daf.tf Open in urlscan Pro
151.106.100.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://daf.tf/
Effective URL:
https://daf.tf/
Submission: On May 31 via manual (May 31st 2022, 8:02:46 pm UTC) from MX — Scanned from DE

Summary HTTP 131 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 20 domains to perform 131 HTTP transactions. The main IP is 151.106.100.65, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is daf.tf.
TLS certificate: Issued by R3 on April 18th 2022. Valid for: 3 months.

This is the only time daf.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	151.106.100.65 151.106.100.65	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
27	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	199.232.136.159 199.232.136.159	54113 (FASTLY) (FASTLY)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
16	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	34.251.55.128 34.251.55.128	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	23.35.232.247 23.35.232.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18	16509 (AMAZON-02) (AMAZON-02)
131	19

28 151.106.100.65 (Germany) 1 redirects

ASN47583 (AS-HOSTINGER, CY)
PTR: cpl85.hosting24.com

daf.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cybertec-postgresql.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4560 (United States)

ASN13335 (CLOUDFLARENET, US)

hackernoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.159 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.55.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.232.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-232-247.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1417 abs.twimg.com — Cisco Umbrella Rank: 1938 pbs.twimg.com — Cisco Umbrella Rank: 724 ton.twimg.com — Cisco Umbrella Rank: 5521	546 KB
28	daf.tf 1 redirects daf.tf	398 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	569 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191	86 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 643 syndication.twitter.com — Cisco Umbrella Rank: 881	214 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	gstatic.com fonts.gstatic.com	118 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1735	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 555	574 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	84 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8526	914 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1375	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	457 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2982	376 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	642 B
1	hackernoon.com hackernoon.com — Cisco Umbrella Rank: 248875
1	cybertec-postgresql.com www.cybertec-postgresql.com	20 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
131	20

	Domain	Requested by
28	daf.tf	1 redirects daf.tf
26	pbs.twimg.com	daf.tf platform.twitter.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net daf.tf tpc.googlesyndication.com pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net daf.tf
10	pagead2.googlesyndication.com	daf.tf pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	cm.g.doubleclick.net	daf.tf googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	platform.twitter.com	daf.tf platform.twitter.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.googleapis.com	daf.tf tpc.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ton.twimg.com	platform.twitter.com
2	abs.twimg.com	daf.tf
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com daf.tf
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	hackernoon.com	daf.tf
1	www.cybertec-postgresql.com	daf.tf
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
131	27

This site contains links to these domains. Also see Links.

Domain
www.postgresql.org
www.cybertec-postgresql.com
www.youtube.com
techexpert.tips
hub.docker.com
github.com
www.centos.org
www.json.org
wiki.postgresql.org
apps.fedoraproject.org
debezium.io
wordpress.org
themeisle.com

Subject Issuer	Validity	Valid
daf.ar R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-26` - `2023-05-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://daf.tf/
Frame ID: EC020FEDB85390895C395E1236E9BCA9
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/zrt_lookup.html
Frame ID: AAD1A0600E3058C37E218F99F0119471
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fdaf.tf
Frame ID: 9BAF83B5FBBBDDDBFE8F3D7886E1C37F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=600&slotname=8308418172&adk=455022739&adf=380339664&pi=t.ma~as.8308418172&w=250&fwrn=4&fwrnh=100&lmt=1654027361&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361082&bpp=4&bdt=480&idt=106&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&correlator=4163011612086&frm=20&pv=2&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7NJEXOcOrv&p=https%3A//daf.tf&dtd=121
Frame ID: 05DC99019033C344F021EEB995E15A4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&adk=1812271804&adf=3025194257&lmt=1654027361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdaf.tf%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361130&bpp=1&bdt=528&idt=150&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&nras=1&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=156
Frame ID: 22C7E0BB7EF6A1CAFDF4C2A31BBB36A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48
Frame ID: 8D810ACA202CA172A1B5D7D92A38EE40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79
Frame ID: 53828CBD48F3AE5D9F781E1CA4210F42
Requests: 10 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f602.png
Frame ID: 54AF99641296703063F1335AC0788D8C
Requests: 36 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html
Frame ID: 21D0ABBFCE71D9A39C1B9B17F98A9341
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cs5AvYXSWYqbFKuSG9AO6kYSwDfLe2ZFovNuQ2bwPvOe_sKsOEAEgmN6IIGCV4pCCoAegAbm3kbAoyAEJqQLL5WhdKfqxPqgDAcgDSKoE5wFP0BAmyNfPtVnhxhB5Cjv1ei2LhEiBeEat2_gdN4Ew8OI8szjkfkqfztoPPQzcwj7_x8IohTxAgBZ-oaVSMi6Y3UwYFX-an9UAsApVImCg3rpZq49Iq3IJ5G2ppmaJmXPcykthOPkmNJhtY_B2cAFZo-9SJlm4YgNzOdTz295641ydggi3a9BtCSq-GXHHO_68l334QIZRQKqaOwMn0_g3kFvs3RocPicUP2TJReYj9k36_iutGx5G_x6DHY8p5Q8kaK8HopAcNPuorfqxGoFBRnKfI9NY5GU_siQlSLkd6f2Zj7S5GFzABNL__OjeA5IFBAgEGAGSBQQIBRgEoAYugAe57-GPA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOisENIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04ODA0MjQ4NTI1NTE1NjQxGAA&sigh=yvUTWxvkIZQ&uach_m=[UACH]&template_id=419
Frame ID: 391A9B026EE1213594B84CAD64E442EE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 55CFB19D160CAF2EA1B3AAC3A894DB72
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC2FCB0C3CE69A046240DF367648243C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B589BCE88B29B2EA6521369DF3E054E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: CE23B068C5E7FA71E5B2ABE1CD61ADB9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CC02DFC8398142C179BC8B046E0F55D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEA1E593A4BD3A1AA73F242F4BF779E4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

El Lupanar de Dieguito – Atendido por su dueño.

Page URL History Show full URLs

http://daf.tf/ HTTP 301
https://daf.tf/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

131
Requests

95 %
HTTPS

61 %
IPv6

20
Domains

27
Subdomains

19
IPs

4
Countries

2039 kB
Transfer

4262 kB
Size

20
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.postgresql.org/docs/current/libpq-pipeline-mode.html
Title: pipeline mode

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/current/indexes-index-only-scans.html
Title: covering index

Search URL Search Domain Scan URL

URL: https://www.cybertec-postgresql.com/en/json-postgresql-how-to-use-it-right/#json-good-example
Title: model entities with a variable number of attributes

Search URL Search Domain Scan URL

URL: https://www.cybertec-postgresql.com/en/entity-attribute-value-eav-design-in-postgresql-dont-do-it/
Title: cybertec-postgresql.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=A5wuyWolm14&list=PLmYCXQ4WkpLQZXN6qh4fUauvjTauaR0ev
Title: Playlist

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCF65LRkjlziTGyoHPBqF4vw
Title: FKIT

Search URL Search Domain Scan URL

URL: https://techexpert.tips/category/zabbix/
Title: List of Tutorials – Zabbix

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-installation-ubuntu-linux/
Title: Zabbix Server Installation

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-vmware-esxi/
Title: Zabbix – Monitor Vmware

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-icmp-ping-monitor/
Title: Zabbix – Monitor ICMP Ping

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-website/
Title: Zabbix – Monitor Website

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-windows-using-agent/
Title: Zabbix – Monitor Windows using Agent

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-windows-using-snmp/
Title: Zabbix – Monitor Windows using SNMP

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-linux-using-agent/
Title: Zabbix – Monitor Linux using Agent

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-linux-using-snmp/
Title: Zabbix – Monitor Linux using SNMP

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-ipmi-monitor/
Title: Zabbix – Monitor IPMI

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-tcp-port/
Title: Zabbix – Monitor TCP

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-monitor-udp-port/
Title: Zabbix – Monitor UDP

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-email-notification-setup/
Title: Zabbix – E-mail Notification

Search URL Search Domain Scan URL

URL: https://techexpert.tips/zabbix/zabbix-sms-notification-setup/
Title: Zabbix – SMS Notification

Search URL Search Domain Scan URL

URL: https://hub.docker.com/
Title: Docker Hub

Search URL Search Domain Scan URL

URL: https://hub.docker.com/_/postgres
Title: postgres

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/
Title: PostgreSQL

Search URL Search Domain Scan URL

URL: https://github.com/eulerto/wal2json
Title: wal2json

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/index.html
Title: PostgreSQL (v9.6.10)

Search URL Search Domain Scan URL

URL: https://www.centos.org/
Title: CentOS 7

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/logicaldecoding-output-plugin.html
Title: PostgreSQL documentation

Search URL Search Domain Scan URL

URL: https://github.com/debezium/postgres-decoderbufs/blob/master/README.md
Title: protobuf

Search URL Search Domain Scan URL

URL: https://github.com/eulerto/wal2json/blob/master/README.md
Title: wal2json

Search URL Search Domain Scan URL

URL: https://github.com/google/protobuf
Title: Protobuf

Search URL Search Domain Scan URL

URL: http://www.json.org/
Title: JSON

Search URL Search Domain Scan URL

URL: https://github.com/debezium/docker-images/tree/master/postgres/9.6
Title: PostgreSQL server image

Search URL Search Domain Scan URL

URL: https://github.com/eulerto/wal2json/issues/35
Title: issue

Search URL Search Domain Scan URL

URL: https://github.com/debezium/debezium/blob/master/debezium-connector-postgres/src/test/java/io/debezium/connector/postgresql/DecoderDifferences.java
Title: Java class

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/logicaldecoding-explanation.html
Title: PostgreSQL logical decoding explanation

Search URL Search Domain Scan URL

URL: https://wiki.postgresql.org/wiki/Logical_Decoding_Plugins
Title: PostgreSQL logical decoding plug-ins

Search URL Search Domain Scan URL

URL: https://github.com/debezium/docker-images/blob/master/postgres/9.6/Dockerfile
Title: Debezium docker image file

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/app-pgconfig.html
Title: pg_config

Search URL Search Domain Scan URL

URL: https://apps.fedoraproject.org/packages/postgres-decoderbufs
Title: RPM package

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/runtime-config-wal.html
Title: WAL

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/runtime-config-replication.html
Title: streaming replication

Search URL Search Domain Scan URL

URL: https://github.com/debezium/docker-images/blob/master/postgres/9.6/postgresql.conf.sample
Title: postgresql.conf.sample

Search URL Search Domain Scan URL

URL: https://github.com/debezium/postgres-decoderbufs/blob/v0.10.0.Final/Makefile
Title: protobuf

Search URL Search Domain Scan URL

URL: https://github.com/eulerto/wal2json/blob/master/Makefile
Title: wal2json

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/wal-configuration.html
Title: the official documentation

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html
Title: client authentication

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/datatype-net-types.html
Title: the PostgreSQL documentation

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/app-pgrecvlogical.html
Title: pg_recvlogical

Search URL Search Domain Scan URL

URL: https://debezium.io/documentation/reference/0.10/postgres-plugins.html#setting_replication_permissions
Title: previous step

Search URL Search Domain Scan URL

URL: https://debezium.io/documentation/reference/0.10/postgres-plugins.html#replica-identity
Title: REPLICA IDENTITY

Search URL Search Domain Scan URL

URL: https://www.postgresql.org/docs/9.6/static/sql-altertable.html#SQL-CREATETABLE-REPLICA-IDENTITY
Title: REPLICA IDENTITY

Search URL Search Domain Scan URL

URL: https://debezium.io/documentation/reference/0.10/postgres-plugins.html#update-table-change-event
Title: respective output

Search URL Search Domain Scan URL

URL: https://github.com/DiegoDAF/pgScrips
Title: https://github.com/DiegoDAF/pgScrips

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://themeisle.com/themes/flat/
Title: Themeisle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://daf.tf/ HTTP 301
https://daf.tf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJGI410r7lvNEsVpb7OZDjdrHS4UYsToGgR7nuyqsOjroJ4sT3KliSSm4Pyo36cosGs7W4HsQIINwiqEgxrFSLNzrolWDy-&google_gid=CAESEEvQI6BiZvFfAEZO6v1mLe4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBaMFlnQUFBR0szMGs0cA&google_push=AYg5qPJGI410r7lvNEsVpb7OZDjdrHS4UYsToGgR7nuyqsOjroJ4sT3KliSSm4Pyo36cosGs7W4HsQIINwiqEgxrFSLNzrolWDy-

Request Chain 115

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL3dd48mG5MqnkHL0wID2ilF3K2Ab8qD97QQc6Jfobc53rdvanqdmKUKAIWQxSyE8qODKuZURyue9mr1vvd7csB0ri6fCX-&google_gid=CAESEJauWrpI-o_YZRAAKs0uFgU&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOLo2ZQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMM2RkNDhtRzVNcW5rSEwwd0lEMmlsRjNLMkFiOHFEOTdRUWM2SmZvYmM1M3JkdmFucWRtS1VLQUlXUXhTeUU4cU9ES3VaVVJ5dWU5bXIxdnZkN2NzQjByaTZmQ1gt HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSkx3MnNoZnQ2NWkycElGQVFoR3c4UWVGbnNEOHRuY0FIZmpzYTVhX0cybw==&google_push

Request Chain 116

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ1f7crk30TT6wamsE_ck4oRb1OFhc6bDZ5o7aMFNDj_smZVo4QwUBRZbCcfgeN_Nr3BAcgUpNzvIrQ50WV-qwFKItwzYm5&google_gid=CAESEGF4wj90QPdeF03jhCQGmvo&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ1f7crk30TT6wamsE_ck4oRb1OFhc6bDZ5o7aMFNDj_smZVo4QwUBRZbCcfgeN_Nr3BAcgUpNzvIrQ50WV-qwFKItwzYm5&google_gid=CAESEGF4wj90QPdeF03jhCQGmvo&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MzEyMDAyNDIwMDAxNTQ4MjEzMjMyNQ%3D%3D&google_push=AYg5qPJ1f7crk30TT6wamsE_ck4oRb1OFhc6bDZ5o7aMFNDj_smZVo4QwUBRZbCcfgeN_Nr3BAcgUpNzvIrQ50WV-qwFKItwzYm5

Request Chain 117

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFoHD7mEF1VnPGMzzWrGJlw&google_cver=1&google_push=AYg5qPLaQXM01PwGdQnQ7pGRi90tUqXDXM9n16Dd-wzdCb2pjL72ytjLuRfXpGQAQ-vL8aZwwnEuXJlWpZag59IiFugSnF9xZ2tO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNVTDZPWTItSi1KV0tI&google_push=AYg5qPLaQXM01PwGdQnQ7pGRi90tUqXDXM9n16Dd-wzdCb2pjL72ytjLuRfXpGQAQ-vL8aZwwnEuXJlWpZag59IiFugSnF9xZ2tO

Request Chain 118

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPzdaobitWAjnMeuaibAHlw&google_cver=1&google_push=AYg5qPIYag3L5uN6sG3_e54_Ofia3_XPW8zFRqgX_BdmlnAbto7lPcnmVPvI4rL-LvAavRiGQRUJ6lUBipSF6k5XOnpB2-lfgu2z HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPzdaobitWAjnMeuaibAHlw&google_push=AYg5qPIYag3L5uN6sG3_e54_Ofia3_XPW8zFRqgX_BdmlnAbto7lPcnmVPvI4rL-LvAavRiGQRUJ6lUBipSF6k5XOnpB2-lfgu2z&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpZ0YgAFLfGUzqHCTaffsAAABLAAAAIB&google_cver=1&google_push=AYg5qPIYag3L5uN6sG3_e54_Ofia3_XPW8zFRqgX_BdmlnAbto7lPcnmVPvI4rL-LvAavRiGQRUJ6lUBipSF6k5XOnpB2-lfgu2z&google_gid=CAESEPzdaobitWAjnMeuaibAHlw

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

131 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
daf.tf/
Redirect Chain

http://daf.tf/
https://daf.tf/

218 KB
42 KB

861ms
644ms

Document
text/html

151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed / PHP/7.3.33

Resource Hash

157c04e503b390680cb8252f1fbffa38132f01ade9e3fbfb1d2d838a146bc09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 20:02:40 GMT
link: <https://daf.tf/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/7.3.33
x-xss-protection: 1; mode=block;

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Tue, 31 May 2022 20:02:39 GMT
location: https://daf.tf/
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;

GET
H2 200 fbstyle.css
daf.tf/wp-content/plugins/feedburner-form/control/ 2 KB
625 B 124ms
121ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/feedburner-form/control/fbstyle.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

754e7f3a85a201043c7045484113643c2d17353e5245ef31f4e3fbe41b0ced5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 05 Sep 2016 13:18:09 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 566
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 style.min.css
daf.tf/wp-includes/css/dist/block-library/ 87 KB
11 KB 122ms
118ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/css/dist/block-library/style.min.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 21:13:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10797
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 all.css
daf.tf/wp-content/plugins/download-manager/assets/fontawesome/css/ 45 KB
9 KB 122ms
118ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 04 Jul 2021 08:09:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9506
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 bootstrap.min.css
daf.tf/wp-content/plugins/download-manager/assets/bootstrap/css/ 56 KB
9 KB 124ms
120ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

e480a877a3a00d6fa45547c1e677918d8c108784d5f127be2a42efb082d9b2ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 04:00:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8910
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 front.css
daf.tf/wp-content/plugins/download-manager/assets/css/ 64 KB
11 KB 123ms
120ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

452505d859be1f526ec45492acb695a3d822f50e56f93e1928948233b246cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 04:00:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11144
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 style.css
daf.tf/wp-content/themes/flat/ 762 B
467 B 121ms
118ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/themes/flat/style.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

524832a4229add733fea344d5cbc9f6f5625abd232188791cb0c04900dd7d787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Jun 2018 19:35:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 408
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
987 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lobster%7CRoboto:400,700%7CRoboto+Slab%7CRoboto+Condensed

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

751359fb94188b6d2f65d74ceb26211f4ce8fdc5879d3a6c2e9a3b84d1620e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 20:02:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 20:02:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 20:02:40 GMT

GET
H2 200 flat.min.css
daf.tf/wp-content/themes/flat/assets/css/ 160 KB
25 KB 124ms
121ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

d5f22e815007b49ea5513511970f1d697f899de2cc616833d17876ba2da44edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Jun 2018 19:35:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 25057
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 style.css
daf.tf/wp-content/themes/flat-child/ 480 B
302 B 119ms
116ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/themes/flat-child/style.css?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

cb39186bedc86e7769399a10dce963f6051937a433adb507be728f75348210fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 05 Jul 2017 11:47:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 192
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 widget.css
daf.tf/wp-content/plugins/post-hit-counter/assets/css/ 46 B
102 B 121ms
119ms Stylesheet
text/css 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/post-hit-counter/assets/css/widget.css?ver=1.3.2

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

2357a44ceeeb7d4cade95868044bc246f6361ed45c61a76c5e6368cf8bf00bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2016 18:10:44 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 46
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 jquery.min.js Show response
daf.tf/wp-includes/js/jquery/ 87 KB
29 KB 228ms
225ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 20:37:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 30094
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 jquery-migrate.min.js Show response
daf.tf/wp-includes/js/jquery/ 11 KB
4 KB 237ms
235ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3989
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 popper.min.js Show response
daf.tf/wp-content/plugins/download-manager/assets/bootstrap/js/ 21 KB
7 KB 240ms
238ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 04 Jul 2021 08:09:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7176
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 bootstrap.min.js Show response
daf.tf/wp-content/plugins/download-manager/assets/bootstrap/js/ 61 KB
14 KB 231ms
229ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 07:00:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14558
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 front.js Show response
daf.tf/wp-content/plugins/download-manager/assets/js/ 39 KB
10 KB 245ms
243ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.42

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

4358a96884097724055a07c198c9eda6732136d6377c01e8ce5699993eff6d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 04:00:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10105
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 flat.min.js Show response
daf.tf/wp-content/themes/flat/assets/js/ 35 KB
9 KB 242ms
241ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/themes/flat/assets/js/flat.min.js?ver=1.7.11

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

8aecee7aa74144bd766b8c2a7391407e4dd9e02f5ed4207731c78399ec88eb66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Jun 2018 19:35:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9069
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1000 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28d647f3c9fe7be434812d5fb1b76f1b6b0d4449253f5f3c982c45b57ee7c971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 19:51:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 20:02:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 20:02:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
55 KB 90ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da16d7cb89604400356aebcf6fb184aa9a9d6c24b8c9cc1f1dbd88fe67998ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56040
x-xss-protection: 0
server: cafe
etag: 1591779846634968973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 May 2022 20:02:40 GMT

GET
H3 200 apu.jpg
daf.tf/shared/blog/2014/01/ 7 KB
7 KB 124ms
123ms Image
image/jpeg 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://daf.tf/shared/blog/2014/01/apu.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

63b6dbf6132bc691dc99f7ca3dded67604c8e8b3375457e8f8ced616d73aa94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2016 17:51:54 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6990
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 51ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: daf.tf
URL: https://daf.tf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAC) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 20:02:40 GMT
Content-Encoding: gzip
Age: 390
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:06:46 GMT
Server: ECS (amb/6BAC)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 eav.png
www.cybertec-postgresql.com/wp-content/uploads/2021/11/ 19 KB
20 KB 131ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybertec-postgresql.com/wp-content/uploads/2021/11/eav.png
Requested by: Host: daf.tf
URL: https://daf.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d13c33a74523b38f4d115c9551cc751f8246b9c8308489998844e4eda58fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 18:05:49 GMT
server: cloudflare
etag: "4d9e-5d05ef59384ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVZKsmjJwcw9JK2DLt0EFdPc30hQzB5mT1f8fBVTlJNokBpLxs%2Fqwg9kdi%2F2v29aIV6tCGKsoGbV2abcZKoiMseijy9nrOVHWZl03qNhIS5IqtuGQbENOPjQFQbBTO5wwKJ%2BmW8OmqZ8pjxlD2jia59YrErVug2R%2B2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71424efe0cbb5fd6-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19870

GET
H2 404 O9lzzXTfS6NWUlIGd0tTx2M2U0t2-gg5h36oo
hackernoon.com/photos/ 0
0 243ms
187ms Image
text/html 2606:4700:20::ac43:4560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hackernoon.com/photos/O9lzzXTfS6NWUlIGd0tTx2M2U0t2-gg5h36oo
Requested by: Host: daf.tf
URL: https://daf.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 wp-emoji-release.min.js Show response
daf.tf/wp-includes/js/ 18 KB
5 KB 130ms
129ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/wp-emoji-release.min.js?ver=6.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4582
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 regenerator-runtime.min.js Show response
daf.tf/wp-includes/js/dist/vendor/ 6 KB
3 KB 110ms
110ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 17:34:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2348
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 wp-polyfill.min.js Show response
daf.tf/wp-includes/js/dist/vendor/ 19 KB
7 KB 108ms
107ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 17:34:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6849
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 hooks.min.js Show response
daf.tf/wp-includes/js/dist/ 5 KB
2 KB 110ms
109ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 17:34:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1575
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 i18n.min.js Show response
daf.tf/wp-includes/js/dist/ 10 KB
4 KB 109ms
108ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 20:42:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3715
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 jquery.form.min.js Show response
daf.tf/wp-includes/js/jquery/ 16 KB
6 KB 112ms
111ms Script
application/javascript 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

ce54fc66e0c96540ec003f661021f390e298d8ba478e47c8b1ebbe95702e4436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 09 Apr 2022 01:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5693
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 default-background.jpg
daf.tf/wp-content/themes/flat/assets/img/ 9 KB
9 KB 126ms
126ms Image
image/jpeg 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://daf.tf/wp-content/themes/flat/assets/img/default-background.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

4d0995bd8a159020c6d71fa46d5c7fb0930c4ec99d92d271efaabd0f56082708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jun 2018 19:35:05 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9116
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H2 200 neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v28/ 33 KB
33 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster%7CRoboto:400,700%7CRoboto+Slab%7CRoboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:56:31 GMT
x-content-type-options: nosniff
age: 7569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:56:31 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster%7CRoboto:400,700%7CRoboto+Slab%7CRoboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 596629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:18:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster%7CRoboto:400,700%7CRoboto+Slab%7CRoboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 118493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H3 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v23/ 12 KB
12 KB 22ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v23/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster%7CRoboto:400,700%7CRoboto+Slab%7CRoboto+Condensed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5dad5b1f7f2e1bbe6f2098a92062ed9ed6e2fec2e769d3bc1216751928d6a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:20:53 GMT
x-content-type-options: nosniff
age: 596507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12544
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:20:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 20ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster%7CRoboto:400,700%7CRoboto+Slab%7CRoboto+Condensed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 112776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 12:43:04 GMT

GET
H3 200 fa-brands-400.woff2
daf.tf/wp-content/plugins/download-manager/assets/fontawesome/webfonts/ 62 KB
62 KB 217ms
216ms Font
font/woff2 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Host: daf.tf
URL: https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 04 Jul 2021 08:09:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 63376
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 fa-solid-900.woff2
daf.tf/wp-content/plugins/download-manager/assets/fontawesome/webfonts/ 58 KB
58 KB 267ms
266ms Font
font/woff2 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: daf.tf
URL: https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://daf.tf/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 04 Jul 2021 08:09:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 59572
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 fontawesome-webfont.woff2
daf.tf/wp-content/themes/flat/assets/fonts/ 55 KB
56 KB 107ms
107ms Font
font/woff2 151.106.100.65
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://daf.tf/wp-content/themes/flat/assets/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: daf.tf
URL: https://daf.tf/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11

Protocol

Security

QUIC, , AES_128_GCM

Server

151.106.100.65 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl85.hosting24.com

Software

LiteSpeed /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://daf.tf/wp-content/themes/flat/assets/css/flat.min.css?ver=1.7.11
Origin: https://daf.tf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jun 2018 19:35:05 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56780
x-xss-protection: 1; mode=block;
expires: Tue, 07 Jun 2022 20:02:40 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/ 320 KB
114 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8804248525515641&plah=daf.tf

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

030d724f8976851e0d93229fe0a941d7946f47aaddc36ec8b04c4f5eb4e3cacc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116404
x-xss-protection: 0
server: cafe
etag: 10362601789949162776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 May 2022 20:02:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/ Frame AAD1 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 03:35:48 GMT
etag: 1327746537699501093
expires: Tue, 14 Jun 2022 03:35:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame 9BAF 319 KB
104 KB 13ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fdaf.tf
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B91) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 431138
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Tue, 31 May 2022 20:02:41 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Sun, 15 May 2022 20:03:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B91)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 9BAF 278 B
460 B 133ms
112ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=36f8de3d61952e8d6ae4f1055da0baaad85fb9a4

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fdaf.tf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 31 May 2022 20:02:40 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 20:02:41 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6f13cdd85ded373afc5ba326c0cedf19231330f68bee12e1ea9c579a1ed930fc
content-length: 179

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
642 B 64ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=daf.tf&callback=_gfp_s_&client=ca-pub-8804248525515641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8804248525515641&plah=daf.tf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

09391ab52453f2614d64a7b3b355949a6c0efd79fc9bc4dc2028fb7c16e9c593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 85ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=daf.tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=daf.tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05DC 430 B
232 B 203ms
189ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=600&slotname=8308418172&adk=455022739&adf=380339664&pi=t.ma~as.8308418172&w=250&fwrn=4&fwrnh=100&lmt=1654027361&rafmt=1&psa=0&format=250x600&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361082&bpp=4&bdt=480&idt=106&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&correlator=4163011612086&frm=20&pv=2&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7NJEXOcOrv&p=https%3A//daf.tf&dtd=121

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82767d40fe2532fe5724ca7fbf352cd414edb0e58736e58725deea44994d41c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 20:02:41 GMT
expires: Tue, 31 May 2022 20:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 22C7 16 KB
5 KB 189ms
188ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&adk=1812271804&adf=3025194257&lmt=1654027361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdaf.tf%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361130&bpp=1&bdt=528&idt=150&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x600&nras=1&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=156

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da0d2ca412783d5d8136c08f6f6d16575144d4528aef08eef73d045a5580e465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5251
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 20:02:41 GMT
expires: Tue, 31 May 2022 20:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 12ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 20:02:41 GMT
Content-Encoding: gzip
Age: 431138
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (amb/6BBA)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 25ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAC) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 20:02:41 GMT
Content-Encoding: gzip
Age: 431131
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (amb/6BAC)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 120 KB
9 KB 290ms
236ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_SeedVicious_old&dnt=false&domain=daf.tf&lang=en&screen_name=SeedVicious&suppress_response_codes=true&t=1837808&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

e4dcaf48beeb5c6f668b02c8eb36edcbc1ce89568218316ca6ef94c441a85c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=225
content-length: 9146
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 216
last-modified: Tue, 31 May 2022 20:02:41 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 85a4e8b78ea2f94653b940fc2e2f4fd12c5430d1a9215f8e4616ef081984b4f8
timing-allow-origin: *
x-transaction: 1129cf1acd350c7a
expires: Tue, 31 May 2022 20:07:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=daf.tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=daf.tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D81 132 KB
44 KB 722ms
721ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

111c278f10b0716c93ed6040d998b945d55a8d862670e36b4249e7d7bece7155

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COb53orEivgCFWQDfQoduggB1g&gqi=YXSWYpTzJI2eZ_K-tbAF&layout=/sadbundle/%24csp%253Der3%24/11955704931771569221/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44551
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COb53orEivgCFWQDfQoduggB1g&gqi=YXSWYpTzJI2eZ_K-tbAF&layout=/sadbundle/%24csp%253Der3%24/11955704931771569221/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 20:02:42 GMT
expires: Tue, 31 May 2022 20:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5382 75 KB
31 KB 626ms
625ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75cab6a83f0eebad59a19050b22cb153e9bba290966f016e25610f1da6a98ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 20:02:42 GMT
expires: Tue, 31 May 2022 20:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1f602.png
abs.twimg.com/emoji/v2/72x72/ Frame 54AF 1 KB
1 KB 30ms
6ms Image
image/png 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f602.png

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
etag: "CskKXLmjEnqr5kggS5rnnQ=="
x-tw-cdn: FT
content-type: image/png
access-control-allow-origin: *
expires: Wed, 19 Apr 2023 09:51:27 GMT
date: Tue, 31 May 2022 20:02:41 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 1095
x-served-by: cache-fty21335-FTY, cache-hhn11579-HHN

GET
H2 200 DiV_jufu
pbs.twimg.com/card_img/1529834723744559110/ Frame 54AF 23 KB
23 KB 14ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1529834723744559110/DiV_jufu?format=jpg&name=600x314

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA3) /

Resource Hash

92bec99c91cb09a829dfd56e9025cd437b47cd82f8e26279fe4aa7ebf3ded6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311568
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
content-length: 23204
x-response-time: 317
surrogate-key: card_img card_img/bucket/6 card_img/1529834723744559110
last-modified: Thu, 26 May 2022 14:37:55 GMT
server: ECS (amb/6BA3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3b46c486a9d339f715477cb7a09fd374de8f47395eef630ec2beefb87f8a55b5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f49a.png
abs.twimg.com/emoji/v2/72x72/ Frame 54AF 499 B
637 B 30ms
7ms Image
image/png 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f49a.png

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bf853fc84828d4ad0543b5cfba0e0dc0953333fae7d52b30406fe710276fd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 21 Feb 2018 22:30:23 GMT
etag: "jj1/oBHhFT6LlxNTYVTgIA=="
x-tw-cdn: FT
content-type: image/png
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 07:33:43 GMT
date: Tue, 31 May 2022 20:02:41 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 499
x-served-by: cache-fty21321-FTY, cache-hhn11579-HHN

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 54AF 53 KB
12 KB 12ms
12ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 20:02:41 GMT
Content-Encoding: gzip
Age: 431138
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (amb/6B77)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 12ms
12ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 20:02:41 GMT
Content-Encoding: gzip
Age: 431138
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (amb/6B77)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 DiV_jufu
pbs.twimg.com/card_img/1529834723744559110/ Frame 54AF 23 KB
23 KB 12ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1529834723744559110/DiV_jufu?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA3) /

Resource Hash

92bec99c91cb09a829dfd56e9025cd437b47cd82f8e26279fe4aa7ebf3ded6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311568
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
content-length: 23204
x-response-time: 317
surrogate-key: card_img card_img/bucket/6 card_img/1529834723744559110
last-modified: Thu, 26 May 2022 14:37:55 GMT
server: ECS (amb/6BA3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3b46c486a9d339f715477cb7a09fd374de8f47395eef630ec2beefb87f8a55b5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 lvZvbfc5_normal.jpg
pbs.twimg.com/profile_images/1530639508760190976/ Frame 54AF 2 KB
2 KB 13ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1530639508760190976/lvZvbfc5_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC1) /

Resource Hash

c011a93e67016952d10ce42c4910af99a020b61d692660a3b60743396b744c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 252970
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2187
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/3 profile_images/1530639508760190976
last-modified: Sat, 28 May 2022 19:55:51 GMT
server: ECS (amb/6BC1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bdaa6f52a74881fc564cc1878a7992645489cd348f3b528c778845d04bd3b18f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FcAurPhS_normal.jpg
pbs.twimg.com/profile_images/1529548668629667843/ Frame 54AF 2 KB
2 KB 14ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1529548668629667843/FcAurPhS_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC3) /

Resource Hash

117d52c31661f02035d4dd4d2e9d2f76085a7661c8057cf5d9398494b4506920

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 519555
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 1807
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/7 profile_images/1529548668629667843
last-modified: Wed, 25 May 2022 19:41:14 GMT
server: ECS (amb/6BC3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ce62acffb73db44a455a0b0f2a284e0162c00f2daaa4bea58bc3bdaf8d7f2e85
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 acquia_slate_favicon_normal.gif
pbs.twimg.com/profile_images/1926925416/ Frame 54AF 2 KB
2 KB 14ms
13ms Image
image/gif 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1926925416/acquia_slate_favicon_normal.gif

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBD) /

Resource Hash

bb5d7b1b44b44ff7dd8d91b3137fe02562099c25ae1e101332272ba9f27bb43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 374702
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
content-length: 2020
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/3 profile_images/1926925416
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (amb/6BBD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e87d34b2aaad5c3e49ac618f8a548d16ec2dee3e50cdce2f2207720c588b2fcb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ifEhyqHM_normal.jpg
pbs.twimg.com/profile_images/1509808420030844929/ Frame 54AF 2 KB
2 KB 15ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1509808420030844929/ifEhyqHM_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB1) /

Resource Hash

fc95032ef5b26cccce283703d324ec9d1c288f4f9046defbb46b199b51cedc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 387587
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2035
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/4 profile_images/1509808420030844929
last-modified: Fri, 01 Apr 2022 08:20:32 GMT
server: ECS (amb/6BB1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 342cd8676b353e6fca16050c57b8d86cbcfdba2963a611700e31034956f58c3e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 vQVX84zO_normal.jpg
pbs.twimg.com/profile_images/1443565698261917704/ Frame 54AF 2 KB
2 KB 15ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1443565698261917704/vQVX84zO_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B9C) /

Resource Hash

405c1e7eb7c2f20f5d18d26f52695c98b2b6b93837adaf1fcbb06222c76dd400

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 451233
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 1959
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/8 profile_images/1443565698261917704
last-modified: Thu, 30 Sep 2021 13:15:37 GMT
server: ECS (amb/6B9C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e5fe6e65cc15f3f85180949821b22a145322018cc73b6a01bf2b8d5702e53f4a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F1YfCzHx_normal.jpg
pbs.twimg.com/profile_images/1524173134416338945/ Frame 54AF 2 KB
2 KB 13ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1524173134416338945/F1YfCzHx_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7C) /

Resource Hash

d14624d8d002a9813759af6f956223a322ad3b2b49cc8192e4c435553950481c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311567
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 2111
x-response-time: 111
surrogate-key: profile_images profile_images/bucket/0 profile_images/1524173134416338945
last-modified: Tue, 10 May 2022 23:40:47 GMT
server: ECS (amb/6B7C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a0aa2632cd5526802556f5e571e6493f03c4d96b7e5bb03fb07ace0bd8dd1660
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 TjC2NIRO_normal.jpg
pbs.twimg.com/profile_images/1330945064684621825/ Frame 54AF 2 KB
2 KB 13ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1330945064684621825/TjC2NIRO_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BAE) /

Resource Hash

233f418a2508c9e4739e80e15d676a707de2f041b7fd873431424ac626d23103

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 181117
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2263
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/3 profile_images/1330945064684621825
last-modified: Mon, 23 Nov 2020 18:41:25 GMT
server: ECS (amb/6BAE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 89aa91b35638e69c392494efa556fb045019ae6905b6d520a5c87560d675eeba
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 _Eooxcxc_normal.png
pbs.twimg.com/profile_images/1356823152391843844/ Frame 54AF 769 B
964 B 14ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1356823152391843844/_Eooxcxc_normal.png

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B95) /

Resource Hash

cb21925552398ef498f4c30d2535753082ff8435c73c279c79bb4543c22a6a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 98636
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 769
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/4 profile_images/1356823152391843844
last-modified: Wed, 03 Feb 2021 04:31:42 GMT
server: ECS (amb/6B95)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f9d9627cce9f24296e29ef90e872c7f062d8f1738061bd6928c3f87d18e33328
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 fKifHgEN_normal.jpg
pbs.twimg.com/profile_images/1469022688043798537/ Frame 54AF 2 KB
2 KB 14ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1469022688043798537/fKifHgEN_normal.jpg

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB1) /

Resource Hash

2b7dbfa40529259ec8c3408d361b0a3f64b0d42947ceef3258ac890e4aec477f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 398765
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2111
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/2 profile_images/1469022688043798537
last-modified: Thu, 09 Dec 2021 19:12:36 GMT
server: ECS (amb/6BB1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b9054d4f523b26aaa98d0032e1ee8a95ab23faf9feb7870e8742c7e1e516bc5a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTuKNEBWYBAUw8e
pbs.twimg.com/media/ Frame 54AF 11 KB
11 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTuKNEBWYBAUw8e?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBE) /

Resource Hash

78115db5e98a5c5dc190013e698fe9c9b069bff6d8d84691868e621f5701647b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311567
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 10827
x-response-time: 168
surrogate-key: media media/bucket/2 media/1529968455444750352
last-modified: Thu, 26 May 2022 23:29:19 GMT
server: ECS (amb/6BBE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3d734f5c3a7c56a3f13edb6b55d5215d5cf8d12383153a4bf512f9ca30b2ccaf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FThVVA0VEAAbUhW
pbs.twimg.com/media/ Frame 54AF 23 KB
23 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FThVVA0VEAAbUhW?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B97) /

Resource Hash

d8145d3a0675c740321159fd7321982ad30e84cbad4e2600d95ac27dbc89ee63

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 131033
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
content-length: 23471
x-response-time: 270
surrogate-key: media media/bucket/0 media/1529065892977381376
last-modified: Tue, 24 May 2022 11:42:52 GMT
server: ECS (amb/6B97)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9d2f15ccdebf0fc885384d5239a867157349ccd0cb00eff78778ddd5645e6833
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTe9WadXoAEbYHJ
pbs.twimg.com/media/ Frame 54AF 20 KB
21 KB 13ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTe9WadXoAEbYHJ?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7A) /

Resource Hash

f726c685424213712c50d50324c4e20a9b2c4220a3d8b232b37f7eebe898971f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 20847
x-response-time: 268
surrogate-key: media media/bucket/3 media/1528898791272849409
last-modified: Tue, 24 May 2022 00:38:52 GMT
server: ECS (amb/6B7A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a66f68e6c1cf612895654cda61c39fe1fd9c0f3187369d635d98cd2422dd4209
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTXcbPqXsAAVvUU
pbs.twimg.com/media/ Frame 54AF 32 KB
33 KB 13ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTXcbPqXsAAVvUU?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB6) /

Resource Hash

85e2fe8f48c019901b4fd57ccaa1af6d64657cf65ffa7197fbdd7ef600910c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
content-length: 33115
x-response-time: 258
surrogate-key: media media/bucket/2 media/1528370009180975104
last-modified: Sun, 22 May 2022 13:37:40 GMT
server: ECS (amb/6BB6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 41fbb2e142849e4d6dc5d8641301bee289e1bcbba168d176818abfd5cc12f703
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTS8Pr2XsAEI5ES
pbs.twimg.com/media/ Frame 54AF 29 KB
29 KB 14ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTS8Pr2XsAEI5ES?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB3) /

Resource Hash

9acbd8b4d23e50eba6ed100f0e716f96521b495e2414381b23d877f15a7d0504

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 29549
x-response-time: 287
surrogate-key: media media/bucket/5 media/1528053151240269825
last-modified: Sat, 21 May 2022 16:38:35 GMT
server: ECS (amb/6BB3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d84b3f381d7547d5340287ef77098281be0c770518f73fc7af574e65dfe486d6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FS5ef1cXoAMEbIZ
pbs.twimg.com/media/ Frame 54AF 24 KB
24 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FS5ef1cXoAMEbIZ?format=jpg&name=small

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA8) /

Resource Hash

ae03ab0a42897d9a48188bc6570888428bd57747df8c9f87682479e62e13a408

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 24754
x-response-time: 240
surrogate-key: media media/bucket/8 media/1526261224740200451
last-modified: Mon, 16 May 2022 17:58:07 GMT
server: ECS (amb/6BA8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be7dce022f2170141e62be4bfad0bbe051ec567984754b4fbf2b4a4005067823
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FS4N5t2WUAEmlMl
pbs.twimg.com/media/ Frame 54AF 10 KB
10 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FS4N5t2WUAEmlMl?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B91) /

Resource Hash

58333fd4258a1823b2b4f7098161d8e6bbb441ccdb6a8d6639c17d62daa96609

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
content-length: 10092
x-response-time: 170
surrogate-key: media media/bucket/0 media/1526172608936431617
last-modified: Mon, 16 May 2022 12:05:59 GMT
server: ECS (amb/6B91)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b3db2dbd9d8f7baecb995e9f7065a7a9f7f674afb8e736083e3c19e6be8261dc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FS1KakxWIAA018p
pbs.twimg.com/media/ Frame 54AF 17 KB
17 KB 17ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FS1KakxWIAA018p?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B75) /

Resource Hash

b255cf1a5e75565477a0d494f90363c4ec50ff371a465bb9e1128b8b1866d624

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
content-length: 17413
x-response-time: 264
surrogate-key: media media/bucket/1 media/1525957669156167680
last-modified: Sun, 15 May 2022 21:51:53 GMT
server: ECS (amb/6B75)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba8112c443b4ccb98f93c96272a49aa4a9c52bea8eb4ece1167f5d86bb114283
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FSurvNZWUAI8Q_i
pbs.twimg.com/media/ Frame 54AF 15 KB
15 KB 13ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FSurvNZWUAI8Q_i?format=jpg&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBE) /

Resource Hash

86a70a95726e2137341d20b0f0c45c7d70053be382a3cc6ba22e1622c82aa7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 15666
x-response-time: 241
surrogate-key: media media/bucket/3 media/1525501726333227010
last-modified: Sat, 14 May 2022 15:40:08 GMT
server: ECS (amb/6BBE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 90f059021c5248c18bbdef46fa6e73be71d8742bfe779b8dcb8281aaf8cc1501
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FSkIyVUWUAMW0xd
pbs.twimg.com/media/ Frame 54AF 141 KB
142 KB 15ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FSkIyVUWUAMW0xd?format=png&name=360x360

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B76) /

Resource Hash

2572696ef40b6f4c8f7fdc2121b9cbfd77552b3a4e1b582aa10866325a7159c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 294540
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
content-length: 144780
x-response-time: 289
surrogate-key: media media/bucket/4 media/1524759609650597891
last-modified: Thu, 12 May 2022 14:31:14 GMT
server: ECS (amb/6B76)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 385a9f295db1bcf5f3193c02495459c7da29da6898b452e0d2f4a247010539de
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTzR5aZWUAABHvY
pbs.twimg.com/media/ Frame 54AF 19 KB
19 KB 14ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTzR5aZWUAABHvY?format=jpg&name=240x240

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B9D) /

Resource Hash

3fcaf4ae82bca45d99d40a672a904ef6909c898182ae39b35eb32e554a2500e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311567
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 19354
x-response-time: 303
surrogate-key: media media/bucket/3 media/1530328757667516416
last-modified: Fri, 27 May 2022 23:21:02 GMT
server: ECS (amb/6B9D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c9b905e4006c00301e04bbdebd9417564468f1f58c060caf140076c2c4b10a8f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTzR5uQWAAIRy5J
pbs.twimg.com/media/ Frame 54AF 18 KB
18 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTzR5uQWAAIRy5J?format=jpg&name=240x240

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B80) /

Resource Hash

f21b49d8625740a36d6600d727c88d06dd8536edcb6128aeacf107690919a893

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311567
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 18044
x-response-time: 305
surrogate-key: media media/bucket/5 media/1530328762998456322
last-modified: Fri, 27 May 2022 23:21:03 GMT
server: ECS (amb/6B80)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e92ec2e0369f9f25c3ce2a9eb97a4a7b35ec2d2b85104f58d3f5b2e60a015091
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTzR5_vXoAE4uj-
pbs.twimg.com/media/ Frame 54AF 17 KB
18 KB 15ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTzR5_vXoAE4uj-?format=jpg&name=240x240

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7C) /

Resource Hash

e2e6aa91a5df55f46ef42d81383cf613b9cc620909873a9caf0a09dc766f16b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311567
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 17875
x-response-time: 295
surrogate-key: media media/bucket/6 media/1530328767691988993
last-modified: Fri, 27 May 2022 23:21:05 GMT
server: ECS (amb/6B7C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0249c75301a07f220d28560ece3aca90de0dc22c55a0829d7bde4022c5e059ea
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FTzR6PXWAAIlozc
pbs.twimg.com/media/ Frame 54AF 16 KB
16 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FTzR6PXWAAIlozc?format=jpg&name=240x240

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA5) /

Resource Hash

8dd3c9e9d960280d655dd1f9a1765412edf4d1b48bbd16e7c3b65e8b1460f560

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311567
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 16366
x-response-time: 315
surrogate-key: media media/bucket/9 media/1530328771886186498
last-modified: Fri, 27 May 2022 23:21:06 GMT
server: ECS (amb/6BA5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 76f353a03016196405add816567490097824b0d226c6f1e490ba6c3ff1d6582d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 54AF 44 KB
7 KB 59ms
10ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/8B45) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462853
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (ama/8B45)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: f178a2d8cd3c1c413ea1758964553ea8fcfa1d3e7a8fc841333e39eb3d7d4e89
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 07 Jun 2022 20:02:41 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 62ms
13ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/8B45) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462853
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (ama/8B45)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: f178a2d8cd3c1c413ea1758964553ea8fcfa1d3e7a8fc841333e39eb3d7d4e89
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 07 Jun 2022 20:02:41 GMT

GET
DATA 200
OK truncated
/ Frame 54AF 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 54AF 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 54AF 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 54AF 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 54AF 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 54AF 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 DiV_jufu
pbs.twimg.com/card_img/1529834723744559110/ Frame 54AF 23 KB
23 KB 18ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1529834723744559110/DiV_jufu?format=jpg&name=600x314

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA3) /

Resource Hash

92bec99c91cb09a829dfd56e9025cd437b47cd82f8e26279fe4aa7ebf3ded6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
x-content-type-options: nosniff
age: 311568
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
content-length: 23204
x-response-time: 317
surrogate-key: card_img card_img/bucket/6 card_img/1529834723744559110
last-modified: Thu, 26 May 2022 14:37:55 GMT
server: ECS (amb/6BA3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3b46c486a9d339f715477cb7a09fd374de8f47395eef630ec2beefb87f8a55b5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
356 B 115ms
114ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdaf.tf%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3ASeedVicious%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1654027361861%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=36f8de3d61952e8d6ae4f1055da0baaad85fb9a4

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Tue, 31 May 2022 20:02:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6f13cdd85ded373afc5ba326c0cedf19231330f68bee12e1ea9c579a1ed930fc
x-transaction: 04e08d0311e696a3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 9315331751045300413
tpc.googlesyndication.com/simgad/ Frame 5382 129 KB
129 KB 50ms
11ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9315331751045300413?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlk7RoGW4mnavkRb9plx2cE2uR9UQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfe5f9662e96ac802c89dbb19d0ca75817071dd4afcebc5210ae33863c8e382e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 15:00:53 GMT
x-content-type-options: nosniff
age: 536509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131809
x-xss-protection: 0
last-modified: Wed, 04 May 2022 14:28:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 May 2023 15:00:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/ Frame 5382 21 KB
9 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e696fc5a16bb33e2462796a76fba8e5cc004fca3385e46c344d3f2d3418c967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8678
x-xss-protection: 0
server: cafe
etag: 16978244397020590470
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 19:54:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 5382 3 KB
1 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 19:47:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 5382 17 KB
7 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2492ffaee03911100316db89800ea85e9dab57634b3bcd59c4b41de886ffe3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7307
x-xss-protection: 0
server: cafe
etag: 17708877374763515558
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 20:01:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5382 0
0 46ms
25ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvRG8dqUUpEaIbH2GAI-pbIg1XCG9MXgejjwN0RtZsezR6nI-w2RkapWomZ1QurcGmPaEQtR9GrT--VqwDSpILmi_8Xw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5382 136 KB
42 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 May 2022 20:02:42 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 5382 32 KB
13 KB 41ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bd098cf237254dacb7a2993b0b7b00081786c23b333e774c90995bd3ce22ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13004
x-xss-protection: 0
server: cafe
etag: 13118488439169509724
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 04:20:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5382 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl5TOYXSWYu2hLIuDtOUP2YeUwAXdtcSmap3bhq_rD9nZHhABIJjeiCBgleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBNQBT9B_vufB6Z2BMmVaE1_fbdTENhkH7qvZgTTGawMbt4pEo1TS1nsHD20TILx00NYtzymnbyCt1cDLi9ElBDmXpIVzeoXFUOrJhqjLN4fGirUx8iqzwk6m-jzbqsowRJzJS5814c8DMQvkINdPuHn-Zx35qyWPE6nCNSXIXbktk1jZdNVQ5ht16dzVE_biW1fuBTcK6ZUBhMlNxgQR0ZQ5NIGaQloITRfriFYU5RNxGb9Xz1hXIdRyHCcagdKNb_lQUBAufEkwOzLOHHPZRxBtLldt9o7ABK7EhImCBJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM_9EdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODA0MjQ4NTI1NTE1NjQxGAA&sigh=Gs6s_Zx9v7s&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 31 May 2022 20:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/ Frame 21D0 152 KB
26 KB 24ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a16208065601108ca223902ff5e042b73acc842bf97fe30d5e0884786cf58cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 595806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26705
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 22:32:36 GMT
expires: Wed, 24 May 2023 22:32:36 GMT
last-modified: Thu, 03 Feb 2022 10:04:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 391A 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs5AvYXSWYqbFKuSG9AO6kYSwDfLe2ZFovNuQ2bwPvOe_sKsOEAEgmN6IIGCV4pCCoAegAbm3kbAoyAEJqQLL5WhdKfqxPqgDAcgDSKoE5wFP0BAmyNfPtVnhxhB5Cjv1ei2LhEiBeEat2_gdN4Ew8OI8szjkfkqfztoPPQzcwj7_x8IohTxAgBZ-oaVSMi6Y3UwYFX-an9UAsApVImCg3rpZq49Iq3IJ5G2ppmaJmXPcykthOPkmNJhtY_B2cAFZo-9SJlm4YgNzOdTz295641ydggi3a9BtCSq-GXHHO_68l334QIZRQKqaOwMn0_g3kFvs3RocPicUP2TJReYj9k36_iutGx5G_x6DHY8p5Q8kaK8HopAcNPuorfqxGoFBRnKfI9NY5GU_siQlSLkd6f2Zj7S5GFzABNL__OjeA5IFBAgEGAGSBQQIBRgEoAYugAe57-GPA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOisENIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04ODA0MjQ4NTI1NTE1NjQxGAA&sigh=yvUTWxvkIZQ&uach_m=[UACH]&template_id=419

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 31 May 2022 20:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/ Frame 391A 21 KB
9 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e696fc5a16bb33e2462796a76fba8e5cc004fca3385e46c344d3f2d3418c967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8678
x-xss-protection: 0
server: cafe
etag: 16978244397020590470
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 19:54:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 391A 3 KB
1 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 19:49:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 391A 136 KB
42 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 May 2022 20:02:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 391A 17 KB
7 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2492ffaee03911100316db89800ea85e9dab57634b3bcd59c4b41de886ffe3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7307
x-xss-protection: 0
server: cafe
etag: 17708877374763515558
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 19:57:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 55CF 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 19:25:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DC2F 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 01 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5382 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f9bd124f4c68763fcfb09ea20ad56e73991e1ed0678ac901df3878a770e7941

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 21D0 2 KB
484 B 31ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans:regular,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5b5a339dea9a9c7d98f00c1779903d4d3539729b510b401e09837eebac0c0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 18:55:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 20:02:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 20:02:42 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 21D0 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 31 May 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 21D0 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 01 Jun 2022 16:13:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B58 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 19:25:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 391A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42aa6749f9bccf0dd17839b0ca741232d379191e9beb277f292eae0c57990921

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC2F
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJGI410r7lvNEsVpb7OZDjdrHS4UYsToGgR7nu...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBaMFlnQUFBR0szMGs0cA&google_push=AYg5qPJGI410r7lvNEsVpb7OZDjdrHS4UYsToGgR7nuyqsOjroJ4sT3KliSSm4Pyo36cosGs7W4HsQIINwiqEgxrFSLNzrolWDy-

170 B
188 B

28ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBaMFlnQUFBR0szMGs0cA&google_push=AYg5qPJGI410r7lvNEsVpb7OZDjdrHS4UYsToGgR7nuyqsOjroJ4sT3KliSSm4Pyo36cosGs7W4HsQIINwiqEgxrFSLNzrolWDy-

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBaMFlnQUFBR0szMGs0cA&google_push=AYg5qPJGI410r7lvNEsVpb7OZDjdrHS4UYsToGgR7nuyqsOjroJ4sT3KliSSm4Pyo36cosGs7W4HsQIINwiqEgxrFSLNzrolWDy-
Date: Tue, 31 May 2022 20:02:42 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC2F
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL3dd48mG5MqnkHL0wID2ilF3K2Ab8qD97QQc6Jfobc53rdvanqdmKUKAIWQxSyE8qODKuZURyue9mr1vvd7csB0ri6fCX-&google_gid=CAESEJauWrpI-o_YZRAAKs0uFgU&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOLo2ZQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMM2RkNDhtRzVNcW5rSEwwd0lEMmlsRjNLMkFiOHFEOTdRUWM2SmZvYmM1M3JkdmFucWRtS1VLQUlXUXhTeUU4cU9ES3VaVVJ5dWU5bXIxdn...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSkx3MnNoZnQ2NWkycElGQVFoR3c4UWVGbnNEOHRuY0FIZmpzYTVhX0cybw==&google_push

170 B
188 B

21ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSkx3MnNoZnQ2NWkycElGQVFoR3c4UWVGbnNEOHRuY0FIZmpzYTVhX0cybw==&google_push

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 May 2022 20:02:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSkx3MnNoZnQ2NWkycElGQVFoR3c4UWVGbnNEOHRuY0FIZmpzYTVhX0cybw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC2F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ1f7cr...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ1f7cr...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MzEyMDAyNDIwMDAxNTQ4MjEzMjMyNQ%3D%3D&google_push=AYg5qPJ1f7crk30TT6wamsE_ck4oRb1OFhc6bDZ5o7aMFNDj_smZVo4QwUBRZbCcfgeN_N...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MzEyMDAyNDIwMDAxNTQ4MjEzMjMyNQ%3D%3D&google_push=AYg5qPJ1f7crk30TT6wamsE_ck4oRb1OFhc6bDZ5o7aMFNDj_smZVo4QwUBRZbCcfgeN_Nr3BAcgUpNzvIrQ50WV-qwFKItwzYm5

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MzEyMDAyNDIwMDAxNTQ4MjEzMjMyNQ%3D%3D&google_push=AYg5qPJ1f7crk30TT6wamsE_ck4oRb1OFhc6bDZ5o7aMFNDj_smZVo4QwUBRZbCcfgeN_Nr3BAcgUpNzvIrQ50WV-qwFKItwzYm5
pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 31 May 2022 20:02:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC2F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFoHD7mEF1VnPGMzzWrGJlw&google_cver=1&google_push=AYg5qPLaQXM01PwGdQnQ7pGRi90tUqXDXM9n16Dd-wzdCb2pjL72ytjLuRfXpGQAQ-vL8aZwwnE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNVTDZPWTItSi1KV0tI&google_push=AYg5qPLaQXM01PwGdQnQ7pGRi90tUqXDXM9n16Dd-wzdCb2pjL72ytjLuRfXpGQAQ-vL8aZwwnEuXJlWpZag59IiFugSnF9xZ2tO

170 B
188 B

33ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNVTDZPWTItSi1KV0tI&google_push=AYg5qPLaQXM01PwGdQnQ7pGRi90tUqXDXM9n16Dd-wzdCb2pjL72ytjLuRfXpGQAQ-vL8aZwwnEuXJlWpZag59IiFugSnF9xZ2tO

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNVTDZPWTItSi1KV0tI&google_push=AYg5qPLaQXM01PwGdQnQ7pGRi90tUqXDXM9n16Dd-wzdCb2pjL72ytjLuRfXpGQAQ-vL8aZwwnEuXJlWpZag59IiFugSnF9xZ2tO
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC2F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPzdaobitWAjnMeuaibAHlw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPzdaobitWAjnMeuaibAHlw&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpZ0YgAFLfGUzqHCTaffsAAABLAAAAIB&google_cver=1&google_push=AYg5qPIYag3L5uN6sG3_e54_Ofia3_XPW8zFRqgX_BdmlnAbto7lPcnmVPvI4rL-LvAavRiGQRUJ...

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpZ0YgAFLfGUzqHCTaffsAAABLAAAAIB&google_cver=1&google_push=AYg5qPIYag3L5uN6sG3_e54_Ofia3_XPW8zFRqgX_BdmlnAbto7lPcnmVPvI4rL-LvAavRiGQRUJ6lUBipSF6k5XOnpB2-lfgu2z&google_gid=CAESEPzdaobitWAjnMeuaibAHlw

Requested by

Host: daf.tf
URL: https://daf.tf/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 May 2022 20:02:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpZ0YgAFLfGUzqHCTaffsAAABLAAAAIB&google_cver=1&google_push=AYg5qPIYag3L5uN6sG3_e54_Ofia3_XPW8zFRqgX_BdmlnAbto7lPcnmVPvI4rL-LvAavRiGQRUJ6lUBipSF6k5XOnpB2-lfgu2z&google_gid=CAESEPzdaobitWAjnMeuaibAHlw
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 31 May 2022 20:02:42 GMT

GET
H2 200 trk
ag.innovid.com/ Frame DC2F 43 B
296 B 120ms
19ms Image
image/gif 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEB_TvjcKp3xJJMWO5jd_z3o&google_cver=1&google_push=AYg5qPJjNgjFdTIw6OtLaJzzCrzcaFM70VJ_s4ecq1lg8FZlIZ0fcZ6uVl1l086vErdIE9ez26I2Eo_2hhWK8WYYY9_jyMOCT4Et
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=693078770&pi=t.aa~a.3312635906~i.39~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=930&idt=1&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0%2C720x280&nras=3&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=2912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pg3Kc9ZwOt&p=https%3A//daf.tf&dtd=79
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame DC2F 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DC2F 0
232 B 52ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzgPitZ-7deXRtsdwYyeuMFGu6rBJsjQdR0pLAyVDFXJBKjoFLwhtZ_hrLV82TbPJjD7TtAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 391A 0
20 B 54ms
40ms Other
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COb53orEivgCFWQDfQoduggB1g&gqi=YXSWYpTzJI2eZ_K-tbAF&layout=/sadbundle/%24csp%253Der3%24/11955704931771569221/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 31 May 2022 20:02:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 55CF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

120ms
120ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 20:02:42 GMT
expires: Tue, 31 May 2022 20:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 20:02:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame CE23 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 09:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 09:38:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B58
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
80ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 20:02:42 GMT
expires: Tue, 31 May 2022 20:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 20:02:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 21D0 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 975745c4a225beda2184f9b21c93f04a1ef5df49d7768350672edc2f82d62910

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v14/ Frame 21D0 26 KB
26 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesans/v14/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:regular,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d383f6c4fd9e49453e370aa4eb03df2ff81d4524d4a6045be1220476046dfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 23:51:56 GMT
x-content-type-options: nosniff
age: 418246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26176
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:07:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 23:51:56 GMT

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 21D0 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 09:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 09:38:47 GMT

GET
H3 200 Cupra_Formentor_400.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/ Frame 21D0 114 KB
114 KB 8ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/Cupra_Formentor_400.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b219c80b8c0dcab16e5840260f3ac033f8f1859a89115c14f4886922c289fb09

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 398026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117179
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 10:04:45 GMT
server: sffe
date: Fri, 27 May 2022 05:28:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 May 2023 05:28:56 GMT

GET
H3 200 Display_Banner_Fast-L_970x250.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/ Frame 21D0 12 KB
4 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11955704931771569221/Display_Banner_Fast-L_970x250.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c1d919d0eed311203c522bd724a5789c970ed4673c8fba721a761335cda91ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 393138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 10:04:45 GMT
server: sffe
date: Fri, 27 May 2022 06:50:24 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 May 2023 06:50:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 23ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220526&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

213c66a062c13deb00c832a5b910936316780b79f70a2dd7258f4c0083b12571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 May 2022 20:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10438
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 337ms
335ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 May 2022 20:02:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CC0 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 17:36:17 GMT
expires: Wed, 31 May 2023 17:36:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EEA1 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb3fef37ad97267024a95328f862edc6447f0fef48d9959ad92e7d1777560320

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XzzJLUtk9u8KhpQmCvA_AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://daf.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-XzzJLUtk9u8KhpQmCvA_AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 20:02:43 GMT
expires: Tue, 31 May 2022 20:02:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CC0 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 09:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 09:38:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EEA1 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220526&jk=2503392621408621&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1CC0 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fCbV7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:02:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220526&jk=2503392621408621&bg=!urmluf3NAAao8wy8iPM7ACkAdvg8Wmk8hk8uSFqMOrxI74hvpnqw0CIdUZ6_xsV6XHgB75ZgAhMKeQIAAAA_UgAAAAJoAQeZAo0Wq1ZdevdJY5QIeyNWXQIu38S0TyyNaqTT87GFaITjlZ_HQFuIQ09dMVfuDY4K1I5efOyzPsbHlz8MbJ3Q769lUFK6SeJKF5CEN-uIC_FvBE8vADWgoY_TJziMDGsBLk4qb9f0VjvlPZQt7B7yAHt4F11Gp7ohe8DrS3nzBCTahneUSS4bjE4U9HIyIJzcufwtwhZd9GmInGIgYgoTqpvctSljmbdIa547GvpIzn5Qn2LPDEw-51l7L8n0_5YmDz5Nuj9bC3Isl_tey-iY8KuGW6SyKBdfcEiBmETjrfVuK4h5iODU4c-ausvQ5ajDSiz0NZLHL3D7aR7_UUJ4nnxzQrWqf6aq5k0eCeckKYphRMQ91I8IM1-NDdRoM7n1Pdhwd3DPL_H5AgSG_10zpZuwovcRogjsu4NmiX4FiPTVXHeoxgqNJd0yWE-7ylPfBDN-X7V5EqiVeFIqWRtwWbg_oZb7BBZlZAk_XnMNuRRiBfs7XFY-vYCOhEsj8rjbn8nda8-3OIW50Q5SanjdOg2AS2yiZVBKS-YkCAnKGZvKnbiAyGOjYqC2_vBfdSWSu7SG9bX1YTqbXjXLhO2Va6N5X_VgqyJAlVh9tZovqAkeV361MUGT6X_9iSwTc6xXcwUweXIrUG-ziT96R9Jzg53DeHVVowWVKYeDGPCkbxD6WMajIvVhgecrpKOZ4bhVWSK0-e9cilS2WFVCTMnuzpUYb8B2TOWE1mTDL6Ku_SaglxUkIaij8P4LytduVA7TySekgZiWfFOajh3RP7iT518Wla37eHwGnL2dz33Z9sXkLloIzCMWrTp3Uu8yMxm5qe5q6tAdfFhbb9Bqi4jXwTMUr-RPX-NbgyaQacdnsg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daf.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIeIkoKpsqVzsRT5mR14cg8&google_cver=1&google_push=AYg5qPLxsnaKQpy0BK40r8MjL5pkvx7pyA74QUiI52s1chqAGXicem_mHe_4bgfCWKOhjdGFT_D2ZgYxjXmkOexXc1qltsKVcDV8

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
daf.tf/	1969-12-31 23:59:59	Name: __wpdm_client Value: a33c4d047b256a426c70c5f17d90a782
.daf.tf/	1970-01-20 12:48:43	Name: __gads Value: ID=6a487186ee554620-22e7e1b0a3cd00da:T=1654027361:RT=1654027361:S=ALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw
.doubleclick.net/	1970-01-20 12:48:43	Name: IDE Value: AHWqTUnvF_yGgLEVEu4b6PBGsaEw8IGe-2LRbEgRhSJTlNvnasFstugt7JLuGNComjs
.rlcdn.com/	1970-01-20 12:12:43	Name: rlas3 Value: Vb3lhO9xszW/+3VsWsooMGNOjfCuE6OWrn3lvNeIdE8=
.casalemedia.com/	1970-01-20 12:12:43	Name: CMID Value: YpZ0YgAFLfGUzqHCTaffsAAA
.casalemedia.com/	1970-01-20 05:36:43	Name: CMPS Value: 5203
.rlcdn.com/	1970-01-20 04:53:31	Name: pxrc Value: COLo2ZQGEgUI6AcQABIGCOndKhAA
.innovid.com/	1970-01-20 05:36:43	Name: uuid Value: 2c09d63b-c88c-46ff-aa1f-5f925a8686c7-20220531 16:02:42
.casalemedia.com/	1970-01-20 05:36:43	Name: CMPRO Value: 1200
.casalemedia.com/	1970-01-20 03:28:33	Name: CMST Value: YpZ0YmKWdGIA
.doubleclick.net/	1970-01-20 03:27:10	Name: DSID Value: NO_DATA
.e.dlx.addthis.com/	1970-01-20 12:57:21	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:57:21	Name: na_id Value: 2022053120024200015482132325
.addthis.com/	1970-01-20 12:57:21	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:57:21	Name: uid Value: 629674629ade27ce
.addthis.com/	1970-01-20 12:57:21	Name: ouid Value: 6296746200012b2579eb1e57b988ef680a543ae38a6bb8102485
.dlx.addthis.com/	1970-01-20 04:10:19	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:10:19	Name: na_sr Value: 20220531
.dlx.addthis.com/	1970-01-20 03:27:07	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:10:19	Name: na_sc_e Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hackernoon.com/photos/O9lzzXTfS6NWUlIGd0tTx2M2U0t2-gg5h36oo Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11955704931771569221/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8804248525515641&output=html&h=280&adk=406582304&adf=412487987&pi=t.aa~a.3312635906~i.11~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1654027361&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4803760906&psa=1&ad_type=text_image&format=720x280&url=https%3A%2F%2Fdaf.tf%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654027361533&bpp=1&bdt=931&idt=-M&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a487186ee554620-22e7e1b0a3cd00da%3AT%3D1654027361%3ART%3D1654027361%3AS%3DALNI_MZeqhCtmjivEtDy3pLQNFWtZvjJWw&prev_fmts=250x600%2C0x0&nras=2&correlator=4163011612086&frm=20&pv=1&ga_vid=1210982057.1654027361&ga_sid=1654027361&ga_hid=100431592&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=590&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475&oid=2&pvsid=2503392621408621&pem=561&tmod=1337766462&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=dHp4FW1lRg&p=https%3A//daf.tf&dtd=48 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11955704931771569221/index.html".
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIeIkoKpsqVzsRT5mR14cg8&google_cver=1&google_push=AYg5qPLxsnaKQpy0BK40r8MjL5pkvx7pyA74QUiI52s1chqAGXicem_mHe_4bgfCWKOhjdGFT_D2ZgYxjXmkOexXc1qltsKVcDV8 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
ag.innovid.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
daf.tf
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hackernoon.com
id.rlcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.everesttech.net
pixel.rubiconproject.com
platform.twitter.com
ssum-sec.casalemedia.com
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
www.cybertec-postgresql.com
www.google.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.244.42.136
142.250.186.130
151.106.100.65
199.232.136.159
23.35.232.247
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::ac43:4560
2a00:1450:4001:809::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18
2a06:98c1:3120::3
34.251.55.128
35.244.174.68
69.173.144.165
69.192.160.219
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
030d724f8976851e0d93229fe0a941d7946f47aaddc36ec8b04c4f5eb4e3cacc
06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0
09391ab52453f2614d64a7b3b355949a6c0efd79fc9bc4dc2028fb7c16e9c593
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
111c278f10b0716c93ed6040d998b945d55a8d862670e36b4249e7d7bece7155
117d52c31661f02035d4dd4d2e9d2f76085a7661c8057cf5d9398494b4506920
157c04e503b390680cb8252f1fbffa38132f01ade9e3fbfb1d2d838a146bc09d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1f9bd124f4c68763fcfb09ea20ad56e73991e1ed0678ac901df3878a770e7941
213c66a062c13deb00c832a5b910936316780b79f70a2dd7258f4c0083b12571
233f418a2508c9e4739e80e15d676a707de2f041b7fd873431424ac626d23103
2357a44ceeeb7d4cade95868044bc246f6361ed45c61a76c5e6368cf8bf00bb2
2572696ef40b6f4c8f7fdc2121b9cbfd77552b3a4e1b582aa10866325a7159c7
26d13c33a74523b38f4d115c9551cc751f8246b9c8308489998844e4eda58fe9
28d647f3c9fe7be434812d5fb1b76f1b6b0d4449253f5f3c982c45b57ee7c971
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2b7dbfa40529259ec8c3408d361b0a3f64b0d42947ceef3258ac890e4aec477f
2c1d919d0eed311203c522bd724a5789c970ed4673c8fba721a761335cda91ba
2da16d7cb89604400356aebcf6fb184aa9a9d6c24b8c9cc1f1dbd88fe67998ca
2e696fc5a16bb33e2462796a76fba8e5cc004fca3385e46c344d3f2d3418c967
3bf853fc84828d4ad0543b5cfba0e0dc0953333fae7d52b30406fe710276fd2b
3fcaf4ae82bca45d99d40a672a904ef6909c898182ae39b35eb32e554a2500e7
405c1e7eb7c2f20f5d18d26f52695c98b2b6b93837adaf1fcbb06222c76dd400
42aa6749f9bccf0dd17839b0ca741232d379191e9beb277f292eae0c57990921
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
4358a96884097724055a07c198c9eda6732136d6377c01e8ce5699993eff6d46
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
452505d859be1f526ec45492acb695a3d822f50e56f93e1928948233b246cda0
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
4d0995bd8a159020c6d71fa46d5c7fb0930c4ec99d92d271efaabd0f56082708
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
524832a4229add733fea344d5cbc9f6f5625abd232188791cb0c04900dd7d787
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58333fd4258a1823b2b4f7098161d8e6bbb441ccdb6a8d6639c17d62daa96609
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
63b6dbf6132bc691dc99f7ca3dded67604c8e8b3375457e8f8ced616d73aa94a
6a16208065601108ca223902ff5e042b73acc842bf97fe30d5e0884786cf58cd
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bd098cf237254dacb7a2993b0b7b00081786c23b333e774c90995bd3ce22ec0
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224
751359fb94188b6d2f65d74ceb26211f4ce8fdc5879d3a6c2e9a3b84d1620e4b
754e7f3a85a201043c7045484113643c2d17353e5245ef31f4e3fbe41b0ced5c
75cab6a83f0eebad59a19050b22cb153e9bba290966f016e25610f1da6a98ce3
78115db5e98a5c5dc190013e698fe9c9b069bff6d8d84691868e621f5701647b
82767d40fe2532fe5724ca7fbf352cd414edb0e58736e58725deea44994d41c8
85e2fe8f48c019901b4fd57ccaa1af6d64657cf65ffa7197fbdd7ef600910c40
86a70a95726e2137341d20b0f0c45c7d70053be382a3cc6ba22e1622c82aa7e2
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aecee7aa74144bd766b8c2a7391407e4dd9e02f5ed4207731c78399ec88eb66
8dd3c9e9d960280d655dd1f9a1765412edf4d1b48bbd16e7c3b65e8b1460f560
92bec99c91cb09a829dfd56e9025cd437b47cd82f8e26279fe4aa7ebf3ded6f0
975745c4a225beda2184f9b21c93f04a1ef5df49d7768350672edc2f82d62910
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acbd8b4d23e50eba6ed100f0e716f96521b495e2414381b23d877f15a7d0504
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d383f6c4fd9e49453e370aa4eb03df2ff81d4524d4a6045be1220476046dfa7
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae03ab0a42897d9a48188bc6570888428bd57747df8c9f87682479e62e13a408
b219c80b8c0dcab16e5840260f3ac033f8f1859a89115c14f4886922c289fb09
b255cf1a5e75565477a0d494f90363c4ec50ff371a465bb9e1128b8b1866d624
bb5d7b1b44b44ff7dd8d91b3137fe02562099c25ae1e101332272ba9f27bb43c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfe5f9662e96ac802c89dbb19d0ca75817071dd4afcebc5210ae33863c8e382e
c011a93e67016952d10ce42c4910af99a020b61d692660a3b60743396b744c4c
c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cb21925552398ef498f4c30d2535753082ff8435c73c279c79bb4543c22a6a24
cb39186bedc86e7769399a10dce963f6051937a433adb507be728f75348210fd
ce54fc66e0c96540ec003f661021f390e298d8ba478e47c8b1ebbe95702e4436
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d14624d8d002a9813759af6f956223a322ad3b2b49cc8192e4c435553950481c
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d5b5a339dea9a9c7d98f00c1779903d4d3539729b510b401e09837eebac0c0b6
d5f22e815007b49ea5513511970f1d697f899de2cc616833d17876ba2da44edc
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d8145d3a0675c740321159fd7321982ad30e84cbad4e2600d95ac27dbc89ee63
da0d2ca412783d5d8136c08f6f6d16575144d4528aef08eef73d045a5580e465
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e2e6aa91a5df55f46ef42d81383cf613b9cc620909873a9caf0a09dc766f16b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e480a877a3a00d6fa45547c1e677918d8c108784d5f127be2a42efb082d9b2ac
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e4dcaf48beeb5c6f668b02c8eb36edcbc1ce89568218316ca6ef94c441a85c6c
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f21b49d8625740a36d6600d727c88d06dd8536edcb6128aeacf107690919a893
f2492ffaee03911100316db89800ea85e9dab57634b3bcd59c4b41de886ffe3e
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5dad5b1f7f2e1bbe6f2098a92062ed9ed6e2fec2e769d3bc1216751928d6a78
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f726c685424213712c50d50324c4e20a9b2c4220a3d8b232b37f7eebe898971f
fb3fef37ad97267024a95328f862edc6447f0fef48d9959ad92e7d1777560320
fc95032ef5b26cccce283703d324ec9d1c288f4f9046defbb46b199b51cedc0b

daf.tf Open in urlscan Pro 151.106.100.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

95 %HTTPS

61 %IPv6

20 Domains

27 Subdomains

19 IPs

4 Countries

2039 kBTransfer

4262 kBSize

20 Cookies

55 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

daf.tf Open in urlscan Pro
151.106.100.65 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

95 %
HTTPS

61 %
IPv6

20
Domains

27
Subdomains

19
IPs

4
Countries

2039 kB
Transfer

4262 kB
Size

20
Cookies

131 HTTP transactions
9 data transactions