXx5ESZ3b%2FbZqAUTOBuL270B6EpcOT5XWGn8MsSQnbkmDBOSGBp57CYxErV9RgkwZp6Xs6V%2F74q2%2FGnwdv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-polyfill-version: 3.25.1
cf-ray: 8bf83e2ccaa2d2e3-FRA
expires: Sat, 14 Sep 2024 16:58:19 GMT

GET
H2 200 28.99210b96.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
495 KB 93ms
92ms Script
application/javascript 2606:4700:3033::6815:5aa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5aa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

379b4acc82f978f49655ce724d2fb42e717dc14fcdfe07f83afcfd04e795d967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:18 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 32836
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-1c0aa3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMoQGmFncimZQJTCsfQh1KG4lbeJjIh2LCQ16PlH%2FA%2BvsHuZ%2BvI9LQQhPaqmZdoCaLnOUmTiPCwRkjHJwZ1UEXFH3nfAXq3W5cgKlzycfdSOlzOzgS7GPnjnidrt8AnMVRDOBj7l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e2c6e348f30-FRA
expires: Sat, 07 Sep 2024 19:51:02 GMT

GET
H2 200 main.c80c3d31.chunk.js Show response
fex.net/client/desktop/static/js/ 2 MB
360 KB 30ms
30ms Script
application/javascript 2606:4700:3033::6815:5aa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/main.c80c3d31.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5aa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee06278b1f680159a19fa6dd7fc5f963c58200c1bcba474f5fb5da54e5fe6cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:18 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 40216
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-1989b7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdbE5EoJ2SQ%2BMtfQc%2FyKcRotzlFOgNr2xOHGy%2FJoe9%2FiYnPhyHEVYWwAYchb0xZ4pH7Xspyx58aBEQlO4Oz5exGZhu1vC%2FZXVK4tPmzIC41Er0Npa1y%2Bbkwaunt8F0zwELf7q6q5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e2c6e358f30-FRA
expires: Sat, 07 Sep 2024 17:48:02 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 81ms
31ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Sep 2024 16:58:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4312, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: GJsirfHdb0l6+1wXlUQfEyW1BCeF7RhispQuujpFKMhlxQ2kG8ajjU0wcLjL7cXqFMMLZAXASnKdIIkeso5zSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
69 KB 140ms
50ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f790ecdfb53284271c8ec6d4e552c91846ce7a65323f74bbdbafedf31fb5e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70678
x-xss-protection: 0
last-modified: Sat, 07 Sep 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Sep 2024 16:58:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Sep 2024 16:40:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1059
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 07 Sep 2024 18:40:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
76 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e704e1b91e987015aeba380603c58225a51ae0220123fc3e939aefdaf14fd66c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77705
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 16:58:19 GMT

GET
H3 200 translations.json Show response
fex.net/client/desktop/locales/en/ 182 KB
38 KB 155ms
154ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/locales/en/translations.json

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a753904149c85458b70c3cf7dff1b0c3c108e1886ca3895aa93f984509b808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"667a0f46-2d7da"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qy2Z%2BSaMeBwLlYDHhT92DU2ipcm9bH5igV8Gz42D38GJZHB%2BMyVPycEiqijHlFObohPNU8QqgUk1F7Qe2zOytLX%2BRiLjkWoZaTZgwNAUsxqt8DGLlG%2FUL97O"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8bf83e2e3aee368a-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 890537036105828 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 24ms
24ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/890537036105828?v=2.9.167&r=stable&domain=fex.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

ea52dc75ca2387baaeca1f6e454b394b4f6fef41e337250ce759bb90637b245e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Sep 2024 16:58:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15034
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=72, mss=1232, tbw=66952, tp=62, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: Zwhcer/5N7/fxUMDwfa4npzKliuHiA3/+RHhJCuoi2COH0lNC+93nt5NHJAQpc4MxOj5fgW7lsqTMZv3kkdc4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134700492-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8R2T8R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0e65305cf0b3b80315e53c25c44721a9c07dd0d4e26bce6651d1d1b5dea0fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 16:58:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
106 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134700492-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24f323820862095caff2197329de6f19db6c92ac4a1467684e1bdc157b1bfb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 16:58:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
200 B 27ms
27ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1098197755&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&ul=nl-nl&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=19044453&gjid=669950414&cid=1832721577.1725728299&tid=UA-134700492-1&_gid=1369061846.1725728299&_r=1&gtm=457e4940za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1330866200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 63ms
22ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=890537036105828&ev=PageView&dl=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&rl=&if=false&ts=1725728299295&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1725728299293.462501200243903867&cs_est=true&ler=empty&cdl=API_unavailable&it=1725728299255&coo=false&rqm=GET

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 07 Sep 2024 16:58:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 216ms
176ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=890537036105828&ev=PageView&dl=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&rl=&if=false&ts=1725728299295&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1725728299293.462501200243903867&cs_est=true&ler=empty&cdl=API_unavailable&it=1725728299255&coo=false&rqm=FGET

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 07 Sep 2024 16:58:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 19
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7411946606055220906", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=13, mss=1297, tbw=3110, tp=-1, tpl=-1, uplat=153, ullat=0
pragma: no-cache
x-fb-debug: la7101pAUdJ4cdKNVO4sqDBf75+PK6QDTn3rxKXOoSaZjMrdrGiZETTAafhW8eXSTWQbf297/DQhOi/wQIf46g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7411946606055220906"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 62ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JXWQG3YTNG&gtm=45je4940v9104324223za200&_p=1725728299057&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1832721577.1725728299&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725728299&sct=1&seg=0&dl=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&en=page_view&_fv=1&_ss=1&tfd=1473
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 74ms
29ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JXWQG3YTNG&cid=1832721577.1725728299&gtm=45je4940v9104324223za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXWQG3YTNG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 143ms
92ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JXWQG3YTNG&cid=1832721577.1725728299&gtm=45je4940v9104324223za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1443102759

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 anonymous
api.fex.net/api/v1/config/ Frame 0
0 212ms
161ms Preflight
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: OPTIONS, GET, HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bf83e301a045d85-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 07 Sep 2024 16:58:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iR3risSXOmjoW6d2Dz4o%2B36n%2FJQpt1ukaLWtqSwVC91%2F6IMU7RdBqjzABfOK6L6diTSscUM7gIVQmAeGj%2BjgdD2P%2FRhOLh2kp4UFhPrEOSUg4ZVzwPAifWHOCdDa%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

GET
H3 200 anonymous Show response
api.fex.net/api/v1/config/ 3 KB
1 KB 494ms
494ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/config/anonymous
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.c80c3d31.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f6e368500e701f1c3eeee67ad33a15185a9fde8a0439913918cb5686c17ef0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zIlRYJoYmiGi5tmomn10f9ZQYpfctSNwaFWK78WmSH6Lz9Kk16rgCA4TCvb2a59gDfoV%2FSxBM3NuGnax29M%2FoOIGeFSySgjpZaHCXLpB8aEl389vNzIE2hhJg4FjgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, noindex, nofollow
cf-ray: 8bf83e311de0368a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
fex.net/client/desktop/icons/ 7 KB
3 KB 34ms
34ms Other
image/x-icon 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/icons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073b1cfa80f31ea7e9c655495aa9787ba10af464a898f3bbad38ad7c114e7175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:19 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3199
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-1cee"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9X4f49aGEoFP%2BH0XprZwpTR89x2xMgohLrabS29vLFBhRgkwA%2FVecFZVzwkIZAcmT7h%2Bifbq9nhBng5Z5mQ54a3pt3WLi5%2BqS2hC9tFStw7lDRQCRKOKE%2BOC"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8bf83e300cc2368a-FRA

GET
H3 200 29.9fcb0d8b.chunk.css
fex.net/client/desktop/static/css/ 5 KB
2 KB 51ms
51ms Stylesheet
text/css 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/css/29.9fcb0d8b.chunk.css

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7aea6a28df9d28a195c4759baede2653e6ea4885920f552408f4f853a87043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 34449
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-1312"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvXLGTZXagS0WdFKQAPE8SPTJWfl25tepgAg%2FjdTzCD0T3jPQVInitnJy41tLQelk20KRHQVqHdDSg%2BTy8q8kDAwd%2FtSrSEHGRN2qaWDKatxiNENbhoA%2FfdB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e344a00368a-FRA
expires: Sat, 07 Sep 2024 19:24:11 GMT

GET
H3 200 29.d62a0983.chunk.js Show response
fex.net/client/desktop/static/js/ 211 KB
58 KB 33ms
33ms Script
application/javascript 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/29.d62a0983.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a45095f0c567d25a559773c53dbd760a37bca64318b72f60023824e6fa8619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 19182
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-34ac8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dL1ECNUo38cl%2Bhn2X30RIHXVkUV%2FT0BMgSFGYBcsWnlPP57VzXYYpyffcSmWTxaZwJsMRQ36VkJbfojSfsgryGMQBe%2BCn47SEaluBy45R1bp0JIYOE07A1HM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e344a01368a-FRA
expires: Sat, 07 Sep 2024 23:38:38 GMT

GET
H3 200 5.70c00614.chunk.js Show response
fex.net/client/desktop/static/js/ 50 KB
11 KB 52ms
51ms Script
application/javascript 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fex.net/client/desktop/static/js/5.70c00614.chunk.js

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d215cda647ed2287929f9f1efaea9972a1baa494ad5f4c2d5be736f8100b4939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 19182
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: W/"667a0f46-c6e7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fe9TeOSioEDGelVot%2BGUZzBgvRkoPwy%2FUIm4RLbU7e%2F5Pj7nyxsqxfV0ssl5uLLEdfR3cLp3tySzouDQ5v6K6IbBNe1lJVOd9oQL%2Byo%2BHhOYnpkyU3lMuxVS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=43200
cf-ray: 8bf83e344a04368a-FRA
expires: Sat, 07 Sep 2024 23:38:38 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 82ms
40ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.c80c3d31.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6e6eaa81a4677bd7a8d1790be93a6946cbbb84eb5e81e048b1f11b00ebbfae96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52228
x-xss-protection: 0
server: cafe
etag: 17642915230512186865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 07 Sep 2024 16:58:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 28ms
28ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1098197755&t=pageview&_s=1&dl=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&dp=%2F&ul=nl-nl&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=2072706491&gjid=1059694373&cid=1832721577.1725728299&tid=UA-134700492-1&_gid=1369061846.1725728299&_r=1&_slc=1&cd2=1725728299227.3mlirnxc&cd3=anonymous&z=983734997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fex.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit Show response
c.hit.ua/ 316 B
593 B 160ms
50ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://c.hit.ua/hit?i=7&g=0&x=3&s=1&c=1&t=-120&w=1600&h=1200&d=24&r=&u=https%3A//fex.net/%3Ffile_id%3D&0.0717852204381586
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.c80c3d31.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: d79219ff3c5c9a94c15ea6e30bc40937f3c9c41cd679612c26dc0b663049ad03

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sat, 07 Sep 2024 16:58:20 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="UNI"
server: nginx/1.17.9
content-type: application/x-javascript

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1098197755&t=pageview&_s=2&dl=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&ul=nl-nl&de=UTF-8&dt=File%20Sharing%20and%20Transfer%20-%20Send%20Large%20Files%20via%20FEX.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=1832721577.1725728299&tid=UA-134700492-1&_gid=1369061846.1725728299&gtm=457e4940za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&cd2=1725728299227.3mlirnxc&cd3=anonymous&npa=1&z=1044426852

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 17:28:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84598
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 36 KB
36 KB 505ms
189ms Script
text/javascript 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?allpages
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 87e9be9476d19e351719a7f12a0c3b4e2d82522e61d92d1b442ec20b0198843b

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
accept-ranges: bytes
etag: "0f1acb23e80f4c804f169d8f49d4eaab0"
content-length: 37184
content-type: text/javascript

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 133ms
68ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 18:12:48 GMT
x-content-type-options: nosniff
age: 168332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Sep 2025 18:12:48 GMT

GET
H2 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
21 KB 127ms
62ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:24 GMT
x-content-type-options: nosniff
age: 595016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 19:41:24 GMT

OPTIONS
H3 200 files-count
api.fex.net/api/v1/storage/ Frame 0
0 67ms
67ms Preflight
text/html 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/storage/files-count
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fex.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fex.net
allow: OPTIONS, GET, HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bf83e350e595d85-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 07 Sep 2024 16:58:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1UArNVz3uTILxwq9yC63t4KNMDmeJ5HseiO3OHS%2FHqUTePJABhkaHAiC5B3Pcm7ilcFzuKvJk6OI%2BUKf7RupEn%2FQG2zu%2F3QRylHK4sPDj0eTBFUsu%2BG9zzAq4NQvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-robots-tag: noindex, nofollow noindex, nofollow

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 01:54:23 GMT
x-content-type-options: nosniff
age: 54237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 01:54:23 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 65ms
65ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 23:27:36 GMT
x-content-type-options: nosniff
age: 63044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 23:27:36 GMT

GET
DATA 200
OK truncated
/ 163 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78a415f93979504048f73d47576323d58bba4eb17a54dbea2d70b4467fdcb955

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 166 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2c99bd24736cbb6a78bc39a24e378eba9dcc43e5da7d645cebd49069393aadb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 home-page-banner.ac5d765d.jpeg
fex.net/client/desktop/static/media/ 97 KB
97 KB 32ms
31ms Image
image/jpeg 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fex.net/client/desktop/static/media/home-page-banner.ac5d765d.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80605a61b095055a90cdfb159feaec9670b4225664157669747553d7cfd9c104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2338
alt-svc: h3=":443"; ma=86400
content-length: 99141
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: "667a0f46-18345"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVeiHhF3JV3ZiifFcDZeAbgTmE5K1WIVMUwU7qP9lLPXy%2BFvvynI%2ByJWsJAIt%2FZ0aKfRYRCAOYAu6toaJxAAz911qpDr8cKytkx%2FJ%2FyaWsm%2BBa5ET1okkA67"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bf83e350acd368a-FRA

GET
H3 200 banner-img.fa235a6b.jpg
fex.net/client/desktop/static/media/ 125 KB
125 KB 57ms
56ms Image
image/jpeg 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fex.net/client/desktop/static/media/banner-img.fa235a6b.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ba40657ce53ee4c572a888abc66de960ed0deba6a219791530c1a9ed1e06954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19181
alt-svc: h3=":443"; ma=86400
content-length: 127784
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: "667a0f46-1f328"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9oFbjFtg1I0hydB9EMnqSvLIOaZw%2FoMuro096qUwrYHP8L1AU2q6hnn4GxHIPBBKF8BYnSYx%2B3LF8qt%2B0MGuWtGCS5S5vB8WEjEZemHiiM8vRTQCHioiJcf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8bf83e350acf368a-FRA
expires: Sat, 07 Sep 2024 23:38:39 GMT

GET
H3 200 fex-main-logo.195fc45e.jpg
fex.net/client/desktop/static/media/ 245 KB
245 KB 79ms
78ms Image
image/jpeg 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fex.net/client/desktop/static/media/fex-main-logo.195fc45e.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b751f4c96faedcaa4f4afcc91a3f52e74fda0b4c8b94ccf99afe4e44ed7e8ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fex.net/?file_id=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19181
alt-svc: h3=":443"; ma=86400
content-length: 250711
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 00:28:54 GMT
server: cloudflare
etag: "667a0f46-3d357"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyPlHVxf8YVjuEZC5%2BFNc4sESgBnlx2R6L5UO2bjWaAGOFQ%2FHE2MlS9kcRXR%2FhEziDkIV8vLpvfrXTcUqFq4yjxnxE5g4XY61LVQH595GRgrzzlF3sNawTdu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8bf83e350ad1368a-FRA
expires: Sat, 07 Sep 2024 23:38:39 GMT

GET
H3 200 files-count Show response
api.fex.net/api/v1/storage/ 27 B
509 B 63ms
63ms Fetch
application/json 172.67.202.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fex.net/api/v1/storage/files-count
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/main.c80c3d31.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfc047db6a3918edaad44885575dc03b233739f7fd24f80fcc81d449a1fb8622

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPQLgcFJhrxWVZFa5osVS1J6PiowIisxahXKZ2w4LcVSF1ETWQL4RXYQafVgRYSwEEz%2FIuUvatFCtU8iG1xmFICGFwMs%2FkfknIedBbCk5u%2BbOP0bsGYR8FL6BoxSng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fex.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, noindex, nofollow
cf-ray: 8bf83e356b41368a-FRA
content-length: 27
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200 0c34d1aa.js Show response
aj1913.online/ 37 KB
37 KB 406ms
201ms Script
text/javascript 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/0c34d1aa.js?homepage-video
Requested by: Host: fex.net
URL: https://fex.net/client/desktop/static/js/28.99210b96.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: df1dee51168bdff4ea00aaa5cebad1c85e2d9651007acd51f588af242b51b410

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:20 GMT
accept-ranges: bytes
etag: "093626321935ebee8abf408e14e797947"
content-length: 37399
content-type: text/javascript

POST
H/1.1 200 zosgpSDLM5ZeM9qF3EdZP97nG0UwfpMU4uur1Fyq1j6Y0IjD_Kho69TFK5nBCfAPa9UpPu8dH6q6AEyvenX2BqsYtsJ8gj_l2_H_CYCwY7MWm6Q2KbyCAoet87zug-cO-sbXdHYLf375GXFXdAIKI2M_qYw-Z9XgThgO-fC7o8uVltH8WU9ag2Cw3rttdCHAhFtSj... Show response
aj1913.online/ 608 B
1 KB 112ms
112ms XHR
application/json 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/zosgpSDLM5ZeM9qF3EdZP97nG0UwfpMU4uur1Fyq1j6Y0IjD_Kho69TFK5nBCfAPa9UpPu8dH6q6AEyvenX2BqsYtsJ8gj_l2_H_CYCwY7MWm6Q2KbyCAoet87zug-cO-sbXdHYLf375GXFXdAIKI2M_qYw-Z9XgThgO-fC7o8uVltH8WU9ag2Cw3rttdCHAhFtSjbqmbbiQahmlsi1iT4yKd0DpvoeNtvUb6ZamS1eveFhBbf64MnXnjm-cRZPSge8z4Q6zX5_mx5cT6xcTRU9V74HBcwG6XEqMCL53DH3RiSHur4_FJoqdbf5Na9q1HKGYmet2MIHzws-MJLRT559yVcsK6Ecv3EqFV0UB4jeiRrwH96v_XH5o4OgbUtiCHOvWGF60OMXFt_75CS_cxiVwc-2YdHp0TLISUZBEGYKLULVdYE6FRTrxhM7LtEiZpp8gy3vL09w?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: f835c034e0c10a6d1593822be74f87243970f3bb7874f81cd4abce3245554292

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:20 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 608
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 z6ZoxkMw2oKq7p76Tlpi8FSA17uzZxmoC69T4xAC7rpf5QjGSiKEVXD72na9OxYy_XAaN2Two82MLIdYD95wmVbgvLUs716v27KmAFaJqbrSXeBXmmk57AR9B54tfsfMZ5TMDptK_IUodFLhV1ramq-wydp-wgfmzGSlbuon0miL3Dpcyjk2U0pQFGK8Ad3rr7MRC... Show response
aj1913.online/ 39 KB
14 KB 129ms
126ms XHR
application/json 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1913.online/z6ZoxkMw2oKq7p76Tlpi8FSA17uzZxmoC69T4xAC7rpf5QjGSiKEVXD72na9OxYy_XAaN2Two82MLIdYD95wmVbgvLUs716v27KmAFaJqbrSXeBXmmk57AR9B54tfsfMZ5TMDptK_IUodFLhV1ramq-wydp-wgfmzGSlbuon0miL3Dpcyjk2U0pQFGK8Ad3rr7MRCeMvmczcAz6kxy1MeiHfKhA9qhh0M8pZ2RI3OGBqf_EVNI_GRzym9p8OmN-V46mQJ5eYGCPVckmdwIzmp8CItGK9vfDOg2FwCyBXqrdTQd0KzgybIZWRJqre27j3H-Ly6pfCwZ5R3ZPLn7znIxkzsDP8B_9U1sVm7yKUk7pElwrn01f9Zr0b27UmjFzeh06mOMszIX6ElvbQdlzB_T9_tuJ4PEUpbgYubHi2QXjjx0p1qs08dLea45RYIElc9oJw72qb6qg?
Requested by: Host: aj1913.online
URL: https://aj1913.online/0c34d1aa.js?allpages
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: e847b584dace27eb5b07b6da5ff4ba9eeee160ab1ff24093a7ecf625a219139a

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:20 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
vary: accept-encoding
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://fex.net
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zMgtYW9Iw8O5VOzJHT2gl-51bwGVyMAhOEIyl87PsgtDO6AZ8-BHhyzF8-tOFG-4_mx7uRlTla8waugyRSFn95K9RkQWVoz8lwq0fyKvsTP1q0Y8kHQ1yo8g6h_A-2GY2CEQKdtdQk3eA2Y-aM6nGelURJDZjsu6zPiX9sNWnaa_QpxuALjJ7TweMd8Yo8kWlqhHh...
aj1913.online/ 49 B
545 B 97ms
97ms Image
image/gif 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zMgtYW9Iw8O5VOzJHT2gl-51bwGVyMAhOEIyl87PsgtDO6AZ8-BHhyzF8-tOFG-4_mx7uRlTla8waugyRSFn95K9RkQWVoz8lwq0fyKvsTP1q0Y8kHQ1yo8g6h_A-2GY2CEQKdtdQk3eA2Y-aM6nGelURJDZjsu6zPiX9sNWnaa_QpxuALjJ7TweMd8Yo8kWlqhHhwO9z1D1z0DHWWwIK0wSCmj6unJwi-8Q7WX0AlfEGiaBALpLZKNOSuec4K7-SPq1nIFQZHm8EHvFebczvs2RJZ1BIMe-QeAc2KD89BcRXs_atjOXQ8v8hjvtPCVXaF679fum5v4rhftOfwP8xfCFBuFDyJC_JVIwF38lJCAbqhvFu_kdezkNaHCJFpIdJTjXG5rz9?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:20 GMT
last-modified: Wed, 31 Jul 2024 22:04:48 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1722463488000"
access-control-allow-methods: *
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zHQgpUhCUzleAQW5274quGTl3Z1_-IC9IHMBhq_uIiO31BLcdf7Y6NSVUWHVJChbk65EzBQttQNkUdt7XVoFNTjN2-9hj9Bvd-s61iTIuAsOwslF0svyQ4_kJ4hTtBaK3d2Tz-5FBp4zr3BoTY65nu9pGCF5IRIBXS0t__5bLMuO8JcoLZ-f-1Uei81IDavG7_wR8...
aj1913.online/ 43 B
808 B 126ms
126ms Image
image/gif 212.124.124.19
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1913.online/zHQgpUhCUzleAQW5274quGTl3Z1_-IC9IHMBhq_uIiO31BLcdf7Y6NSVUWHVJChbk65EzBQttQNkUdt7XVoFNTjN2-9hj9Bvd-s61iTIuAsOwslF0svyQ4_kJ4hTtBaK3d2Tz-5FBp4zr3BoTY65nu9pGCF5IRIBXS0t__5bLMuO8JcoLZ-f-1Uei81IDavG7_wR8CcKgx2l5iHsNKjbhadKeBiDTCzwh7n-A1AsU5lYgR6NLhIXnO2Ti7rOlu6_HOTJfNLNEYw_rrpCSD6HhhFCWq-7uQcDsi7ZIssjc8UzxTFGvThbIs7I9LThX7z7Lz_d1V818AibWxtKIVIBu8xS-zAmTE_Q2Y9rsEIeXUn7T8VNIALIDW6e_kAXwOkb45b6Xoe4msnjm98383RJ40ZF0uxPw5g?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.19 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:20 GMT
last-modified: Wed, 31 Jul 2024 22:04:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1722463478000"
access-control-allow-methods: *
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 03B1 152 KB
51 KB 135ms
52ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f2bdd122ee5c4e2172cac7dce619d303bbdf22a311da8b0301cbbb72cdab5586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Origin: https://fex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52139
x-xss-protection: 0
server: cafe
etag: 10681289613257500379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 07 Sep 2024 16:58:21 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ Frame 03B1 87 KB
31 KB 36ms
36ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/slotcar_library_fy2021.js?bust=31086843

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fce46fafa4fbba93a89811ea53a083a2c3b5c6055efec781118ebd66b240cf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31261
x-xss-protection: 0
server: cafe
etag: 5384599149890563661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Sep 2024 16:58:21 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ Frame 03B1 417 KB
140 KB 64ms
64ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31086843

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7a650031178f2ea578ebfaece787380af33dad737921f1523dc39f113d5c42a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143431
x-xss-protection: 0
server: cafe
etag: 15944269632429171329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 07 Sep 2024 16:58:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03B1 0
20 B 54ms
54ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-8564894658009468&eid=44759875%2C44759926%2C44759837%2C31086639%2C31086691%2C44798934%2C95331687%2C95338229%2C95338243%2C95341664%2C31086843%2C95340252%2C95340254

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240904/r20110914/ Frame 3CD7 0
0 59ms
22ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8564894658009468&plah=fex.net&bust=31086843

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 42305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 05:13:16 GMT
etag: 5947459844715414650
expires: Sat, 21 Sep 2024 05:13:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 5E1F 0
0 109ms
76ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&adk=1812271804&adf=2373185777&abgtt=6&lmt=1725728301&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725728301209&bpp=2&bdt=241&idt=103&shv=r20240904&mjsv=m202409050101&ptt=9&saldr=aa&eoidce=1&nras=1&correlator=8260368774433&frm=23&ife=1&pv=2&nhd=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1488&ish=105&ifk=3289790850&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086639%2C31086691%2C44798934%2C95331687%2C95338229%2C95338243%2C95341664%2C31086843%2C95340844%2C95340252%2C95340254&oid=2&pvsid=687758456060060&tmod=265085000&uas=0&nvt=1&fsapi=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=1.6yh4yr9riei8&fsb=1&dtd=116

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 16:58:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 03B1 17 KB
13 KB 48ms
48ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240904&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

13ff4892ca64a39042bdd83c7c1b61842de5c654cb2e44f2614f62bf2c88a36c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12967
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03B1 0
20 B 53ms
53ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: fex.net
URL: https://fex.net/?file_id=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 16:58:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame E7F0 0
0 848ms
824ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8564894658009468&output=html&h=280&slotname=7672271343&adk=1297842133&adf=3279755397&pi=t.ma~as.7672271343&w=1200&abgtt=6&fwrn=3&fwrnh=100&lmt=1725728301&rafmt=1&format=1200x280&url=https%3A%2F%2Ffex.net%2F%3Ffile_id%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725728301211&bpp=1&bdt=244&idt=119&shv=r20240904&mjsv=m202409050101&ptt=9&saldr=aa&eoidce=1&prev_fmts=0x0&nras=1&correlator=8260368774433&frm=23&ife=1&pv=1&nhd=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1200&biw=1600&bih=1200&isw=1488&ish=105&ifk=3289790850&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086639%2C31086691%2C44798934%2C95331687%2C95338229%2C95338243%2C95341664%2C31086843%2C95340844%2C95340252%2C95340254&oid=2&pvsid=687758456060060&tmod=265085000&uas=0&nvt=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C1488%2C105&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=2.fnjd12v3cs6y&fsb=1&dtd=124

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 16:58:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 03B1 0
0 76ms
75ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8564894658009468
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 03B1 17 KB
7 KB 146ms
55ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 16:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 16:58:21 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE79 0
0 180ms
72ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 3550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 15:59:11 GMT
expires: Sun, 07 Sep 2025 15:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 03B1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240904&jk=687758456060060&bg=!bm2lbSLNAAY2Tt88Fk47ADQBe5WfOHnOeeoHMMODkSwsuouF5Mi-rTRVnZR6jeJAmu9i4HZvwyE_6h_Dj0RMFQQRP6hQAgAAAClSAAAAAmgBB34ANnStyAOwYlhz6L4tjVfqhnJ4p1jlfkPM3bKuB3n9GdhzvE_fquSEbn7Wk_xB1Hq0aJTwypTU2pkCvXh3-lrsADvykZOCNkSAKqm0yDMUjAxyTg39M1E4hNjqxBkOS67Pxr0jbgynGc4nsFsfq6KPqoSxZrVNzPiR3OJnbxYHI_F-_J9V-LbA0cjJFmci8838F_ckIxVKbKRv-VQSY3UeVmRi1JDfyXZCP20kMpjW2HpjScw-DYAl0MytUstnMzXC1eAOun2q6c3xK5__r-_WdryP9Ah-cZp84cS58aw4fdAXNi5ahn5K8O_xms4b_Le-HJHf0dIUIwSfK6OF0byGSc4c_xogeffJBUJ6A6sEj1Fn0tEJldS9YLM-OxvYR1hRA71piwT7B6FnRobHRh-DWud-kmCKyS8-bDZ1eOP89PDofGOp27TjuYLUj2dWtS7uPYFvELouTxdE1i0uiaXmNzfPe7H2H5S0uGz6R05HAYXicKEeqQkCpnjkRPvBsRVhhjiJK1kBAPEpa6x5d4Pb7rpdFyRGcGKDBehiE2V7MCLXqDg2tPpFG5UoFymvQ0NSAwBWn6yoFLVGj1lVhpKG6JVI912H7rUCRg_fBeAEJZWYXk3yUW_kzR3TU4_D_CLs7fD1ya6fGtvdlDOpxhgUI9xkd2NJYWxwiT4UmgBPf0r4fBsugMotYJDa2_peMBBJq7coNhlNX12hCV7Aij2-Al3Oy08aQ8tE_2itfVtSJ6AEqN3AaHvItLp7Cmp4E5b3yDX_t1Z1gZ4I9X7fXjJDZLf0LkapRRa-J3KjrjZd7xP8mktUk4nNv_2aZTp-4Fwg1y9ex4THQRk4iZ3_8Dzci2aF_NUxc3FbTmly1-CzpQBQRx7V1RArMWvpRLxmKI_Rt_0prZ3QunLdRdECUizBTHm1DxUBHouv41_gNGGnqXb3y_vdPuK6EM8ULqj5c9JzWP0UBnObBww0ACf8tOcq0adaP103F5OyIP-MSvTNiYu3IQhG_yMw

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tt.vg/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0ci08nh3ub8453qjm6u45mct51
tt.vg/	1970-01-20 23:22:09	Name: short_171680 Value: 1
.fex.net/	1970-01-20 23:23:34	Name: _gid Value: GA1.2.1369061846.1725728299
.fex.net/	1970-01-20 23:22:08	Name: _gat_gtag_UA_134700492_1 Value: 1
.fex.net/	1970-01-21 01:31:44	Name: _fbp Value: fb.1.1725728299293.462501200243903867
.fex.net/	1970-01-21 08:58:08	Name: _ga Value: GA1.1.1832721577.1725728299
.fex.net/	1970-01-21 08:58:08	Name: _ga_JXWQG3YTNG Value: GS1.1.1725728299.1.0.1725728299.60.0.0
.fex.net/	1969-12-31 23:59:59	Name: fex-uuid Value: 4414c95af2cc4675b4a87e0a20cb2951
.fex.net/	1970-01-20 23:22:08	Name: _gat Value: 1
fex.net/	1969-12-31 23:59:59	Name: b Value: b
.hit.ua/	1970-01-21 08:58:08	Name: uid Value: 1770167917.1725728300.1005237196
.aj1913.online/	1970-01-21 08:58:08	Name: UUID Value: 4e245638-7007-5256-9aed-8b06c6c5e232
.aj1913.online/	1970-01-21 08:07:44	Name: bsc Value: 184-1725731901024-123-1--
.aj1913.online/	1970-01-21 08:07:44	Name: ucv Value: 20-DE-1725814701024-24--
.fex.net/	1970-01-21 03:41:20	Name: __eoi Value: ID=5960646e78610c9d:T=1725728301:RT=1725728301:S=AA-AfjbUcs4w7VUiP3TvypcYDZLH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aj1913.online
api.fex.net
c.hit.ua
cdnjs.cloudflare.com
connect.facebook.net
fex.net
fonts.googleapis.com
fonts.gstatic.com
fs.fex.net
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tt.vg
www.facebook.com
www.google-analytics.com
www.google.nl
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.24.14
142.250.184.238
142.250.186.66
157.240.0.6
172.67.202.114
188.114.96.3
194.106.216.232
2001:4860:4802:34::36
212.124.124.19
2606:4700:3033::6815:5aa1
2a00:1450:4001:801::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9b
2a03:2880:f177:185:face:b00c:0:25de
89.184.81.35
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
073b1cfa80f31ea7e9c655495aa9787ba10af464a898f3bbad38ad7c114e7175
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
13ff4892ca64a39042bdd83c7c1b61842de5c654cb2e44f2614f62bf2c88a36c
1ba40657ce53ee4c572a888abc66de960ed0deba6a219791530c1a9ed1e06954
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23a753904149c85458b70c3cf7dff1b0c3c108e1886ca3895aa93f984509b808
24f323820862095caff2197329de6f19db6c92ac4a1467684e1bdc157b1bfb6a
29a45095f0c567d25a559773c53dbd760a37bca64318b72f60023824e6fa8619
2d447fb6469b54159106760768d972fb71b541749d22b713b59ff0797e18ba16
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
379b4acc82f978f49655ce724d2fb42e717dc14fcdfe07f83afcfd04e795d967
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6eaa81a4677bd7a8d1790be93a6946cbbb84eb5e81e048b1f11b00ebbfae96
78a415f93979504048f73d47576323d58bba4eb17a54dbea2d70b4467fdcb955
7a650031178f2ea578ebfaece787380af33dad737921f1523dc39f113d5c42a3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80605a61b095055a90cdfb159feaec9670b4225664157669747553d7cfd9c104
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e9be9476d19e351719a7f12a0c3b4e2d82522e61d92d1b442ec20b0198843b
8f790ecdfb53284271c8ec6d4e552c91846ce7a65323f74bbdbafedf31fb5e08
90f6e368500e701f1c3eeee67ad33a15185a9fde8a0439913918cb5686c17ef0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b751f4c96faedcaa4f4afcc91a3f52e74fda0b4c8b94ccf99afe4e44ed7e8ed2
d0e65305cf0b3b80315e53c25c44721a9c07dd0d4e26bce6651d1d1b5dea0fb5
d215cda647ed2287929f9f1efaea9972a1baa494ad5f4c2d5be736f8100b4939
d79219ff3c5c9a94c15ea6e30bc40937f3c9c41cd679612c26dc0b663049ad03
dd9d40d7ac083d95161823dd8e6287d30ffb5f4b9e27d3d0d01aafd2550cc3aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1dee51168bdff4ea00aaa5cebad1c85e2d9651007acd51f588af242b51b410
df7aea6a28df9d28a195c4759baede2653e6ea4885920f552408f4f853a87043
dfc047db6a3918edaad44885575dc03b233739f7fd24f80fcc81d449a1fb8622
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e704e1b91e987015aeba380603c58225a51ae0220123fc3e939aefdaf14fd66c
e7fe0bd3e04e27194f7411d0b141032448bc4cd980d2f016ee49a7f9abce49b2
e847b584dace27eb5b07b6da5ff4ba9eeee160ab1ff24093a7ecf625a219139a
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ea52dc75ca2387baaeca1f6e454b394b4f6fef41e337250ce759bb90637b245e
ee06278b1f680159a19fa6dd7fc5f963c58200c1bcba474f5fb5da54e5fe6cce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f2bdd122ee5c4e2172cac7dce619d303bbdf22a311da8b0301cbbb72cdab5586
f2c99bd24736cbb6a78bc39a24e378eba9dcc43e5da7d645cebd49069393aadb
f51a47ba4e832c99ffc2cc8ddc042cf87bccfbf352e8f17863e1f76d5a73e362
f835c034e0c10a6d1593822be74f87243970f3bb7874f81cd4abce3245554292
fce46fafa4fbba93a89811ea53a083a2c3b5c6055efec781118ebd66b240cf7d

fex.net Open in urlscan Pro 2606:4700:3033::6815:5aa1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

53 %IPv6

15 Domains

18 Subdomains

18 IPs

6 Countries

2439 kBTransfer

7097 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fex.net Open in urlscan Pro
2606:4700:3033::6815:5aa1 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

18
IPs

6
Countries

2439 kB
Transfer

7097 kB
Size

15
Cookies

59 HTTP transactions
2 data transactions