tv.ifindfast.com Open in urlscan Pro
31.172.80.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Submission: On July 04 via manual (July 4th 2022, 1:58:57 pm UTC) from IL — Scanned from DE

Summary HTTP 297 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 56 IPs in 9 countries across 44 domains to perform 297 HTTP transactions. The main IP is 31.172.80.234, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is tv.ifindfast.com.
TLS certificate: Issued by R3 on June 27th 2022. Valid for: 3 months.

This is the only time tv.ifindfast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	31.172.80.234 31.172.80.234	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	185.177.94.89 185.177.94.89	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2606:4700:303... 2606:4700:3030::6815:3e61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:159a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:906f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1 1	13.224.189.66 13.224.189.66	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:41d0:203... 2001:41d0:203:2511::3	16276 (OVH) (OVH)
1 71	144.217.67.42 144.217.67.42	16276 (OVH) (OVH)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:3361	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:303... 2606:4700:3038::6815:ea4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
5	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3034::ac43:cdf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 12	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4 8	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.194.245.245 18.194.245.245	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:cc22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
2	2606:4700:303... 2606:4700:3038::6815:eb02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	104.153.197.251 104.153.197.251	53334 (TUT-AS) (TUT-AS)
2 2	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2 3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
297	56

24 31.172.80.234 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

tv.ifindfast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.89 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-89.ah-server.com

branddnewcode1.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:3e61 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

daddylive.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:159a (United States)

ASN13335 (CLOUDFLARENET, US)

daddylive.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:906f (United States)

ASN13335 (CLOUDFLARENET, US)

uptimecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.66 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-66.fra2.r.cloudfront.net

excellernod.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:203:2511::3 (France) 1 redirects

ASN16276 (OVH, FR)

tm-offers.gamingadult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 144.217.67.42 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns536191.ip-144-217-67.net

landing.hentaiheroes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.xadsmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3361 (United States)

ASN13335 (CLOUDFLARENET, US)

rkc.primetubsub.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

thaudray.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea4c (United States)

ASN13335 (CLOUDFLARENET, US)

vcdnads.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

onvictinitor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cdf0 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.194.245.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-245-245.eu-central-1.compute.amazonaws.com

simplewebanalysis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cc22 (United States)

ASN13335 (CLOUDFLARENET, US)

player.licenses4.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

spellingreasoningexamine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

houbekuwucoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

mojk11m6kfcp.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

mojk11m6kfcp.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

mojk11m6kfcp.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb02 (United States)

ASN13335 (CLOUDFLARENET, US)

addresseepaper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Arnhem, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechonert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.153.197.251 (United States)

ASN53334 (TUT-AS, US)
PTR: 104-153-197-251.customer.totaluptime.net

xadsmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.227 (Ashburn, United States) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

assuranceapprobationblackbird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-ams4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	hentaiheroes.com 1 redirects landing.hentaiheroes.com — Cisco Umbrella Rank: 546647	4 MB
65	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
34	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 ad.doubleclick.net — Cisco Umbrella Rank: 189	250 KB
24	ifindfast.com tv.ifindfast.com	167 KB
16	google.com 8 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8 google.com — Cisco Umbrella Rank: 1	2 KB
15	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 532 scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 12470 scontent-frt3-1.xx.fbcdn.net — Cisco Umbrella Rank: 11756 scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 11858 scontent-ams4-1.xx.fbcdn.net — Cisco Umbrella Rank: 12483	773 KB
13	adsco.re c.adsco.re — Cisco Umbrella Rank: 18603 6.adsco.re — Cisco Umbrella Rank: 19168 4.adsco.re — Cisco Umbrella Rank: 20454 mojk11m6kfcp.l4.adsco.re mojk11m6kfcp.n4.adsco.re mojk11m6kfcp.s4.adsco.re adsco.re — Cisco Umbrella Rank: 16065	71 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	255 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	62 KB
5	toglooman.com toglooman.com — Cisco Umbrella Rank: 33964	134 KB
4	facebook.com 3 redirects web.facebook.com — Cisco Umbrella Rank: 240 www.facebook.com — Cisco Umbrella Rank: 96	34 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 ajax.googleapis.com — Cisco Umbrella Rank: 307	34 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	192 KB
3	simplewebanalysis.com simplewebanalysis.com — Cisco Umbrella Rank: 14772	692 B
3	thaudray.com thaudray.com — Cisco Umbrella Rank: 56976	27 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 ssl.google-analytics.com — Cisco Umbrella Rank: 390	37 KB
2	assuranceapprobationblackbird.com 2 redirects assuranceapprobationblackbird.com	726 B
2	addresseepaper.com addresseepaper.com — Cisco Umbrella Rank: 19014	29 KB
2	xadsmart.com www.xadsmart.com — Cisco Umbrella Rank: 186194 xadsmart.com — Cisco Umbrella Rank: 141120	10 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16196 s4.histats.com — Cisco Umbrella Rank: 13665	5 KB
2	uptimecdn.com uptimecdn.com — Cisco Umbrella Rank: 158551	60 KB
2	daddylive.eu daddylive.eu	27 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	84 KB
1	datatechonert.com datatechonert.com — Cisco Umbrella Rank: 46513	482 B
1	tchibo.de tagm.tchibo.de — Cisco Umbrella Rank: 46743	1 KB
1	houbekuwucoo.com houbekuwucoo.com
1	spellingreasoningexamine.com spellingreasoningexamine.com — Cisco Umbrella Rank: 630062	594 B
1	licenses4.me player.licenses4.me — Cisco Umbrella Rank: 536346
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 22998	18 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11393	543 B
1	onvictinitor.com onvictinitor.com — Cisco Umbrella Rank: 512676
1	dozubatan.com dozubatan.com — Cisco Umbrella Rank: 46748
1	ru.com vcdnads.ru.com — Cisco Umbrella Rank: 577524	26 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	30 KB
1	primetubsub.xyz rkc.primetubsub.xyz	29 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 52917	888 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	644 B
1	gamingadult.com 1 redirects tm-offers.gamingadult.com — Cisco Umbrella Rank: 189456	263 B
1	excellernod.xyz 1 redirects excellernod.xyz	518 B
1	daddylive.click 1 redirects daddylive.click	550 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
1	branddnewcode1.me branddnewcode1.me	19 KB
297	44

	Domain	Requested by
71	landing.hentaiheroes.com	1 redirects daddylive.eu landing.hentaiheroes.com
44	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com tv.ifindfast.com s0.2mdn.net pagead2.googlesyndication.com
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net tv.ifindfast.com
24	tv.ifindfast.com	tv.ifindfast.com
21	pagead2.googlesyndication.com	tv.ifindfast.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	www.google.com	6 redirects tv.ifindfast.com googleads.g.doubleclick.net daddylive.eu tpc.googlesyndication.com
10	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
8	ad.doubleclick.net	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	toglooman.com	thaudray.com toglooman.com
4	s0.2mdn.net	tpc.googlesyndication.com
3	www.facebook.com	2 redirects connect.facebook.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	landing.hentaiheroes.com googleads.g.doubleclick.net
3	4.adsco.re	daddylive.eu c.adsco.re
3	6.adsco.re	daddylive.eu c.adsco.re
3	simplewebanalysis.com	vcdnads.ru.com
3	c.adsco.re	www.xadsmart.com c.adsco.re
3	thaudray.com	daddylive.eu thaudray.com
2	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
2	fonts.gstatic.com	fonts.googleapis.com
2	google.com	2 redirects
2	assuranceapprobationblackbird.com	2 redirects
2	addresseepaper.com	vcdnads.ru.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	uptimecdn.com	daddylive.eu uptimecdn.com
2	daddylive.eu	tv.ifindfast.com daddylive.eu
2	connect.facebook.net	tv.ifindfast.com connect.facebook.net
2	maxcdn.bootstrapcdn.com	tv.ifindfast.com maxcdn.bootstrapcdn.com
1	scontent-ams4-1.xx.fbcdn.net	www.facebook.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	web.facebook.com	1 redirects
1	xadsmart.com	www.xadsmart.com
1	datatechonert.com	tzegilo.com
1	tagm.tchibo.de	tv.ifindfast.com
1	ajax.googleapis.com	landing.hentaiheroes.com
1	adsco.re	c.adsco.re
1	mojk11m6kfcp.s4.adsco.re	c.adsco.re
1	mojk11m6kfcp.n4.adsco.re	c.adsco.re
1	mojk11m6kfcp.l4.adsco.re	c.adsco.re
1	houbekuwucoo.com	thaudray.com
1	spellingreasoningexamine.com	vcdnads.ru.com
1	player.licenses4.me	rkc.primetubsub.xyz
1	www.google.de	tv.ifindfast.com
1	tzegilo.com	thaudray.com
1	my.rtmark.net	thaudray.com
1	onvictinitor.com	thaudray.com
1	dozubatan.com	thaudray.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vcdnads.ru.com	rkc.primetubsub.xyz
1	code.jquery.com	rkc.primetubsub.xyz
1	s4.histats.com	s10.histats.com
1	rkc.primetubsub.xyz	daddylive.eu
1	ssl.google-analytics.com	daddylive.eu
1	www.xadsmart.com	daddylive.eu
1	youradexchange.com	uptimecdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tm-offers.gamingadult.com	1 redirects
1	excellernod.xyz	1 redirects
1	s10.histats.com	daddylive.eu
1	daddylive.click	1 redirects
1	www.googletagmanager.com	tv.ifindfast.com
1	branddnewcode1.me	tv.ifindfast.com
297	66

This site contains links to these domains. Also see Links.

Domain
radio.ifindfast.com
yes.ifindfast.com
ifindfast.com
www.sport5.co.il
facebook.com
twitter.com
google.com
linkedin.com
forum.ifindfast.com
love.ifindfast.com
zoo.ifindfast.com
ifindfast

Subject Issuer	Validity	Valid
tv.ifindfast.com R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
branddnewcode1.me R3	`2022-07-03` - `2022-10-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-12` - `2022-07-11`	3 months	crt.sh
histats.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
landing.hentaiheroes.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
1376341044.rsc.cdn77.org R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
*.primetubsub.xyz E1	`2022-06-07` - `2022-09-05`	3 months	crt.sh
thaudray.com R3	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.vcdnads.ru.com E1	`2022-06-11` - `2022-09-09`	3 months	crt.sh
dozubatan.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
onvictinitor.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
toglooman.com R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
simplewebanalysis.com Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
*.licenses4.me E1	`2022-06-06` - `2022-09-04`	3 months	crt.sh
spellingreasoningexamine.com R3	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.l4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.addresseepaper.com E1	`2022-06-25` - `2022-09-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tagm.tchibo.de GeoTrust RSA CA 2018	`2021-10-22` - `2022-10-22`	a year	crt.sh
datatechonert.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
xadsmart.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh

This page contains 33 frames:

Primary Page: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Frame ID: 881487453FA05DAFD255F9A346462527
Requests: 51 HTTP requests in this frame

Frame: https://daddylive.eu/s2w/stream-144.php
Frame ID: 85D2E96417D891802C0CC2FD50F648A4
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 3F567BE6B3D701F7F4600528E7E984DD
Requests: 1 HTTP requests in this frame

Frame: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Frame ID: 59025572E0A9232537BCBFC53B1DCC38
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1656943130&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130648&bpp=10&bdt=334&idt=282&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=8634457666946&frm=20&pv=2&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=epXwJnySIx&p=https%3A//tv.ifindfast.com&dtd=305
Frame ID: C2D736FD85886364DABC92DB8CFE21D3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130658&bpp=7&bdt=344&idt=349&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IsZWhwCfwS&p=https%3A//tv.ifindfast.com&dtd=358
Frame ID: 152E9095820EC63310AD20C649AE8E2B
Requests: 1 HTTP requests in this frame

Frame: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Frame ID: 232D0969B6E013A40106488218EA985F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130665&bpp=1&bdt=351&idt=483&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CEBaibUv1X&p=https%3A//tv.ifindfast.com&dtd=524
Frame ID: 84F0FC238C7DAFB877CD6BAE51D7F705
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539
Frame ID: 527E66156954B9200EB1D45F7369C3F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&adk=1812271804&adf=3025194257&lmt=1656943131&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130822&bpp=5&bdt=508&idt=390&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db90ead022f70ab57-22c667a4c4cd00df%3AT%3D1656943131%3ART%3D1656943131%3AS%3DALNI_MbieIie37oX_Q2ybz0yljctPDrZ6A&prev_fmts=720x90%2C825x280%2C255x600%2C255x600&nras=1&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=396
Frame ID: 963736B53500EC7D6E992A9FD7233BFB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html
Frame ID: 2BA63C6EFB822E6673AEE1922D70D832
Requests: 6 HTTP requests in this frame

Frame: https://player.licenses4.me/player.php?id=premium144&test=true
Frame ID: 106BB361DE43C0BDC36A9994748A8FA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ABC5F27ABAA73C5E60D491C0047909F7
Requests: 2 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 98968F7825F6B4C806804FF09942B4D0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html
Frame ID: 7BB3808BC8C9AA1655C292215CA04181
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CNbunZay3_gCFUPBuwgdWxMP4Q;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 8FDBCE91FA82D3B7D9217F1D8DA35D47
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html
Frame ID: B109E73B3990186524808B823F073CDC
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIy9oZay3_gCFUmudwodhzcBBg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: ED05E89827CCFB70F64096D4A175AF71
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6EEC7A38A65CF71E010A21D4B25BC1F1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html
Frame ID: 3A9E7736B4EDE786E7E13F72D8D7724B
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CMX7qJay3_gCFXb_uwgdxXcC3A;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 20AE93B0E43840556E872CDD3D12BFDE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D32CD1E729122667A7B6DB4DF700EA4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77450C9F690565D16F7E6C40F64772C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5ED6DEB3DE05C567D78DB6EF57CF33F0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: BBB7B2425426FB399FF73E93B968D493
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 062AC1363F5F4D6E84DBC68D3AE3ECF1
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500%7CHeebo%3A400
Frame ID: 33562D2A6D04CFBE4E02C1CB7745CF09
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8CBB2335C7843E0CAA6E6B28997FFF1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Frame ID: 4E7493D5D7C38D71381EE302050CE208
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Frame ID: A686B55ECB2F9CA2EAD975F810D3C1DC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
Frame ID: 21E7834D52140B06680DC240FFC084DA
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FEAC2DBA1098B660F584DBD2FE838C48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7949716DB2276D6D0B64E288393FA99F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ערוץ ספורט 5 לצפייה ישירה

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

297
Requests

96 %
HTTPS

62 %
IPv6

44
Domains

66
Subdomains

56
IPs

9
Countries

7854 kB
Transfer

15344 kB
Size

25
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://radio.ifindfast.com/
Title: רדיו

Search URL Search Domain Scan URL

URL: https://yes.ifindfast.com/
Title: חדשות

Search URL Search Domain Scan URL

URL: https://ifindfast.com/
Title: פורטל אתרים

Search URL Search Domain Scan URL

URL: https://www.sport5.co.il/
Title: לאתר הרשמי של ערוץ הספורט

Search URL Search Domain Scan URL

URL: http://facebook.com/ifindfast1

Search URL Search Domain Scan URL

URL: http://twitter.com/

Search URL Search Domain Scan URL

URL: http://google.com/

Search URL Search Domain Scan URL

URL: http://linkedin.com/

Search URL Search Domain Scan URL

URL: https://radio.ifindfast.com/
Title: רדיו להאזנה ישירה

Search URL Search Domain Scan URL

URL: https://forum.ifindfast.com/
Title: פורום שאלות ותשובות

Search URL Search Domain Scan URL

URL: https://love.ifindfast.com/
Title: אתרי הכרויות

Search URL Search Domain Scan URL

URL: https://zoo.ifindfast.com/
Title: ערוץ החיות

Search URL Search Domain Scan URL

URL: https://ifindfast/
Title: ifindfast.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://daddylive.click/s2w/stream-144.php HTTP 301
https://daddylive.eu/s2w/stream-144.php

Request Chain 37

https://excellernod.xyz/redirect?tid=953898 HTTP 302
https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5523965364780567813&subid2=953898 HTTP 302
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=

Request Chain 67

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIWNi5ay3_gCFf3KuwgdIOQDQg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 94

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CNbunZay3_gCFUPBuwgdWxMP4Q;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 103

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIy9oZay3_gCFUmudwodhzcBBg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 119

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CMX7qJay3_gCFXb_uwgdxXcC3A;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 239

https://assuranceapprobationblackbird.com/pxf.gif?uuid=ef5db9a4-ed7c-4d07-8734-dc23a79d6215&eb=9b47e89dfc65ad002c6d58a8b4df3d9d&te=6d283cd4b3a0ba79ea26d1afdf15d561&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&dev=r&res=12.31&b_frame=1&pk=8f0cd2e68e97bc49d78b7e937003b6a1&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=13 HTTP 301
https://google.com/ HTTP 301
https://www.google.com/

Request Chain 255

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 256

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 257

http://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg HTTP 302
https://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg

Request Chain 271

https://web.facebook.com/v2.8/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width= HTTP 302
https://www.facebook.com/v2.8/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width&_rdc=1&_rdr HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width

Request Chain 301

https://assuranceapprobationblackbird.com/pxf.gif?uuid=ef5db9a4-ed7c-4d07-8734-dc23a79d6215&eb=9b47e89dfc65ad002c6d58a8b4df3d9d&te=6d283cd4b3a0ba79ea26d1afdf15d561&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&dev=r&res=12.31&b_frame=1&pk=8f0cd2e68e97bc49d78b7e937003b6a1&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=13 HTTP 301
https://google.com/ HTTP 301
https://www.google.com/

297 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5 Show response
tv.ifindfast.com/tv/ 28 KB
6 KB 88ms
39ms Document
text/html 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: b22b9bdb648ebc267d6aafbf35829ee45a812397de97a6f0c77c914d775f5023

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate
content-encoding: gzip
content-length: 5885
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:50 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 gy3dknzugy5ha3ddf44donq Show response
branddnewcode1.me/code/ 19 KB
19 KB 67ms
17ms Script
application/javascript 185.177.94.89
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://branddnewcode1.me/code/gy3dknzugy5ha3ddf44donq

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.89 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-89.ah-server.com

Software

nginx /

Resource Hash

f90e73f11dd3a33e7b1505cf6094bea93aee39bebcaae59cf4b288f1c1531945

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 13:58:50 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 bootstrap.min.css
tv.ifindfast.com/assets/css/ 118 KB
19 KB 14ms
10ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/bootstrap.min.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: aa00fbe7d08b8497e093308576b833d82b6453fccc243af014023414ee167746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 18:54:09 GMT
server: nginx
etag: W/"60e35551-1d97a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 40ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 10883935
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 725860c4a939912b-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 owl.carousel.min.css
tv.ifindfast.com/assets/css/ 3 KB
1 KB 22ms
18ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/owl.carousel.min.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: f4f09dea12f5d1524e13a0a00e7f22c8f2d7cb19bf705e7ba4e98ae4c1efc54d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-bcc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genius1.css
tv.ifindfast.com/assets/css/ 20 KB
4 KB 23ms
19ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/genius1.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3faf97587e8696e87cee4109534f3ca4f34fc6d6dbff733df4ce12eb11da5e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 18:53:54 GMT
server: nginx
etag: W/"60e35542-5196"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genius-slider.css
tv.ifindfast.com/assets/css/ 8 KB
2 KB 25ms
22ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/genius-slider.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8d182d0d0d81123c896f23afc91e0c3af0866b6032565211de9e3dbe18761ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-1f19"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genius-gallery.css
tv.ifindfast.com/assets/css/ 3 KB
1022 B 25ms
23ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/genius-gallery.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 28eb4f183218e11c46c6ce032c76881efe4c20e36a1bbd3b567211d5a8bdedd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-abb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lightbox.css
tv.ifindfast.com/assets/css/ 4 KB
1 KB 25ms
23ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/lightbox.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: b23fc3e24a4f8ca9e480761f1bdde949020ef4d1beaa18f475b0613dcce6329e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-f33"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.min.css
tv.ifindfast.com/assets/css/ 52 KB
4 KB 25ms
24ms Stylesheet
text/css 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/css/animate.min.css
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 26968435703f42f548195e31049e1f621c267346a0295be2bafa457b5904ace9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-ce3f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo350.png
tv.ifindfast.com/assets/images/logo/ 32 KB
32 KB 24ms
22ms Image
image/png 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tv.ifindfast.com/assets/images/logo/logo350.png
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: a61d99915f5d27e8161ff2640c89b47f9e7cb368443783a4636b62b91741548f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: "6097cd7a-811e"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33054
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
56 KB 86ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8aa6e55196f83b24a1d0bf5bba339d7a2de44ddbbb737646ac8c7c0b3d1b3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56334
x-xss-protection: 0
server: cafe
etag: 17034376384175844616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 13:58:50 GMT

GET
H2 200 tvwhite.png
tv.ifindfast.com/assets/img/ 2 KB
3 KB 24ms
23ms Image
image/png 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tv.ifindfast.com/assets/img/tvwhite.png
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4a6dbbc267f2ddec9271d72eb89d7c4f6e88288dd54cba58a46e0ace58f68deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
last-modified: Mon, 19 Jul 2021 05:02:08 GMT
server: nginx
etag: "60f50750-979"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2425
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
tv.ifindfast.com/assets/js/ 94 KB
33 KB 15ms
12ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/jquery.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-17629"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
tv.ifindfast.com/assets/js/ 42 KB
11 KB 21ms
17ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/owl.carousel.min.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 99a253a69ffb1139d83f5d5ad502120a67b1ed68082d0c9f86bc5a0d29747d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-a728"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wow.min.js Show response
tv.ifindfast.com/assets/js/ 8 KB
3 KB 21ms
18ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/wow.min.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-1ff6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.smooth-scroll.js Show response
tv.ifindfast.com/assets/js/ 9 KB
3 KB 22ms
18ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/jquery.smooth-scroll.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 38beba8deebd2a8d990f795130b970c669c5024b25c4773efbe8431aaae91ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-24a3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
tv.ifindfast.com/assets/js/ 36 KB
10 KB 22ms
19ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/bootstrap.min.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-90b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mixitup.min.js Show response
tv.ifindfast.com/assets/js/ 27 KB
8 KB 23ms
20ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/jquery.mixitup.min.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: f81cf47223d61d871657ae1e73ab17bc49a8805db8196e44f54d39d203279785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-6ddf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lightbox.min.js Show response
tv.ifindfast.com/assets/js/ 9 KB
3 KB 23ms
20ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/lightbox.min.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 051a58a8adcdd3760185cc295626f5aba285002c1ccee541c29d3ec93032384c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 10:56:04 GMT
server: nginx
etag: W/"612e0ac4-24a7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.js Show response
tv.ifindfast.com/assets/js/ 21 KB
5 KB 24ms
21ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/plugins.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 874c4bdc201a59e602432811b04905b94224486a4b082cc608f6f6a820a0bd4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-54ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genius.js Show response
tv.ifindfast.com/assets/js/ 1 KB
679 B 24ms
22ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/genius.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 58baa65a42c26461673d916f55edbb801de83e2d10f02f13e8ca2ef098aa2a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-4f1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genius-slider.js Show response
tv.ifindfast.com/assets/js/ 13 KB
4 KB 24ms
22ms Script
application/javascript 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.ifindfast.com/assets/js/genius-slider.js
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: a16f2892563f5fd497af832e8b27876bc93e5be9d435abd410bba28cde376132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: W/"6097cd7a-3230"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 58ms
23ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-65085328-1

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8e5d979726676c0f15ca0a3c451b6b04cc082b4b8c1bda842cbb0a461894223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40371
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 13:58:50 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 54ms
21ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29626e5f99ebf4d20633eeab94a6a689636e06e9cc4a2260e84443627955d4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DTIlndjQE37pzfobb5TmbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: JuekrxzpCuYKxNcNWmxBi37JlYeXKUWN2OPJ8Zo79Bhi0CRM0LcHj69lJ+R7RjUy+qEkm7+CAWhvvACqggUdSg==
x-fb-trip-id: 917726464
x-fb-content-md5: bffa308d24ecffa81a4c52ae42993d35
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 13:58:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d3098f808fdb94fd51cd839532a5f334"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Jul 2022 14:03:27 GMT

GET
H2

200

stream-144.php Show response
daddylive.eu/s2w/ Frame 85D2
Redirect Chain

https://daddylive.click/s2w/stream-144.php
https://daddylive.eu/s2w/stream-144.php

76 KB
26 KB

133ms
97ms

Document
text/html

2606:4700:3031::6815:159a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://daddylive.eu/s2w/stream-144.php

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:159a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b482977d6a217a7d33311cbd7178e4bf64a43b0e9201c66b916ee4344ff8933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 725860c59ffc9b1b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
greydedi: STALE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NTckaSaj1d9jjqmfCg5AlRti%2BTdl9SHYyZOSHu6d6wfRfscL8U1fBRIW9hN1TWR1g799uAer21h6Ky6HNP5Kf%2BguLW8twem8x8jQY9MzDzfjzo9KcgPQn3E2JTgrppyoj2swrDddCXe0V8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 725860c539ffbb38-FRA
date: Mon, 04 Jul 2022 13:58:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 04 Jul 2022 14:58:50 GMT
location: https://daddylive.eu/s2w/stream-144.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bt%2FE3jeUIBCXlVKKsCe47oqBCMPBRYUgkx4Yb9Znm025x6JCijPc3JynDAqR6KuAb8nP9ba5baMZgb6uphqUIoeBcQMtnazXe%2BwgE45sx6Bu1TWuKF3vGexa9eAsz1%2BTJs61EOxy8o0uUxaGDu4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 69ms
34ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://tv.ifindfast.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-cachedat: 04/09/2022 08:19:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c57f8ab80213d726f224b3fca97281f4
accept-ranges: bytes
cf-ray: 725860c52ec02325-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
86 KB 27ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=08c8aac415e0c320d0b1cd6573da223c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67836110ff3f431af5501d7fc628b5d64a9867b0abb5cd15a75d4db505aab7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tv.ifindfast.com/
Origin: https://tv.ifindfast.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: w0N6pVezgH8AjAQFOr+j1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87521
x-fb-rlafr: 0
x-fb-debug: Q77NXyKjMSVZAulCfy8BLz3lU7EErb1NDHlNfE9THWO8W6kIVHQWFchdlYJuuJyqRoWmTg0h0v+IDSXEEMXVIw==
x-fb-content-md5: 3bb635761a6f9001fc89a36d20b9b2fa
x-frame-options: DENY
date: Mon, 04 Jul 2022 13:58:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a9d4ad0ccdcd0bacc56c3d80004209be"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Jul 2023 12:12:44 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 339 KB
119 KB 51ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff8d031e894322b1708346eea1b94a8df8f0f0a3adbe2b4cbe490e37f3d4dc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122217
x-xss-protection: 0
server: cafe
etag: 2873140954086901074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 13:58:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 3F56 10 KB
5 KB 38ms
10ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 16:02:30 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 16:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prev.png
tv.ifindfast.com/assets/images/ 1 KB
2 KB 7ms
7ms Image
image/png 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tv.ifindfast.com/assets/images/prev.png
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: "6097cd7a-550"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1360
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 next.png
tv.ifindfast.com/assets/images/ 1 KB
1 KB 7ms
7ms Image
image/png 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tv.ifindfast.com/assets/images/next.png
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: "6097cd7a-546"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1350
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
tv.ifindfast.com/assets/images/ 8 KB
8 KB 7ms
7ms Image
image/gif 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tv.ifindfast.com/assets/images/loading.gif
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: "6097cd7a-211c"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8476
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close.png
tv.ifindfast.com/assets/images/ 280 B
455 B 7ms
7ms Image
image/png 31.172.80.234
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tv.ifindfast.com/assets/images/close.png
Requested by: Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:50 GMT
last-modified: Sun, 09 May 2021 11:54:34 GMT
server: nginx
etag: "6097cd7a-118"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 280
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 yzfdmoan.js Show response
uptimecdn.com/script/ Frame 85D2 98 KB
35 KB 71ms
22ms Script
application/javascript 2606:4700:3032::ac43:906f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uptimecdn.com/script/yzfdmoan.js
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:906f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e74c085ab5474861b63592f5e6155cad2d123d75fc74fc7ff8d520d49ebe1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=YRUxNg==, md5=NBfEtEYxXvZ+6fKP6ZM0YQ==
date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3345
x-guploader-uploadid: ADPycduwQw0BUb2fLXGjmKaHyzPlgECBxqopbIF86r52zIE-8axoWvI1IRdRHhUfjGXrCFTZJaQQ5c0Pd7FaCwXzKYI0_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Jun 2022 06:48:06 GMT
server: cloudflare
etag: W/"3417c4b446315ef67ee9f28fe9933461"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEecxE5QgpuU1kwmZzG2A7Xw2AEcUT52pD0okNHByNG%2BUEcZ86c8slyYI1IxW0nYX0cboL027rP81ScVjHGYFb%2Bfs9o81Qm1uivrsuHJmoyGfqj48ZD0IdG9B0B3pdkH1UO3cFe3RWrGUe8o"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1655966886099417
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 100787
cf-ray: 725860c80d9f92c9-FRA
expires: Mon, 04 Jul 2022 13:30:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
12ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65085328-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3762
date: Mon, 04 Jul 2022 12:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 14:56:08 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 85D2 11 KB
4 KB 52ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:09 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 274891137

GET
H/1.1

200
OK

/ Show response
landing.hentaiheroes.com/en/lp07sfw-aff/ Frame 5902
Redirect Chain

https://excellernod.xyz/redirect?tid=953898
https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5523965364780567813&subid2=953898
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=

54 KB
9 KB

697ms
389ms

Document
text/html

144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 3e8ce2e8d7020bc64018f090913f948b3f12f5f1877d4215d759c550043901c8

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 8978
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Jul 2022 13:58:51 GMT
Link: <https://landing.hentaiheroes.com/wp-json/>; rel="https://api.w.org/", <https://landing.hentaiheroes.com/wp-json/wp/v2/pages/59359>; rel="alternate"; type="application/json", <https://landing.hentaiheroes.com/en/?p=59359>; rel=shortlink
Server: Apache
Vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:51 GMT
location: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
server: nginx

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
644 B 73ms
16ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tv.ifindfast.com&callback=_gfp_s_&client=ca-pub-6979376228164642

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

55768d95f576cfd4534b202e78ec8e455fc0ce0a550aa16c974491d0f8f79940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tv.ifindfast.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 49ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tv.ifindfast.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2D7 110 KB
40 KB 283ms
267ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1656943130&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130648&bpp=10&bdt=334&idt=282&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=8634457666946&frm=20&pv=2&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=epXwJnySIx&p=https%3A//tv.ifindfast.com&dtd=305

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

264f8589037fec6ff581b45d83154d1fa82a06d11fbb23d16fa86e91d88efd53

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjb8ZWy3_gCFfuFgwcdqKQDhA&gqi=GvLCYs6XPOjZx_APtcmkgAU&layout=/sadbundle/%24csp%253Der3%24/1478539660752196220/728x90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41030
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjb8ZWy3_gCFfuFgwcdqKQDhA&gqi=GvLCYs6XPOjZx_APtcmkgAU&layout=/sadbundle/%24csp%253Der3%24/1478539660752196220/728x90.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:58:51 GMT
expires: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ut.js Show response
uptimecdn.com/script/ Frame 85D2 67 KB
25 KB 47ms
33ms Script
application/javascript 2606:4700:3032::ac43:906f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uptimecdn.com/script/ut.js?cb=1656943130996
Requested by: Host: uptimecdn.com
URL: https://uptimecdn.com/script/yzfdmoan.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:906f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d40d38a967a5b28fb5694bc58d6137b6a05755c8e278474cb65538cb15d7f966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=tcebUA==, md5=g9d5kmsRdHR+zLVJo+9B6g==
date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdusyZ5wq9Mq2s3OX2RoJrRpN4OJakDE7zxugE3OOIpxw50bIcTGwjREHGxbqu198up31EStIcmjg8SELoeE4QLv65kjuVJz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 13:17:23 GMT
server: cloudflare
etag: W/"83d779926b1174747eccb549a3ef41ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRPzufpZYwk%2FhqSNCyzMHocDC8TUlO9feF5%2F1IAS3br2Ljryi%2BtE0efbpaNvyw60yC%2BpM2WQIT%2BrUQlVCtBfVQlsy4SRTQvQaWlgW7n2ziPhAgoP5gkdHoHwSxkIg0DNHpQRz1mX1z%2B3L59o"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654780643008405
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 68769
cf-ray: 725860c8dd9b90dc-FRA
expires: Mon, 04 Jul 2022 14:04:41 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 152E 130 KB
42 KB 452ms
451ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130658&bpp=7&bdt=344&idt=349&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IsZWhwCfwS&p=https%3A//tv.ifindfast.com&dtd=358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85cdd52754359df68e8c0ba61584d79b387b34f6ee223303f96b71e7a1d888a1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOk9ZWy3_gCFYG47Qod9UsOOg&gqi=G_LCYpLrAdDQgAfgibzgDQ&layout=/sadbundle/%24csp%253Der3%24/16867007545678231204/970x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42682
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOk9ZWy3_gCFYG47Qod9UsOOg&gqi=G_LCYpLrAdDQgAfgibzgDQ&layout=/sadbundle/%24csp%253Der3%24/16867007545678231204/970x250.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:58:51 GMT
expires: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=258124991&t=pageview&_s=1&dl=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&ul=en-us&de=UTF-8&dt=%D7%A2%D7%A8%D7%95%D7%A5%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%205%20%D7%9C%D7%A6%D7%A4%D7%99%D7%99%D7%94%20%D7%99%D7%A9%D7%99%D7%A8%D7%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1699279696&gjid=1539959135&cid=647370816.1656943131&tid=UA-65085328-1&_gid=427241033.1656943131&_r=1&gtm=2ou6t0&z=407061503

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.ifindfast.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tv.ifindfast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame 85D2 908 B
888 B 235ms
203ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5815570&cbur=0.05766585773447308&cbiframe=1&cbWidth=825&cbHeight=494&cbtitle=&cbpage=https%3A%2F%2Ftv.ifindfast.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com&aggr=0&chmob=?0
Requested by: Host: uptimecdn.com
URL: https://uptimecdn.com/script/yzfdmoan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: d790296508e80df5d7aef531e2dec0a85f52eedd59c5d351d8335b177a50e737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json; charset=utf-8

GET
H2 200 zuck.min.js Show response
www.xadsmart.com/ Frame 85D2 31 KB
10 KB 68ms
14ms Script
application/x-javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xadsmart.com/zuck.min.js
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5b1f1ec7641e3ee6d7dbb3f0fc3f1b33be11e6480a05810cb0e5afdea21be49c

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
Origin: https://daddylive.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 59199
alt-svc: quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
x-77-nzt: Abk73BDt0Tr/P+cAAA
x-accel-expires: @1657488732
server: CDN77-Turbo
x-77-nzt-ray: jC8Mo3DNP2k
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Sun, 10 Jul 2022 21:32:12 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 85D2 45 KB
17 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 467
date: Mon, 04 Jul 2022 13:51:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 04 Jul 2022 15:51:04 GMT

GET
H2 200 daddylive.php Show response
rkc.primetubsub.xyz/premiumtv/ Frame 232D 78 KB
29 KB 67ms
26ms Document
text/html 2606:4700:3031::6815:3361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aafd90762cf0baccd5affc19ea69914ca3ad8d208f1c6a6e64830e4b4ab9ee2b

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 968548
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 725860c98ea0901c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Jun 2022 17:01:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0B35%2FU5PY2Bv1br%2BczazQj9LgtvuuMOfqcaCdPe6LREwf5QDXxHeZzy8cxLj21lm8K5PSdcSrHca%2FXrhFi4xW9OeT6lPB5h7yoex6pROXpTD19KDOyGJOiDH%2FntVq6xAzNFnEzZYHAo3aKyNrJcSA65"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

HEAD
H3 200 stream-144.php Show response
daddylive.eu/s2w/ Frame 85D2 0
607 B 97ms
72ms XHR
text/html 2606:4700:3031::6815:159a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://daddylive.eu/s2w/stream-144.php

Requested by

Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:159a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXnThRSTFdbUW57%2BZ7eZdR46nJuq3tyk9JH4JoniO2swmHQf3wbOvoaIbClsIZ5xDrdCHx4cCaVunfJqhdPqkbFJxddfj2%2F9cIZXAibsjAPmx1V3STFnLfIxSHuktdcqDQweQ7aY7sOC3xU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
greydedi: HIT
x-turbo-charged-by: LiteSpeed
cf-ray: 725860c9ed4bbb13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options: nosniff

GET
H2 200 / Show response
thaudray.com/5/4284414/ Frame 85D2 3 KB
2 KB 66ms
26ms XHR
application/json 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thaudray.com/5/4284414/?oo=1&aab=1
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d4d360a7f3a5de290090bd365ba8417a5c80f37789fb9c59bc3934c709d23a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 34ea471f148142888f855a09a19c7f3b
pragma: no-cache, no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://daddylive.eu
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
thaudray.com/ Frame 85D2 70 KB
23 KB 64ms
25ms Script
text/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thaudray.com/tag.min.js

Requested by

Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 22842
x-trace-id: 88e7d4eb3763f60af881f50fc9aae792
pragma: no-cache
last-modified: Tue, 28 Jun 2022 12:09:51 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84F0 130 KB
42 KB 312ms
312ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130665&bpp=1&bdt=351&idt=483&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CEBaibUv1X&p=https%3A//tv.ifindfast.com&dtd=524

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1807ba2df66eb3c363042d9ff69dbe7b441533c1b27239dd4972fe21eb326e5b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLau_5Wy3_gCFVP57QodmMIBNg&gqi=G_LCYpeqDM-c-gbj45HoDQ&layout=/sadbundle/%24csp%253Der3%24/13460444742631179628/300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42763
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLau_5Wy3_gCFVP57QodmMIBNg&gqi=G_LCYpeqDM-c-gbj45HoDQ&layout=/sadbundle/%24csp%253Der3%24/13460444742631179628/300x600.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:58:51 GMT
expires: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 85D2 53 B
187 B 295ms
94ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2162676&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Ftv.ifindfast.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:127273269&@b3:1656943131&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddylive.eu%2Fs2w%2Fstream-144.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: d863e5cbdb8ca9be0b1942adf1b5cafa458e401554f5f318f87b55b74eb9860d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 527E 142 KB
46 KB 352ms
351ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

122544c09e45fad987f50b4471fcc2d2f0e16681fb2c1310e7de095cde38c3f6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIzkgJay3_gCFRLF7QodACoHPg&gqi=G_LCYpSoDbzUx_AP24iH0AY&layout=/sadbundle/%24csp%253Der3%24/13460444742631179628/300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46673
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIzkgJay3_gCFRLF7QodACoHPg&gqi=G_LCYpSoDbzUx_AP24iH0AY&layout=/sadbundle/%24csp%253Der3%24/13460444742631179628/300x600.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:58:51 GMT
expires: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ Frame 232D 87 KB
30 KB 30ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1656943131.dop232.fr8.t,1656943131.cds055.fr8.hn,1656943131.cds280.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 include2.js Show response
vcdnads.ru.com/ Frame 232D 68 KB
26 KB 93ms
40ms Script
application/javascript 2606:4700:3038::6815:ea4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcdnads.ru.com/include2.js
Requested by: Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de8c5734d7a3ac147bb7ac2a8b8b4f058b8504af439d6f5ed67c132cf8f847a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87693
max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Sun, 03 Jul 2022 13:36:31 GMT
server: cloudflare
etag: W/"62c19b5f-10f97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLqT66du02%2B8DxSRgdXzdXADybF7s5VbsgoVN8OZ2c9LbYsftA4aQZWmMcipB3Wan8%2BtzEtGpHu7Y8fpvO3TJql5y8HbvtzJw4uwv3dR2tOh38fe8b%2F2tWjT%2FWhb8lx1fNGt1fq9ROzdLxoPNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 725860ca7c76ba86-MXP

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65085328-1&cid=647370816.1656943131&jid=1699279696&gjid=1539959135&_gid=427241033.1656943131&_u=YAhAAUAAAAAAAC~&z=815324700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.ifindfast.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Jul 2022 13:58:51 GMT
content-type: text/plain
access-control-allow-origin: https://tv.ifindfast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9637 243 KB
64 KB 470ms
470ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&adk=1812271804&adf=3025194257&lmt=1656943131&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130822&bpp=5&bdt=508&idt=390&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db90ead022f70ab57-22c667a4c4cd00df%3AT%3D1656943131%3ART%3D1656943131%3AS%3DALNI_MbieIie37oX_Q2ybz0yljctPDrZ6A&prev_fmts=720x90%2C825x280%2C255x600%2C255x600&nras=1&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=396

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5659449734950307b29747dbfbf5e6321dfb97281f6866289e2096d93618b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65841
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:58:51 GMT
expires: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 4938067
dozubatan.com/400/ Frame 85D2 0
0 54ms
14ms Script
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dozubatan.com/400/4938067
Requested by: Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 19fff5cb16227293cfea6e2935d0bd06
pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
server: nginx
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 apu.php
onvictinitor.com/ Frame 85D2 0
0 60ms
13ms Script
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://onvictinitor.com/apu.php?zoneid=4938033
Requested by: Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 6bf8356b4c49b6459211dd09fcef7961
pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 968
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
toglooman.com/ Frame 85D2 8 KB
4 KB 59ms
21ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=5150086
Requested by: Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e06c9663c81219e7e5f06ca2514f972f6bf5d22d92a75ff1ff45ffdeec639dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 211de9245822fcc744141cbcc6afb991
pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-sc: ZUofAPc4hLunnNS9RRo4gXn_2pH5OIywTeG4kIVb2coMiMY05qplnwM6xPtKtN9hAkrNwl4mzoh1ZzKdx2c0YvoS-B8=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 85D2 65 B
543 B 51ms
14ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=ec0654dd85c74f61a42794816df9f9e5

Requested by

Host: thaudray.com
URL: https://thaudray.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c5508da9f608322f51f362bf602b103b157c1da12556b7a35b0fd3ae87ada308

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://daddylive.eu
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 stattag.js Show response
tzegilo.com/ Frame 85D2 49 KB
18 KB 49ms
19ms Script
application/javascript 2606:4700:3034::ac43:cdf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cdf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 09:20:35 GMT
server: cloudflare
etag: W/"62a1bb63-c24f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdZ5MOWfQqtEgQ5ljOXFtDbRtaFHVFKO0bfAgWBAsYb9LFrIlArKlquCHxi33vbfOYqgFRqm6eQPhtwCKmXtSW0nv7yEI1CAubPZ50oLrO8gaevzUJbXx5HcX0ERhTqgLm0wiWEJjSYs9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 725860ca985a923b-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65085328-1&cid=647370816.1656943131&jid=1699279696&_u=YAhAAUAAAAAAAC~&z=1393066096

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65085328-1&cid=647370816.1656943131&jid=1699279696&_u=YAhAAUAAAAAAAC~&z=1393066096

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/ Frame 2BA6 2 KB
3 KB 41ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1656943130&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130648&bpp=10&bdt=334&idt=282&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=8634457666946&frm=20&pv=2&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=epXwJnySIx&p=https%3A//tv.ifindfast.com&dtd=305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbea7cfab9600d8e9877854a463e938dfb144d453f95ab0fac06b19c424983b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 442543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1164
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 11:03:08 GMT
expires: Thu, 29 Jun 2023 11:03:08 GMT
last-modified: Wed, 22 Jun 2022 14:40:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B28020780.338825479;dc_pre=CIWNi5ay3_gCFf3KuwgdIOQDQg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame C2D7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIWNi5ay3_gCFf3KuwgdIOQDQg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag...

42 B
63 B

48ms
30ms

Fetch
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIWNi5ay3_gCFf3KuwgdIOQDQg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIWNi5ay3_gCFf3KuwgdIOQDQg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3064140262;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C2D7 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd3_dGvLCYojmPPuLjuwPqMmOoAi9wcznasnjgvSgEMyi28DlHhABIKzxiSdgleKQgqAHoAH0uL_FA8gBCagDAcgDSKoElAJP0NweX6ICepObYUhlvZbHYMEfgpzUSVSBAvYQc6bvTAMMFiutZygBKTJlwa1Xz76EcWrbA13drO-9wPiPyLdXCECqOmXkPGrvhRwGh7IXGIzGfHkVXbSxCNUtkp1JubHyVWFwE_bA9VT_ytKQ-hmqJ1nJLMA3fiVyA0no2fTtR4bk0Cd1HaR5OKzoYHhzR7zv4efpj2RYDYhTzk-FRLhogwzuLZ3HI6ahdd8bgKl5Aft5QVTFdt79MV-tgU7ZFm-puTOYWph3zTcURo35gSeda4nM3Et-TXmmcCWFMWVwSEOx2FMCpMnmBbqVUw5apC0yxFX-K-Ca4b1x8WqDHQ1lawl0DMl2Wup2NPF3IcP9lY6EGPrABLye_ZCCBJIFBAgEGAGSBQQIBRgEoAYugAfsoaimAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPyrCtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=snYeOld_DxE&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1656943130&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130648&bpp=10&bdt=334&idt=282&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=8634457666946&frm=20&pv=2&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=epXwJnySIx&p=https%3A//tv.ifindfast.com&dtd=305
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Jul 2022 13:58:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame C2D7 21 KB
9 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:07:58 GMT

GET
H2 200 / Show response
c.adsco.re/ Frame 85D2 61 KB
22 KB 55ms
23ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.xadsmart.com
URL: https://www.xadsmart.com/zuck.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 690685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 725860cb2b30bb8f-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 04 Aug 2022 13:58:51 GMT

GET
H2 200 / Show response
thaudray.com/ Frame 85D2 2 KB
2 KB 15ms
15ms Fetch
application/json 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thaudray.com/?rb=M1PTSI5Li-l_tvauLNG11ZkFKC1XHR4iqd9aZrQ_ps6wjDXeVVqGVuq-eIcB-cczT0QSkW5QHSCXpdq6pnPGHogyQcJUmSZNeank_4DxT1y6PHQr6KGVb2rCJFS3N0kOqEFrOAPIE0DleBkfrmkxEu7tUg7jgLEmxfaPSr-FS-Je2lNpxhSwguuo2XVT46_cOzXmFvmwct9CCuT2JTQ564O2D-4jJujr_G75Ck4lr4c4zFhLfgqgA-LMzJgjNBIA2yFQ5Sev3TtQpUoomJIpgZD3FD9y4qShskq5IeS8To64Yo6GQi3Kpg%3D%3D&request_ab2=82003&zoneid=4284414&js_build=iclick-v1.401.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=825&wiw=825&wih=494&wfc=7&pl=https%3A%2F%2Fdaddylive.eu%2Fs2w%2Fstream-144.php&drf=https%3A%2F%2Ftv.ifindfast.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.401.0&bs=609011b6-b570-4910-9415-60288950964e&userId=ec0654dd85c74f61a42794816df9f9e5&m=link

Requested by

Host: thaudray.com
URL: https://thaudray.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1258003d80f59713ae6ea157f86f77f8cf36664130dc706f4b455689410fe73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: e09d5e887b983be18803fdc9fc9ece63
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://daddylive.eu
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 stats Show response
simplewebanalysis.com/ Frame 232D 40 B
292 B 32ms
7ms XHR
text/html 18.194.245.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://simplewebanalysis.com/stats
Requested by: Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.245.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-245-245.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 72d18078a38d486d7e4f75b95fcf1adab73a0ece0b49ab9708b4042c8af11bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://rkc.primetubsub.xyz
date: Mon, 04 Jul 2022 13:58:51 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
content-type: text/html; charset=UTF-8

GET
H2 200 player.php
player.licenses4.me/ Frame 106B 0
0 134ms
72ms Document
text/html 2606:4700:e6::ac40:cc22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.licenses4.me/player.php?id=premium144&test=true
Requested by: Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://rkc.primetubsub.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: HIT
cf-ray: 725860cb8e97375d-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 04 Jul 2022 13:13:29 GMT
max-age: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMvCr%2FXGyq8uWc3dSZeUsQwi0mncpU6N913H990VjoBjzQc3n8Ji2Xv5eBI%2FxL0rByO0XHR1jVGf%2FOtUnQgQtPgUAm54QWSPg67F6aAu1Lpe5iomVGuDcKFiVjzTkotIII3xreUCzNvfA7xNxDF0N9CB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 c3246314f6056b505d43b400759f79b2 Show response
toglooman.com/27/ Frame 85D2 398 KB
129 KB 30ms
30ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/c3246314f6056b505d43b400759f79b2

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=5150086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b03ef2f92d21e770f8e42753983408da67a9be624c0cd33d27cc9194d43631e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 05:04:39 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Thu, 30 Jul 2082 05:04:39 GMT

GET
H2 200 38 Show response
toglooman.com/42/ Frame 85D2 0
528 B 43ms
42ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=5150086
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=5150086
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 03b940e78738d074a85319c1611a9e67
pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
6.adsco.re/ Frame 85D2 0
412 B 80ms
27ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
Origin: https://daddylive.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://daddylive.eu
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 725860cc385b0200-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame 85D2 0
460 B 78ms
22ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
Origin: https://daddylive.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://daddylive.eu
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 403
Forbidden 8f0cd2e68e97bc49d78b7e937003b6a1.json Show response
spellingreasoningexamine.com/8f/0c/d2/ Frame 232D 0
594 B 298ms
100ms XHR
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spellingreasoningexamine.com/8f/0c/d2/8f0cd2e68e97bc49d78b7e937003b6a1.json
Requested by: Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2BA6 9 KB
3 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Jul 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2BA6 26 KB
10 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 16:13:42 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2BA6 186 KB
49 KB 68ms
16ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 13:58:51 GMT

GET
H3 200 728x90.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/ Frame 2BA6 53 KB
11 KB 27ms
10ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1478539660752196220/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7811befbe4e72185d6732a41a5a8771c92de591f43368c1e8eec848eaa376365

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 430300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10963
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:31 GMT
server: sffe
date: Wed, 29 Jun 2022 14:27:11 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Jun 2023 14:27:11 GMT

GET
H2 204 favicon.ico
houbekuwucoo.com/ Frame 85D2 0
0 45ms
15ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://houbekuwucoo.com/favicon.ico

Requested by

Host: thaudray.com
URL: https://thaudray.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5336
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScoMW%2BorCH%2BwiyAViA3eaNFk66ckN043opGMDEYxkiZZ28Kz3zWdz%2BMHgnhi3B9ISNaLcmO56O3RZQanwGgqhzuWs%2FV%2Bqoerjda2K1je3BZ%2FxN%2FCs2w6AyYCG23bsRMmVi%2Bq2zby6nldYAJDXitT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 725860cc581abb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ABC5 143 B
163 B 12ms
8ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1656943130&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130648&bpp=10&bdt=334&idt=282&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=8634457666946&frm=20&pv=2&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=epXwJnySIx&p=https%3A//tv.ifindfast.com&dtd=305
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame C2D7 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:03:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2D7 138 KB
43 KB 1555ms
1529ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:53 GMT

GET
H/1.1 200
OK / Show response
4.adsco.re/ Frame 85D2 47 B
460 B 42ms
24ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 624171f60254ebfc2225434f968861e2cabb83fbe73f84d7ae7f974438b96048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://daddylive.eu
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ Frame 85D2 52 B
103 B 31ms
30ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300ccb368c39caab0fd98031570ecb126fd2f74cebd1ce7f2bb979fe76e6d17f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://daddylive.eu
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 725860cc486d0200-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
mojk11m6kfcp.l4.adsco.re/ Frame 85D2 0
464 B 124ms
17ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://mojk11m6kfcp.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
mojk11m6kfcp.n4.adsco.re/ Frame 85D2 0
464 B 449ms
86ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://mojk11m6kfcp.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
mojk11m6kfcp.s4.adsco.re/ Frame 85D2 0
464 B 1058ms
185ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://mojk11m6kfcp.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 9896 61 KB
22 KB 37ms
18ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 690685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 725860cc68df9954-FRA
content-encoding: br
content-type: text/html
date: Mon, 04 Jul 2022 13:58:51 GMT
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 04 Aug 2022 13:58:51 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server: cloudflare
vary: Accept-Encoding

GET
H3 200 970x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/ Frame 7BB3 3 KB
1 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9f06952867c10dccc0df42a8df94fc57321956ad9df1c279f375a76eac46782

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 391769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1387
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 01:09:22 GMT
expires: Fri, 30 Jun 2023 01:09:22 GMT
last-modified: Wed, 22 Jun 2022 14:40:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B28020780.338825479;dc_pre=CNbunZay3_gCFUPBuwgdWxMP4Q;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 8FDB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CNbunZay3_gCFUPBuwgdWxMP4Q;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag...

42 B
63 B

27ms
26ms

Fetch
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CNbunZay3_gCFUPBuwgdWxMP4Q;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130658&bpp=7&bdt=344&idt=349&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IsZWhwCfwS&p=https%3A//tv.ifindfast.com&dtd=358

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CNbunZay3_gCFUPBuwgdWxMP4Q;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3528552919;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FDB 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQpS7G_LCYqOrA4Hxtgf1l7nQA73BzOdq6d-C9KAQzKLbwOUeEAEgrPGJJ2CV4pCCoAegAfS4v8UDyAEJqAMByANIqgSYAk_QfIfRDEUZj7OyN_86X3vLPXM8TijjKMWo6R-_sW0jkiueeoNS7B4g2elu_ats8miBdesNY9ICU5jP4Xh-cGMXqMgah85nryE5sWbuJPf-7fQ4uderRxNrOWxIRgd07hYPyNtwOTPt5yYdgLiHiKGpFONOzuX7c_3xoI_1Ii-uKj9JRtftGRifi1iKJDfzQnt6C5wk44V022gMRD1_ehuVxZ4Hf2JZsMhfQQZIs7hBbuwTUBoGrsKFknpenDelrbz4FT_Qb9PDT-jv8b298n3bv1qMBcT0-QwcVmaTUswAiNeYeLz8KbapDAmqTlil66UIErhG2X2cPi7p2LcM5NHf1mzCnisf_8wD_f0yLaUc52BzWqCrOuPABLye_ZCCBJIFBAgEGAGSBQQIBRgEoAYugAfsoaimAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKvjD9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=pqo9JtW3SaE&uach_m=[UACH]&template_id=419

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130658&bpp=7&bdt=344&idt=349&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IsZWhwCfwS&p=https%3A//tv.ifindfast.com&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 8FDB 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:32:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8FDB 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:03:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FDB 138 KB
42 KB 1817ms
1816ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8FDB 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:49:36 GMT

GET
H3 200 /
6.adsco.re/ Frame 9896 0
374 B 56ms
27ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://c.adsco.re
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 725860cd8cbc696f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame 9896 0
458 B 23ms
22ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:51 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 300x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/ Frame B109 3 KB
1 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

808a4a07faab1cfc538cab033d0f8ae15cee15912dc49f21fc11a13ded056947

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 378711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1387
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 04:47:00 GMT
expires: Fri, 30 Jun 2023 04:47:00 GMT
last-modified: Wed, 22 Jun 2022 14:40:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B28020780.338825479;dc_pre=CIy9oZay3_gCFUmudwodhzcBBg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame ED05
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIy9oZay3_gCFUmudwodhzcBBg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag...

42 B
63 B

27ms
26ms

Fetch
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIy9oZay3_gCFUmudwodhzcBBg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130665&bpp=1&bdt=351&idt=483&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CEBaibUv1X&p=https%3A//tv.ifindfast.com&dtd=524

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CIy9oZay3_gCFUmudwodhzcBBg;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3670633691;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED05 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5JtUG_LCYva0DdPytweYhYewA73BzOdqwd-C9KAQzKLbwOUeEAEgrPGJJ2CV4pCCoAegAfS4v8UDyAEJqAMByANIqgSSAk_Qh5i7mzb3G_9imjn0_1gWwQ3-OCNsdGEZiCKGRCbKCmzlpVlZaOF-M1N4ZQ4NpMwV5KMwCB0m3RN-Wjja74X1hPqqwPMIdZSIXRohG4Z3A1Gg4-degkFv9ze1rq3yVjFzzNtG9bf6wCNZENUXYmOP0P0JuO6MwHI9kn7PLrtTlDuhL60t_Do7ZvbFkqwaUVpgXzVawYijhdZUE94mRZ0yzXmZ6XOvA0Dkxz73saAyyvUaRlBOG8PRx7iwDB-1rzmVvN1DAPh7GOT5-j3FA0ygxl9FwrISXe4OLWJKcJoJOdWEKky7e2scORA0S2cZ2pfdhyOOe-Y_zxJ8lgFQ8fpKK0-HFdooMLw3cO3936WdGYfABLye_ZCCBJIFBAgEGAGSBQQIBRgEoAYugAfsoaimAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPrCD9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=o2QVinovUFQ&uach_m=[UACH]&template_id=419

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130665&bpp=1&bdt=351&idt=483&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CEBaibUv1X&p=https%3A//tv.ifindfast.com&dtd=524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame ED05 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:32:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame ED05 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:03:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED05 138 KB
42 KB 1752ms
1751ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame ED05 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:49:36 GMT

POST
H2 200 9 Show response
toglooman.com/ Frame 85D2 7 B
578 B 15ms
14ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=5150086&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fdaddylive.eu%2Fs2w%2Fstream-144.php&wy=0&wx=0&ww=1600&wh=1200&cw=825&wiw=825&wih=494&wfc=6&sah=1200&drf=https%3A%2F%2Ftv.ifindfast.com%2F&hil=1&ist=0&oaid=ec0654dd85c74f61a42794816df9f9e5
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/c3246314f6056b505d43b400759f79b2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 25001f57200db204091d344805f6ee49
pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://daddylive.eu
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 39ms
12ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=5150086&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fdaddylive.eu%2Fs2w%2Fstream-144.php&wy=0&wx=0&ww=1600&wh=1200&cw=825&wiw=825&wih=494&wfc=6&sah=1200&drf=https%3A%2F%2Ftv.ifindfast.com%2F&hil=1&ist=0&oaid=ec0654dd85c74f61a42794816df9f9e5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://daddylive.eu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://daddylive.eu
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Mon, 04 Jul 2022 13:58:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7BB3 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Jul 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7BB3 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 16:13:42 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7BB3 186 KB
48 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 13:58:51 GMT

GET
H3 200 970x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/ Frame 7BB3 54 KB
11 KB 225ms
224ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da00f449f85b42e3107383cb93a9ceda490776d21d85c8ce765964727a83958d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:19 GMT
server: sffe
date: Mon, 04 Jul 2022 13:58:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 13:58:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EEC 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130658&bpp=7&bdt=344&idt=349&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IsZWhwCfwS&p=https%3A//tv.ifindfast.com&dtd=358
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sfp.js Show response
addresseepaper.com/ Frame 232D 48 KB
15 KB 151ms
121ms Script
application/javascript 2606:4700:3038::6815:eb02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://addresseepaper.com/sfp.js

Requested by

Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

473dfe26e5ad478a354a003498bcb7f683108aecef6b8facf6ed5dbf42caccec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 436c2d74c2afe44f6589a77c7926b6fd
last-modified: Mon, 04 Jul 2022 13:58:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlAOE7YALePT7SCX8fa5xODm7vcjwotdJJHWumaEtCRQ8C6ek1DQam2RNUwcW%2BYhKL0EyK2BLmJvDpbr0OjNW1MqjzGlbm2o1GaUdVj5Zx%2FvlSfE7YK5CiWeEiIEenDAUTNRKTclFt2Th9tAAwCmygs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 725860ce5abf9974-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
simplewebanalysis.com/ Frame 232D 40 B
200 B 19ms
19ms XHR
text/html 18.194.245.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://simplewebanalysis.com/stats
Requested by: Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.245.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-245-245.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 72d18078a38d486d7e4f75b95fcf1adab73a0ece0b49ab9708b4042c8af11bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://rkc.primetubsub.xyz
date: Mon, 04 Jul 2022 13:58:51 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
content-type: text/html; charset=UTF-8

GET
H3 200 300x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/ Frame 3A9E 3 KB
1 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

808a4a07faab1cfc538cab033d0f8ae15cee15912dc49f21fc11a13ded056947

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 378711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1387
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 04:47:00 GMT
expires: Fri, 30 Jun 2023 04:47:00 GMT
last-modified: Wed, 22 Jun 2022 14:40:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B28020780.338825479;dc_pre=CMX7qJay3_gCFXb_uwgdxXcC3A;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 20AE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CMX7qJay3_gCFXb_uwgdxXcC3A;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag...

42 B
63 B

35ms
34ms

Fetch
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CMX7qJay3_gCFXb_uwgdxXcC3A;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B28020780.338825479;dc_pre=CMX7qJay3_gCFXb_uwgdxXcC3A;dc_trk_aid=530628048;dc_trk_cid=173070194;ord=3739807963;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20AE 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAWPRG_LCYszqDpKKtweA1JzwA73BzOdqodSC9KAQ29keEAEgrPGJJ2CV4pCCoAegAfS4v8UDyAEJqAMByANIqgSYAk_Qz2wOOiyVZHBPBI16hrU1wIaTGVSdxl4caP354c8Amv5VopydSqmCCYsiGmRkm9UGQvXN5BmS-rXyxmF5ffXhSXbkDhuA7PwhoJOmW_p9GUpsGo-d7LGx4tx2apXTlofFDlHsVYzhuRxbPLYpskG8-UkZI7sqv6B76nABtWVOE1hpY83_tSThQshZKh8sjrbiEfZ6lVUNdI_5sGI4_e1ljevNsv-Gaqu2hDNioIPNjHflrwWsExCe3QSAelZsu38zxQJHsehFbvsOp8wl_V3btV1HyZAhmnANTQR12DfKmKKyYo06p3WuXVJVVkv_fkEmKB4-ov5cTUSI0LJWcOC8LmATfkGYbt0730ncYqyKY10yahqZrgbABOyd_ZCCBJIFBAgEGAGSBQQIBRgEoAYugAfsoaimAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP38BtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=EOd7MF1b3l0&uach_m=[UACH]&template_id=419

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 13:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 20AE 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:32:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 20AE 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:03:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20AE 138 KB
42 KB 1627ms
1627ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 20AE 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:49:36 GMT

GET
H3 200 / Show response
c.adsco.re/ Frame 9896 61 KB
22 KB 17ms
16ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 690685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 725860ce6c569954-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 04 Aug 2022 13:58:51 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B109 9 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Jul 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B109 26 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 16:13:42 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B109 186 KB
48 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 13:58:51 GMT

GET
H3 200 300x600.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/ Frame B109 60 KB
11 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6572622012c7c8ec932f0f766a9d9645f240e9b6e42377a7f791108b3959609e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 378795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11345
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:17 GMT
server: sffe
date: Thu, 30 Jun 2022 04:45:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Jun 2023 04:45:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D32 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130665&bpp=1&bdt=351&idt=483&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CEBaibUv1X&p=https%3A//tv.ifindfast.com&dtd=524
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 149 KB
53 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57db07c04e86feddc99e94313f0738af62045563affc7ea6f094568fa86ffd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54415
x-xss-protection: 0
server: cafe
etag: 9372049946932579108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 13:58:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-6979376228164642&eid=44759875%2C44759926%2C44759837%2C42531608

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6979376228164642&warn=12%2C13&w=1600&h=1200&pp=1&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220628_103541&sat=1656881028985&afm=0&as_count=4&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.620&alldns=0.620&allp=17&pgh=2388&abl=false&rr=n&su=tv.ifindfast.com&pvc=1348873690144928&r=0.1&eid=44759875%2C44759926%2C44759837%2C42531608

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
6.adsco.re/ Frame 9896 0
0

GET /
4.adsco.re/ Frame 9896 0
0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ABC5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
expires: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3A9E 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Jul 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3A9E 26 KB
10 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 16:13:42 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A9E 186 KB
48 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 13:58:52 GMT

GET
H3 200 300x600.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/ Frame 3A9E 60 KB
11 KB 16ms
14ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6572622012c7c8ec932f0f766a9d9645f240e9b6e42377a7f791108b3959609e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 378796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11345
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:17 GMT
server: sffe
date: Thu, 30 Jun 2022 04:45:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Jun 2023 04:45:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7745 143 B
163 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK p Show response
adsco.re/ Frame 85D2 364 B
863 B 105ms
52ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 94728b3a94f288051f4014eb55a30923f3a601c714272257c1970b8ac0105e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

AS-P-G: OK
Date: Mon, 04 Jul 2022 13:58:52 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK lon124
Access-Control-Allow-Origin: https://daddylive.eu
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BA6 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EEC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

55ms
54ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
expires: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-6979376228164642&eid=44759875%2C44759926%2C44759837%2C42531608

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tv.ifindfast.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 13:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tv.ifindfast.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 13:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame 5ED6 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 17:15:02 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 17:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame BBB7 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 17:15:02 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 17:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x600_atlas_NP_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/ Frame B109 151 KB
151 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600_atlas_NP_.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3310a29d294596719ee9e305bb9988eb7ae6b4cba5ed59732e6775d82df62c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 433965
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154764
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:17 GMT
server: sffe
date: Wed, 29 Jun 2022 13:26:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Jun 2023 13:26:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D32
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

54ms
53ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
expires: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x600_atlas_NP_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/ Frame 3A9E 151 KB
151 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13460444742631179628/300x600_atlas_NP_.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3310a29d294596719ee9e305bb9988eb7ae6b4cba5ed59732e6775d82df62c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 433965
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154764
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:17 GMT
server: sffe
date: Wed, 29 Jun 2022 13:26:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Jun 2023 13:26:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7745
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

57ms
56ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1656943131&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943130666&bpp=1&bdt=352&idt=537&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8634457666946&frm=20&pv=1&ga_vid=647370816.1656943131&ga_sid=1656943131&ga_hid=258124991&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=1348873690144928&tmod=868880352&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NooqOwUlrU&p=https%3A//tv.ifindfast.com&dtd=539

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
expires: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 970x250_atlas_NP_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/ Frame 7BB3 153 KB
153 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16867007545678231204/970x250_atlas_NP_.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d7c75e56650fe19ab4c2c193bb14f99785c7d2dafe43316f9283b773e8fb8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156771
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:40:19 GMT
server: sffe
date: Thu, 30 Jun 2022 01:09:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Jun 2023 01:09:11 GMT

GET
H/1.1 200
OK style.min.css
landing.hentaiheroes.com/wp-includes/css/dist/block-library/ Frame 5902 87 KB
12 KB 105ms
104ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "15b26-5e22ffbaaca41-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 11674

GET
H/1.1 200
OK style.css
landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ Frame 5902 851 B
577 B 203ms
97ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
Server: Apache
ETag: "353-5aaa2013068f2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 313

GET
H/1.1 200
OK admin-bar-style.css
landing.hentaiheroes.com/wp-content/plugins/wpml-translation-management/res/css/ Frame 5902 112 B
376 B 279ms
92ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/wpml-translation-management/res/css/admin-bar-style.css?ver=2.9.9
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 2961bb57dcfff925f2e03ad6ad741a457b5f5482bd5b5c221cc20d5d1bfb4268

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 12:07:47 GMT
Server: Apache
ETag: "70-5aaa2015313f1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 113

GET
H/1.1 200
OK style.css
landing.hentaiheroes.com/wp-content/themes/elementor-hello-theme-master/ Frame 5902 9 KB
3 KB 280ms
93ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/themes/elementor-hello-theme-master/style.css?ver=6.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: daf89a0354c623167b30a7f2320cd6d8cf848a8ed11987d5a498d4d44c120673

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Feb 2019 13:20:41 GMT
Server: Apache
ETag: "24bb-580d5027d3342-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2943

GET
H/1.1 200
OK elementor-icons.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/css/ Frame 5902 19 KB
4 KB 281ms
93ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "4ab8-5e22ff70083ad-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3935

GET
H/1.1 200
OK frontend-legacy.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/css/ Frame 5902 13 KB
1 KB 288ms
95ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: b2a41676c1d9924d36e10c6efb453198c18b97f97ad832c3df09f4758fc0f36a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "35ed-5e22ff700a2ed-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 855

GET
H/1.1 200
OK frontend.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/css/ Frame 5902 159 KB
20 KB 405ms
207ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 53dfd4f09adb92e0a4d1344b4ab24f29ee24f33cd3e929bac57444eef5f6d1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "27dfe-5e22ff700a2ed-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19863

GET
H/1.1 200
OK post-58008.css
landing.hentaiheroes.com/wp-content/uploads/elementor/css/ Frame 5902 2 KB
798 B 301ms
98ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/css/post-58008.css?ver=1656070629
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 806e40b46e4f028d397a985e1f2fc54505f416a670106c2c7c1ec17beb739ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:37:09 GMT
Server: Apache
ETag: "61a-5e22ffd97c576-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 534

GET
H/1.1 200
OK frontend.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/css/ Frame 5902 469 KB
40 KB 478ms
199ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: a0ae86685d6487a6518b1691f8f24697e599b6c43f64a76ef3d58427c8df7072

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:21 GMT
Server: Apache
ETag: "7536e-5e22ff725130f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 41173

GET
H/1.1 200
OK all.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5902 58 KB
13 KB 378ms
97ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "e7d0-5e22ff700740d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 12869

GET
H/1.1 200
OK v4-shims.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5902 26 KB
4 KB 373ms
93ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "684e-5e22ff700740d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4229

GET
H/1.1 200
OK global.css
landing.hentaiheroes.com/wp-content/uploads/elementor/css/ Frame 5902 40 KB
3 KB 384ms
97ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/css/global.css?ver=1656070629
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 29a51e93bdcb28e9e5fdb09e3bb8c1ff7ed4cb11a202329521a15dade226be05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:37:09 GMT
Server: Apache
ETag: "9f18-5e22ffd9eab16-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2931

GET
H/1.1 200
OK post-59359.css
landing.hentaiheroes.com/wp-content/uploads/elementor/css/ Frame 5902 3 KB
1 KB 398ms
97ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/css/post-59359.css?ver=1656070629
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 79393c200901f3746631226a8b66e98e72411b928e643e1f6708e17a6d097056

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:37:09 GMT
Server: Apache
ETag: "cf1-5e22ffd9f85d6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 847

GET
H2 200 css
fonts.googleapis.com/ Frame 5902 49 KB
2 KB 49ms
18ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Carter+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBaloo+Paaji+2%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0

Requested by

Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

676d7f390cec34e64efea474c42fb143cde01d1e6acfbc5bc88f753fc85362a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 13:48:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 13:58:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 13:58:52 GMT

GET
H/1.1 200
OK jquery.min.js Show response
landing.hentaiheroes.com/wp-includes/js/jquery/ Frame 5902 87 KB
30 KB 570ms
196ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "15db1-5e22ffbadf6c1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 30908

GET
H/1.1 200
OK jquery-migrate.min.js Show response
landing.hentaiheroes.com/wp-includes/js/jquery/ Frame 5902 11 KB
4 KB 472ms
94ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "2bd8-5e22ffbae0661-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4169

GET
H/1.1 200
OK jquery.cookie.js Show response
landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/res/js/ Frame 5902 3 KB
1 KB 479ms
95ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.3.16
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
Server: Apache
ETag: "b01-5aaa2012e4612-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1109

GET
H/1.1 200
OK language-cookie.js Show response
landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ Frame 5902 227 B
432 B 494ms
97ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.3.16
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: d0c6a55fbd3e75031909f5cb7bb05b561313edae55c5657e5435c8a9623adcb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
Server: Apache
ETag: "e3-5aaa2012e4612-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 155

GET
H/1.1 200
OK app.js Show response
landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/ Frame 5902 82 KB
27 KB 513ms
109ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js?ver=4.3.16
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: adfcaa2b70712351123edc5a9214111e2097c212a935b65d73bae93f55eacd7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 12:07:44 GMT
Server: Apache
ETag: "14735-5aaa2012d4c12-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 27781

GET
H/1.1 200
OK v4-shims.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ Frame 5902 15 KB
4 KB 566ms
94ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "3acf-5e22ff700740d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4205

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 5902 85 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 13:34:18 GMT

GET
H/1.1 200
OK ava0-15-o9xg3k1on8wok8yyqpseqp2lyx4j7p0m7eq4qs701s.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 114 KB
114 KB 95ms
95ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-15-o9xg3k1on8wok8yyqpseqp2lyx4j7p0m7eq4qs701s.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: cd17f01961d141b2d7b0bac4d4fe797860e06da06d9d586fb9ae383d216eaee0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1c704-58c49ba677381"
Content-Length: 116484
Content-Type: image/png

GET
H/1.1 200
OK ava0-14-o9xg3j3ugeve8n0bw7ds67b5dj95zzwvva2n9i8e80.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 134 KB
134 KB 101ms
101ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-14-o9xg3j3ugeve8n0bw7ds67b5dj95zzwvva2n9i8e80.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: f89fe265e1908ab67e24df43cba9793e1a30d40f395c0f5cd8df752dfd7bc52e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "21707-58c49ba685de1"
Content-Length: 136967
Content-Type: image/png

GET
H/1.1 200
OK ava0-13-o9xg3j3ugeve8n0bw7ds67b5dj95zzwvva2n9i8e80.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 197 KB
197 KB 92ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-13-o9xg3j3ugeve8n0bw7ds67b5dj95zzwvva2n9i8e80.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: ca1ba1eb75f3f1a79f18deeb9961400705d3c8d3578d7954b3b01e1d1c1dad50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3144a-58c49ba6a2302"
Content-Length: 201802
Content-Type: image/png

GET
H/1.1 200
OK ava0-11-o9xg3i609ku3x11p1oz5lpjos5dssat5j5f5s89se8.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 164 KB
165 KB 98ms
97ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-11-o9xg3i609ku3x11p1oz5lpjos5dssat5j5f5s89se8.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: f0d3bbffb375eb33fd80a0290b9ca86c1969a0aa541b0ac25f2be83e9b7b27cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "29161-58c49ba6b3c42"
Content-Length: 168289
Content-Type: image/png

GET
H/1.1 200
OK ava0-10-o9xg3h862qstlf3276kj17s86rifklpf70roayb6kg.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 159 KB
160 KB 94ms
91ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-10-o9xg3h862qstlf3276kj17s86rifklpf70roayb6kg.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 877c6a8db0a35cdaaaacfe76fb7743297ef1a2c41877d2756114e9e17316f6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "27da7-58c49ba6c45e2"
Content-Length: 163239
Content-Type: image/png

GET
H/1.1 200
OK ava0-9-o9xg3gabvwrj9t4fco5wgq0rldn2cwlouw46tockqo.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 163 KB
163 KB 92ms
91ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-9-o9xg3gabvwrj9t4fco5wgq0rldn2cwlouw46tockqo.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: d43f7893898155240ded8a92ba94f8318c4b0485f08235e0f9e25b5ceb500f32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "28a32-58c49ba6d4f82"
Content-Length: 166450
Content-Type: image/png

GET
H/1.1 200
OK ava0-8-o9xg3fchp2q8y75si5r9w89azzrp57hyirgpcedyww.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 144 KB
144 KB 410ms
410ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-8-o9xg3fchp2q8y75si5r9w89azzrp57hyirgpcedyww.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: c1546cf6804f6502b3111d49f5d3d345dca7ac2c2dbfd023c3b60fdf0a2a034a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "23e0e-58c49ba6e4982"
Content-Length: 146958
Content-Type: image/png

GET
H/1.1 200
OK ava0-6-o9xg3fchp2q8y75si5r9w89azzrp57hyirgpcedyww.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 95 KB
95 KB 92ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-6-o9xg3fchp2q8y75si5r9w89azzrp57hyirgpcedyww.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: cf2e7a901d9ef837fd5621416baa9ecfb4e29127ef8cd3595fd7f476666e29c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "17c90-58c49ba6f0502"
Content-Length: 97424
Content-Type: image/png

GET
H/1.1 200
OK ava0-5-o9xg3eeni8oyml75nncnbqhuelwbxie86mt7v4fd34.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 149 KB
150 KB 100ms
99ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-5-o9xg3eeni8oyml75nncnbqhuelwbxie86mt7v4fd34.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: a7faadd483773a3efca0f1cfe737cd46ca666ab995e2639f7b27fec9acf6023b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:51 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "255ea-58c49ba6fef62"
Content-Length: 153066
Content-Type: image/png

GET
H/1.1 200
OK ava0-3-o9xg3dgtbenoaz8it4y0r8qdt80yptahui5qdugr9c.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 116 KB
116 KB 92ms
91ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-3-o9xg3dgtbenoaz8it4y0r8qdt80yptahui5qdugr9c.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: afd22bcafdd4f86131ae624f3c1af6cafe399bd1714eb20b1dd67d09a236c748

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1d01a-58c49ba70ba82"
Content-Length: 118810
Content-Type: image/png

GET
H/1.1 200
OK ava0-2-o9xg3dgtbenoaz8it4y0r8qdt80yptahui5qdugr9c.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 76 KB
76 KB 184ms
184ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-2-o9xg3dgtbenoaz8it4y0r8qdt80yptahui5qdugr9c.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 6dee9e420e660b079aaf0c3100be7e9e168088acf27a0598f15f3cfc1cf4062c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "12e37-58c49ba7185a2"
Content-Length: 77367
Content-Type: image/png

GET
H/1.1 200
OK ava2-o9xg3ciz4kmdzd9vymje6qyx7u5li46ridi8wki5fk.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 96 KB
96 KB 401ms
401ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava2-o9xg3ciz4kmdzd9vymje6qyx7u5li46ridi8wki5fk.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: f90525e71e464c5e8cc69a9c94f9ddfb28d14cb44fbebd500b7e300fc379fba4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "18059-58c49ba7221e2"
Content-Length: 98393
Content-Type: image/png

GET
H/1.1 200
OK ava1-o9xg3bl4xql3nrb9444rm97gmga8af3168urfajjls.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 123 KB
123 KB 98ms
98ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-o9xg3bl4xql3nrb9444rm97gmga8af3168urfajjls.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: a726c7d268c461ef460f720e97e86a4f61e233900e236fc8dfa8639c3ade84cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1ebd6-58c49ba72cdc3"
Content-Length: 125910
Content-Type: image/png

GET
H/1.1 200
OK ava1-9-o9xg3bl4xql3nrb9444rm97gmga8af3168urfajjls.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 118 KB
118 KB 92ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-9-o9xg3bl4xql3nrb9444rm97gmga8af3168urfajjls.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 31e275f06538883fd5ed7f653f2c2400cbdeecfb8012baa8a4e97ca222462cad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1d729-58c49ba738943"
Content-Length: 120617
Content-Type: image/png

GET
H/1.1 200
OK ava1-7-o9xg3anaqwjtc5cm9lq51rg012ev2pzau479y0kxs0.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 147 KB
147 KB 97ms
97ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-7-o9xg3anaqwjtc5cm9lq51rg012ev2pzau479y0kxs0.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 30a10b07816b425dd1c4457e3e9b92d01b6497aff21fb699782437ae629ab162

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "24cca-58c49ba743523"
Content-Length: 150730
Content-Type: image/png

GET
H/1.1 200
OK ava1-6-o9xg39pgk2ij0jdzf3bih9ojfojhv0vkhzjsgqmby8.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 92 KB
93 KB 93ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-6-o9xg39pgk2ij0jdzf3bih9ojfojhv0vkhzjsgqmby8.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 3cf8b7162673959132927322a9958321c8a76e0a65baef32577ca3c6054772cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "171db-58c49ba74e103"
Content-Length: 94683
Content-Type: image/png

GET
H/1.1 200
OK ava1-5-o9xg39pgk2ij0jdzf3bih9ojfojhv0vkhzjsgqmby8.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 115 KB
115 KB 99ms
99ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-5-o9xg39pgk2ij0jdzf3bih9ojfojhv0vkhzjsgqmby8.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 3b7b161d39bb0c658b1baa6c328d6a1813ae5f6b7ca5f4e96715b77d21fd3efd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1cb51-58c49ba758ce3"
Content-Length: 117585
Content-Type: image/png

GET
H/1.1 200
OK ava1-4-o9xg38rmd8h8oxfckkwvwrx2uao4nbru5uwazgnq4g.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 89 KB
89 KB 92ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-4-o9xg38rmd8h8oxfckkwvwrx2uao4nbru5uwazgnq4g.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 942966188f9f7481a6ea802543df9d28c5dcd4cb93881340aadead3d1a88cd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1628b-58c49ba762923"
Content-Length: 90763
Content-Type: image/png

GET
H/1.1 200
OK ava1-3-o9xg38rmd8h8oxfckkwvwrx2uao4nbru5uwazgnq4g.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 101 KB
101 KB 93ms
93ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-3-o9xg38rmd8h8oxfckkwvwrx2uao4nbru5uwazgnq4g.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 4d437bd66ca636c4dab60793ea6e6d7568e690d328ac05c298f4c4656bb01859

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "192bc-58c49ba76c563"
Content-Length: 103100
Content-Type: image/png

GET
H/1.1 200
OK ava1-2-o9xg37ts6efydbgpq2i9ca5m8wsrfmo3tq8ti6p4ao.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 163 KB
163 KB 92ms
91ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-2-o9xg37ts6efydbgpq2i9ca5m8wsrfmo3tq8ti6p4ao.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 523299c1166ab515ae4f114c6903860557bcd93dae6a8d76c7f8e4a9d84a7a24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "28b53-58c49ba77afc3"
Content-Length: 166739
Content-Type: image/png

GET
H/1.1 200
OK ava1-1-o9xg37ts6efydbgpq2i9ca5m8wsrfmo3tq8ti6p4ao.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 101 KB
101 KB 100ms
99ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava1-1-o9xg37ts6efydbgpq2i9ca5m8wsrfmo3tq8ti6p4ao.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: ffec59eccbd2e41d6738f54aea2d098a17d424b0bd8c3af3ed1c37d2916f0f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "192eb-58c49ba784c03"
Content-Length: 103147
Content-Type: image/png

GET
H/1.1 200
OK ava0gngf-o9xg36vxzkeo1pi2vk3mrse5nixe7xkdhllc0wqigw.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 148 KB
148 KB 95ms
95ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0gngf-o9xg36vxzkeo1pi2vk3mrse5nixe7xkdhllc0wqigw.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: d699ff1bf3af353f1126d2943d0519a064ced8fefde32d356727a89e35e2f784

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "24ff9-58c49ba791723"
Content-Length: 151545
Content-Type: image/png

GET
H/1.1 200
OK ava0-o9xg35y3sqddq3jg11p07amp252108gn5gxujmrwn4.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 129 KB
129 KB 92ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-o9xg35y3sqddq3jg11p07amp252108gn5gxujmrwn4.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 0c295ae7181fd4c1a58fd04aee758c3b0fbb8626b69f200423b963907546b6d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "202ac-58c49ba79d2a3"
Content-Length: 131756
Content-Type: image/png

GET
H/1.1 200
OK ava0-29-o9xg35y3sqddq3jg11p07amp252108gn5gxujmrwn4.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 118 KB
118 KB 93ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-29-o9xg35y3sqddq3jg11p07amp252108gn5gxujmrwn4.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: ea16b5bf3bb9e7cd1f37dedcb3dd42992c6146d7ffecbf2ff01ee26c211b6d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1d638-58c49ba7a8e23"
Content-Length: 120376
Content-Type: image/png

GET
H/1.1 200
OK ava0-27-o9xg3509lwc3ehkt6jadmsv8gr6nsjcwtcad2ctatc.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 82 KB
82 KB 93ms
92ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-27-o9xg3509lwc3ehkt6jadmsv8gr6nsjcwtcad2ctatc.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 3df9a61c6a3d47c9828142633f4e4ea011610c2d06881571a99a22d6b82952f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "14812-58c49ba7b2a63"
Content-Length: 83986
Content-Type: image/png

GET
H/1.1 200
OK ava0-26-o9xg3509lwc3ehkt6jadmsv8gr6nsjcwtcad2ctatc.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 103 KB
103 KB 100ms
99ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-26-o9xg3509lwc3ehkt6jadmsv8gr6nsjcwtcad2ctatc.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 5233ab43396187e5554419a81eaa9e09181c58ed44d2ccbc0ad2081e6ac897bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "19bb7-58c49ba7bc6a3"
Content-Length: 105399
Content-Type: image/png

GET
H/1.1 200
OK ava0-25-o9xg342ff2at2vm6c0vr2b3rvdbaku96h7mvl2uozk.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 199 KB
199 KB 92ms
91ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-25-o9xg342ff2at2vm6c0vr2b3rvdbaku96h7mvl2uozk.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 8c868accc358ae4a37418d5f9bba1497534de8d86f2be11242db46dc6042fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "31c54-58c49ba7cd044"
Content-Length: 203860
Content-Type: image/png

GET
H/1.1 200
OK ava0-24-o9xg334l889ir9njhih4htcb9zfxd55g52ze3sw35s.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 111 KB
112 KB 95ms
95ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-24-o9xg334l889ir9njhih4htcb9zfxd55g52ze3sw35s.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 6425d5675af34596e013c25096c085108f5d5d77bed45bcf2c14d97087d7c2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1bd70-58c49ba7d8bc4"
Content-Length: 114032
Content-Type: image/png

GET
H/1.1 200
OK ava0-22-o9xg326r1e88fnown02hxbkuolkk5g1psybwmixhc0.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 107 KB
107 KB 93ms
93ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-22-o9xg326r1e88fnown02hxbkuolkk5g1psybwmixhc0.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 57813f921f6dc8d3243cc03a391dcb2537ad8e526c5c1b4698d5672fd37404d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1ac8a-58c49ba7e37a4"
Content-Length: 109706
Content-Type: image/png

GET
H/1.1 200
OK ava0-20-o9xg326r1e88fnown02hxbkuolkk5g1psybwmixhc0.png
landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ Frame 5902 127 KB
127 KB 93ms
93ms Image
image/png 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/thumbs/ava0-20-o9xg326r1e88fnown02hxbkuolkk5g1psybwmixhc0.png
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 9ef3a6c36bc741e3a84d412e95fa513bd140d5ae0ba34b996dea51c3bf362f61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Last-Modified: Thu, 27 Jun 2019 08:12:52 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1fca7-58c49ba7ee384"
Content-Length: 130215
Content-Type: image/png

GET
H/1.1 200
OK animations.min.css
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/animations/ Frame 5902 18 KB
3 KB 93ms
93ms Stylesheet
text/css 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "4824-5e22ff700452d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2592

GET
H/1.1 200
OK webpack-pro.runtime.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/ Frame 5902 5 KB
3 KB 92ms
92ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 866d4e109d45cc75283a55da524d647bfb8065a7f30ec23759aef9af3b535c71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:21 GMT
Server: Apache
ETag: "1440-5e22ff725612f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2366

GET
H/1.1 200
OK webpack.runtime.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/ Frame 5902 5 KB
2 KB 93ms
93ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 865e03c14520affa816b36c9221a81c9c4d64f6b055320b9704a2d671e025d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "1360-5e22ff7012f8e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2197

GET
H/1.1 200
OK frontend-modules.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/ Frame 5902 14 KB
5 KB 105ms
100ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 9f868167dadde7a0b3914cac9bfb32e93e7ca924bf31669822db66e27f0356c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "37c5-5e22ff7011fee-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4619

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
landing.hentaiheroes.com/wp-includes/js/dist/vendor/ Frame 5902 6 KB
3 KB 103ms
98ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "194b-5e22ffbad9901-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2457

GET
H/1.1 200
OK wp-polyfill.min.js Show response
landing.hentaiheroes.com/wp-includes/js/dist/vendor/ Frame 5902 19 KB
7 KB 102ms
97ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "4ac6-5e22ffbad9901-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7095

GET
H/1.1 200
OK hooks.min.js Show response
landing.hentaiheroes.com/wp-includes/js/dist/ Frame 5902 5 KB
2 KB 93ms
92ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "132e-5e22ffbad5a81-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1661

GET
H/1.1 200
OK i18n.min.js Show response
landing.hentaiheroes.com/wp-includes/js/dist/ Frame 5902 10 KB
4 KB 94ms
93ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "27ee-5e22ffbad4ae1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3865

GET
H/1.1 200
OK frontend.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/ Frame 5902 21 KB
6 KB 104ms
103ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: a2cebfe3738dbd10570bcfea24eb240323f7f03312fce23f999ecbc9fb3cc6cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:21 GMT
Server: Apache
ETag: "52d7-5e22ff72570cf-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5646

GET
H/1.1 200
OK waypoints.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/waypoints/ Frame 5902 12 KB
3 KB 98ms
98ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "2fa6-5e22ff700452d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2993

GET
H/1.1 200
OK core.min.js Show response
landing.hentaiheroes.com/wp-includes/js/jquery/ui/ Frame 5902 20 KB
7 KB 103ms
103ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "50eb-5e22ffbadf6c1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6914

GET
H/1.1 200
OK swiper.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/swiper/ Frame 5902 136 KB
35 KB 106ms
106ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "21f91-5e22ff700452d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 35491

GET
H/1.1 200
OK share-link.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/share-link/ Frame 5902 3 KB
1 KB 96ms
95ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "a12-5e22ff700358d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1099

GET
H/1.1 200
OK dialog.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/dialog/ Frame 5902 10 KB
4 KB 99ms
96ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "29ba-5e22ff700740d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3446

GET
H/1.1 200
OK frontend.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/ Frame 5902 37 KB
11 KB 105ms
104ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: a1d57439b7cbb156c806a42b54429bac881c3f9f34c717e5085862b0fa56c972

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "936d-5e22ff7011fee-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 10966

GET
H/1.1 200
OK preloaded-elements-handlers.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/ Frame 5902 131 KB
31 KB 109ms
108ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 9e426b06ebb2fe02a8f495c8d6e2b5aea53f3446cac8aa0fd2cc0bebe366676a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:21 GMT
Server: Apache
ETag: "20de6-5e22ff725612f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 31438

GET
H/1.1 200
OK preloaded-modules.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/ Frame 5902 42 KB
13 KB 97ms
97ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.6
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: c91722fdcccbbbeabdcbd7963b8f83aae97be648b57a24d07cdec5ea4b0f57b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:18 GMT
Server: Apache
ETag: "a980-5e22ff700f10d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 13084

GET
H/1.1 200
OK jquery.sticky.min.js Show response
landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ Frame 5902 3 KB
2 KB 392ms
392ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:35:21 GMT
Server: Apache
ETag: "ca4-5e22ff724f3cf-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1359

GET
H2 200 css2
fonts.googleapis.com/ Frame 5ED6 4 KB
709 B 43ms
19ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 12:02:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 13:58:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 13:58:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5ED6 205 B
294 B 30ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:57:08 GMT
x-content-type-options: nosniff
age: 3704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 12:57:08 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5ED6 604 B
1 KB 29ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:06:17 GMT
x-content-type-options: nosniff
age: 6755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 12:06:17 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 5ED6 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82732c70a47094531308ac098d61f5d93ca9384b3a1a28d11ce841eebb0dbb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 19:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 3937238495892068192
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 19:56:02 GMT

GET
H/1.1 200
OK ai.aspx Show response
tagm.tchibo.de/ Frame BBB7 43 B
1 KB 78ms
19ms Fetch
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://tagm.tchibo.de/ai.aspx?extProvId=5&extPu=tchibo-pm-display&extLi=14397917271&cb=75147879

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 04 Jul 2022 01:58:52 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 04 Jul 2022 13:58:51 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BBB7 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6J-oG_LCYsDjDoKcrAS3ir2AB9XZxd9qkNfz4L8QwceFhc0IEAEgrPGJJ2CV4pCCoAegAYKQ5YcDyAECqQLRd8Wu0n6xPqgDAcgDyQSqBI8CT9A77_OnuWjZY83BOd2v3Oeym50jL7HRS5ZmN0oWmopVpB9Goe9L5L4nIOdrYwca3TnZLTWNuYoi1mcCA_7xQ6jBBrMBnaFtdxrKTUgZ1iYKkUPJeYxCCb2motl3ki4jIwBNYoVz7CSAnAlUo4Rv3afASdm8Ih4AH9thjhzBiS9J571zLADo2gp23WuLQz-spb1njMGyp6RahY-lqEi-QOvchlD2SzgxJvaPuwejQbCBIQwE7uc2Y9n-EhcgYNvi1fmgt0fsYeTzhRbM7wofFjwacFvqbbnAzj9sPakgMGK2TxNWSulCvkAlLkGnfNAYATJrVMX8d07lfTi6dQzMxiqRwafURBFh5AEWD-WNMsAEysHs6dwDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8yBrSioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD90AfSCBIIiOGAEBABGB8yA6qCAToCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNjk3OTM3NjIyODE2NDY0MhgA&sigh=bjgGyEshZ_w&uach_m=[UACH]

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame BBB7 21 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: cafe
etag: 11173422395264295734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:22:12 GMT

GET
H3 200 10179146286675862677
tpc.googlesyndication.com/simgad/ Frame BBB7 20 KB
20 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10179146286675862677?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlIwrwDcujdTn5toJjMSVtE286S0Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ffba6fd79829508ea3f2c59b343943b2bca31850c5f27ba3b1307cd7e1350ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:53:07 GMT
x-content-type-options: nosniff
age: 547545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20044
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 09:48:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Jun 2023 05:53:07 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BBB7 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:31:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BBB7 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 12:56:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BBB7 0
0 16ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrvKJyHfYIxLVHE2sJ3hecUHSYi1JOF9w-OtG4F1tbKlil2kz8OrlioqIG1of3ezA2zYDp9VCStEU25wUgPAbMYDcDaA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBB7 138 KB
42 KB 1205ms
1203ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:53 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BBB7 31 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

184706c05b668b178b427bdc28fbb32f774c0023c996cf401a5bbc79c8e9caec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13067
x-xss-protection: 0
server: cafe
etag: 2495212655582482636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 15:16:03 GMT

POST
H/1.1 200
OK add Show response
datatechonert.com/log/ Frame 85D2 12 B
482 B 52ms
15ms Fetch
application/json 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer: https://daddylive.eu/s2w/stream-144.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Jul 2022 13:58:52 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://daddylive.eu
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 Wu.aspx Show response
xadsmart.com/ Frame 85D2 44 B
140 B 171ms
125ms Script
text/javascript 104.153.197.251
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xadsmart.com/Wu.aspx?_=BAoAYsLyHAFiwvIcgAGBAsAAIDxJX-5A36TwjAj1U_9GewAgvAOzDCdtlFda3a_ZryedwQBHMEUCIQDRVTHlbI-MU8-62v-00WuNfBnLFMx2rnChRSH-EkSQbQIgBIMEj5NFIYZAuwMO3HSskyE94E2_OdNYE918-2tHyYfCACAjkFq759HrIgYiHPB9TQLYvt5jS4LE6LUOZ8oIR0Fks8QAECABCsgAIAJyAAAAAAAAAC7FABAM-ZMKe7S_CXjUXVVC_4iZwwBIMEYCIQDE0QSCXCNzIbDVwX3hGXnnzFyvqQB8evFsKKQUQfbiMAIhAJWeXgve_7D1_lCeCNbMFMwTCct4iup6szgJ3oxcEUBd&v=4&oOtXmpUf=4761337&cdAGwoTS=&oaUKBSAe=0,0&KYyHMUTw=&hLJbQEnH=https%3A%2F%2Ftv.ifindfast.com%2F&s=1600,1200,1.94,3104,2328,1
Requested by: Host: www.xadsmart.com
URL: https://www.xadsmart.com/zuck.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.153.197.251 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: 104-153-197-251.customer.totaluptime.net
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daddylive.eu/s2w/stream-144.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 13:58:52 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H3

200

/
www.google.com/ Frame 232D
Redirect Chain

https://assuranceapprobationblackbird.com/pxf.gif?uuid=ef5db9a4-ed7c-4d07-8734-dc23a79d6215&eb=9b47e89dfc65ad002c6d58a8b4df3d9d&te=6d283cd4b3a0ba79ea26d1afdf15d561&ua=Mozilla%2F5.0%20(Windows%20NT%...
https://google.com/
https://www.google.com/

0
0

78ms
78ms

Image
text/html

2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/
Requested by: Host: daddylive.eu
URL: https://daddylive.eu/s2w/stream-144.php
Protocol: H3
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

bfcache-opt-in: unload
date: Mon, 04 Jul 2022 13:58:52 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://www.google.com/
cache-control: private, max-age=2592000
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
expires: Mon, 04 Jul 2022 13:58:52 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
landing.hentaiheroes.com/wp-includes/js/ Frame 5902 18 KB
5 KB 109ms
108ms Script
application/javascript 144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.hentaiheroes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 11:36:37 GMT
Server: Apache
ETag: "48b9-5e22ffbadd781-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5009

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B109 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A9E 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 062A 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3356 6 KB
731 B 46ms
19ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500%7CHeebo%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1720308715a666e0101dc0c35b623b0cb770be5ddfebf5846d3b3050c10b48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 13:52:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 13:58:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 13:58:52 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3356 2 KB
914 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 12:36:40 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 3356 21 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: cafe
etag: 11173422395264295734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:22:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3356 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:31:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3356 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 12:56:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3356 0
0 17ms
16ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYPFwcyzlJ95UPHkh-mz6sVXp-eoWJW7yprcFnXZByv8UGs5uzRGZntnafMtVWqs8CTygrPnJAhrWnIYvSa6p-FzzpAQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3356 138 KB
42 KB 1053ms
1052ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:53 GMT

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 3356 31 KB
13 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 07:55:29 GMT

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BB3 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET
DATA 200
OK truncated
/ Frame BBB7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82e3824cab4bb9498ee86d9fab1e93f8eb8a5e6541654571f3016a5c20df4d12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8CB 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 062A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

57ms
57ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
expires: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
79ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
expires: Mon, 04 Jul 2022 13:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:58:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ShinjukuBG_Mob.jpg
landing.hentaiheroes.com/wp-content/uploads/2019/02/ Frame 5902
Redirect Chain

http://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg
https://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg

188 KB
188 KB

96ms
95ms

Image
image/jpeg

144.217.67.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg
Requested by: Host: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/wp-content/uploads/elementor/css/post-59359.css?ver=1656070629
Protocol: HTTP/1.1
Server: 144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536191.ip-144-217-67.net
Software: Apache /
Resource Hash: 18c273dbd544a2e871e8b0d53147a6cafe847912b1f4344b1d73ee9d055fe37e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 13:58:53 GMT
Last-Modified: Fri, 08 Feb 2019 10:21:37 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "2ef3e-5815f52fa2d63"
Content-Length: 192318
Content-Type: image/jpeg

Redirect headers

Location: https://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg
Cache-Control: no-cache
Content-length: 0

GET
H2 200 i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2
fonts.gstatic.com/s/baloopaaji2/v20/ Frame 5902 31 KB
31 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloopaaji2/v20/i7dMIFFzbz-QHZUdV9_UGWZuUFWaHg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Carter+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBaloo+Paaji+2%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ab6f1b9fc7bd8c05656d179cbb35c8d9a4dc0c5a4121e3ed6b527b7b63eb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 04:33:38 GMT
x-content-type-options: nosniff
age: 206714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32056
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:45:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 04:33:38 GMT

GET eicons.woff2
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ Frame 5902 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5902 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 586257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 19:07:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame C2D7 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:49:36 GMT

GET
DATA 200
OK truncated
/ Frame C2D7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7018271911a30563a9b380ce5605efd408e2c0f4b775fb6ebc56c8af23848cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET eicons.woff
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ Frame 5902 0
0

GET
DATA 200
OK truncated
/ Frame 20AE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e456efb6d9344bd2963f779e88d6369351c73224c02247bef7512cc2a3eb08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8FDB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05f4993afb2524fa3b89b0bd5ccac106c4f5cd6528e62e9ca77a3ff00c127507

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ED05 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3a494f6ed2a539d510cb4eb22a577c9dfa857978d10181bef128cd77c96ac8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E74 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A686 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET eicons.ttf
landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ Frame 5902 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2D7 42 B
64 B 58ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstS5y7M9GKW6tzkkt4lM6UKcYmdjcI3VrqzGpOCuFD0ncQIgTruQ9cVL7RlVtOd6IMf89dvpBVJqT8JY2xnLkZP0QHU0syYW5VRWyJK7WC1x7Oe4SuIZiOxBjZCeJNhYmzvGuvlfA&sai=AMfl-YTBb90GFDb98VgjihUvcBq6ac4m1QB-pwSwt15l-fMtPW0AjpVAoAZ3KApI5R-jmSiGmLR7H5xzQW5B&sig=Cg0ArKJSzPFqPikKCCc2EAE&id=lidar2&mcvt=1003&p=0,0,89.03125,720&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=751607799&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656943130959&rpt=2243&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 21E7
Redirect Chain

https://web.facebook.com/v2.8/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3D...
https://www.facebook.com/v2.8/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.if...
https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.if...

145 KB
33 KB

189ms
188ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=08c8aac415e0c320d0b1cd6573da223c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d763ddbbd7eb1cd50641cd21c74229b114ddb4dfcad9124f5c6f4d66b5ad76ec

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 04 Jul 2022 13:58:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 4PhkVHxD42zeJ9uxg2SatcGQx+Jv9l0/wYoVZ2Jwde0Z1ibt2X1Ng37UB9DfOEZLeik//Hd1Pio+FrgBJYCXag==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Mon, 04 Jul 2022 13:58:54 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: 9uMY/VenZbfgifGBjFHdu27po55JB5jOQmmN0fW2GowP3ZzZCggadOjNrNw0QCdASs0/cQThTuoTBUZKgDZDUQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 33ms
32ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0d3ca2990b5035185009a899c2b26213e46ed432bef5f76ccc95e62e22bf9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10574
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 13:58:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FEAC 13 KB
5 KB 13ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 12:41:28 GMT
expires: Tue, 04 Jul 2023 12:41:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7949 783 B
536 B 19ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ff2b41b3d1d6abec3ec8dcb7548723c8494b0b285956d8667f7fd1ae9b965dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dURKHi6uH9Xfk7MJY8tRxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.ifindfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-dURKHi6uH9Xfk7MJY8tRxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:58:54 GMT
expires: Mon, 04 Jul 2022 13:58:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7949 0
0 56ms
56ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1348873690144928&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FEAC 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:52:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FEAC 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jB8THQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBB7 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse6VmJ775EGppOPVb03pgaNzwYNVfdEBZPfoinbR03y7WwL5j5sN_rYHd7FsrGM4cINge0SREEz2QHnDy6NDNH9-ul5LKdAUYfb35wM9nEkwLV-gcgEYB_RIxujT9RxmaJF-7EXEE&sai=AMfl-YRlGYONKqfSQo6-yE5LQIUfhiieDOjpvdSPQE2XJUVhtxE9zm-W6lGG38xRgAccJa3IGGs-kVr-d6RjycEU5mPmvoRWmlMl4RFV5djc9AuKjA5Uog57ymVt2t6JMujb&sig=Cg0ArKJSzL_GMbc-a4OeEAE&id=lidar2&mcvt=1014&p=0,0,124,1005&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656943132107&rpt=1453&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED05 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9Ls1LFIJpSyXTMvI9acmwDGtk-TuWSdwITSeaH69xjM3c1XnO28f5sFLmC_GcXw6FheBTOpp_-nfOxW4d8bU5ZJJmW5ATazePMEDRNlsjLK8yI5o1rIl-mHG4ppl5HdwUnueKwQ&sai=AMfl-YREUE2s_1mOIHZFMUR4rn2XA6dKnJC45XCQWFdG3BCVmhBUAwD0lpcHzBbJcM_KuR6MYDwlDmKLKj9S&sig=Cg0ArKJSzPSxd9VEyVIVEAE&id=lidar2&mcvt=1017&p=0,1,510,256&mtos=0,1017,1017,1017,1017&tos=0,1017,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=0.86&if=1&vu=1&app=0&itpl=2&adk=1099239650&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656943131745&rpt=1853&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FDB 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviG6KmtWMXN8R9m2eWesVzE3bkQ0xjoVmx1EqF_uc6M7hKTAvS72GZufPAzDuMZ5jyyV0-zovKCO3nIMrG6QP5fRKcYeHnLl4JDcVnKadFObE8KKXeCkosF0jQYstaOW8Qsle-hw&sai=AMfl-YSSirXHjvWbhEzxLe_1Oz6V8ZF_fo-6wiYAQT9yz3CFFQEoteJ6yRcF7ShX7dNgcooqPAQs38YfEA2c&sig=Cg0ArKJSzP8AcFVeQpr5EAE&id=lidar2&mcvt=1020&p=1,1,213.65625,826&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3976959788&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656943131685&rpt=1889&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 21E7 721 B
870 B 29ms
10ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVSJF/6ycs/5uNocEebDvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 392
x-fb-rlafr: 0
x-fb-debug: 67D+wMnfv9FnGAVGWvqhgz8MJ04mdLMXGSMVmu/YztpyTu7aJQPc52UJUMG8FfpDPJnAZZvCQySAs7MDjQv6wQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Jun 2023 11:58:16 GMT

GET
H2 200 wvZWaQbGrTr.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame 21E7 125 KB
20 KB 29ms
11ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4SeHpPROPfPtACyhfXFABg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20389
x-fb-rlafr: 0
x-fb-debug: gh92m9HPBlg5dMQb0SJPItyIGemtAmEKPoSNZ5qrL6pDIshSdaEmjoSTBqOVf1om1LBkazknHeOaXgZKqMbEVg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 20:03:19 GMT

GET
H2 200 FvNUgl2sMIh.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 21E7 319 KB
86 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/FvNUgl2sMIh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

070308ea32fb93565f063924c8c89e1b693f55b45e3c4c6dc1f7f111c2e8237b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ui8TX0On0EDzNdGmY5BJ0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87942
x-fb-rlafr: 0
x-fb-debug: vOBxCvu7ybc1aoXUaQBsuyKe0gH2HvAOC2gSN912+TAMAngh/SQ59/dDZqWOsyByc00uCZsjIdO1G5cNhcUrtA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:00:58 GMT

GET
H2 200 kIGs74D6PR8.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/y4/l/de_DE/ Frame 21E7 152 KB
42 KB 30ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/y4/l/de_DE/kIGs74D6PR8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3745a53e54fda7baa37e2a5f9a6492f1d9a425a5f5ba326737e4da471aa74a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: T91tJgi9qPrefKXy2lCeIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43174
x-fb-rlafr: 0
x-fb-debug: ApwZDFYfjuOcP3qUxNIjsfy6UNHRV1eCt2bHisKYa/n77iTAavtLGttSg4UctM8o8eho46LJR1H1e6k9MWrHYQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 29 Jun 2023 06:39:00 GMT

GET
H2 200 Qdvc3dJy80m.js Show response
static.xx.fbcdn.net/rsrc.php/v3i3dW4/y4/l/de_DE/ Frame 21E7 1 MB
337 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i3dW4/y4/l/de_DE/Qdvc3dJy80m.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01d8a0aee986e6d400187aa8b9cf73817b75bcab1c221057d1f60dee3d7f47fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: udSUveC6Z+knd5QQOAnLYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 344414
x-fb-rlafr: 0
x-fb-debug: d9KOj5YimJXozBjDwYyLiONItbETI3Tkrbv3cjLIycVFDpvxPXA6kLdDD29ovPxQdNbuR4sY8u/TDHHz92RzxA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jul 2023 16:21:55 GMT

GET
H2 200 KM4vffuo-0L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 21E7 2 KB
981 B 29ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHjmWcicjHzSu82QnUDDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 788
x-fb-rlafr: 0
x-fb-debug: xD7sySzcMHSL+nhDQoOvyd6SPlJGD49N6Fm9V+1lBwjdRpMGpw9Id0vmyV62mbJchPKiZd1R5jXOs9cCj6szlg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 17:02:45 GMT

GET
H2 200 I0OaeIMgtaJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 21E7 33 KB
10 KB 50ms
32ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/I0OaeIMgtaJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da8c1f01d54faba43a84d2a4515abf9295a79e60cc408f0e6550870d2717a3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6ZsEHWYFv6t+0G46pbpcnA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10398
x-fb-rlafr: 0
x-fb-debug: ns/UpgplkeLm01qQMd3RPKPCII+two6GNkNGeL6hA8lBcrWlJ7HHzmQRCcVxDsxHmu4LkOKP7V9Vp6/511IPhA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Jun 2023 15:31:33 GMT

GET
H2 200 AeDYPw7COGr.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVab4/yV/l/de_DE/ Frame 21E7 42 KB
13 KB 50ms
33ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yV/l/de_DE/AeDYPw7COGr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15de14d7d813d1d3ebd6cbc95aa65a4234f76cfe649bf06ebd46e06a2fba9f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0dzgeUw//ygBzIRmuChAxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12623
x-fb-rlafr: 0
x-fb-debug: mwBKMfiFqqN9ihx77NiaonuH7djESjcWhCqX47xAqHMvGL0uSWwxhrJd2a8LaGqGya5E+XuKUHNvFlItT2SXsw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jul 2023 17:46:33 GMT

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 21E7 251 KB
251 KB 17ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:55 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: ODMp5NlYmJ0TAswHXpQoPaR3CEjZFD25KFA/q+4H6gJ/8SfOCYsd1NFBAi5QNO/9aVMRNEXtJ32Avb2IFC53Fw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 23:32:40 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 21E7 1 KB
1 KB 9ms
8ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:55 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: lzAGfSUx4Uuqz9JKwQusAwKXmncUD/B6M1NbqIhYP1cYgAy8cVd0oDapUU2SIUQTONS4jc8i0cPJ3Z3f/5O0aA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 01:40:55 GMT

GET
H2 200 10904121_10152892838397321_4817916110181241217_o.jpg
scontent-frt3-2.xx.fbcdn.net/v/t31.18172-1/ Frame 21E7 2 KB
2 KB 36ms
9ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t31.18172-1/10904121_10152892838397321_4817916110181241217_o.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=4h9LpFvS3tEAX_Me5Eq&_nc_ht=scontent-frt3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT-ZWl_eL8lw_qez3dIxDQBhcvqgj-aSynOLKsZCRjUaDg&oe=62EA7236
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: df0d1fa694a2eb85a40a076494e13b5c6ccb1ea9c5f67eb08e947c5275218255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 1128872574
date: Mon, 04 Jul 2022 13:58:55 GMT
x-fb-trip-id: 2050670934
last-modified: Mon, 08 Jun 2015 09:26:21 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1000222289
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 365358177
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1662

GET
H2 200 143086968_2856368904622192_1959732218791162458_n.png
scontent-frt3-1.xx.fbcdn.net/v/t1.30497-1/ Frame 21E7 1 KB
2 KB 34ms
7ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.30497-1/143086968_2856368904622192_1959732218791162458_n.png?stp=cp0_dst-png_p48x48&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=GkV1pgR-JMkAX8qRdkI&_nc_ht=scontent-frt3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-My0TkYyotHltxqt-67DBEKHVksNMMUTiLkjNSiFD5Og&oe=62EA1BF8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a8eb0a0b7cb7f5a2c06f9edc03c06c9891363db33f1ec8661d362b440b946fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 2195128382
date: Mon, 04 Jul 2022 13:58:55 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 27 Jan 2021 21:09:20 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=1099843478
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2193203146
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1280

GET
H2 200 30530906_1592068470861821_7873793626260635648_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/ Frame 21E7 2 KB
2 KB 34ms
8ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/30530906_1592068470861821_7873793626260635648_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=100&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=JLN9e2fOpzYAX_8XNSY&_nc_ht=scontent-frx5-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8Z1wCu9s5UpxaL-49RU0JNFniHOPDEnzUqO-zyPAWXbg&oe=62E8060F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9ba4bc0d8c159a76090af1818774d152c0a73e2d9bb41154e24ee28951afacbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 852623824
date: Mon, 04 Jul 2022 13:58:55 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 09 Apr 2018 15:17:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2422737547
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2189155619
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1571

GET
H2 200 73233880_2376560199250539_3395912739799957504_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/ Frame 21E7 4 KB
4 KB 68ms
29ms Image
image/png 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/73233880_2376560199250539_3395912739799957504_n.png?stp=cp0_dst-png_p48x48&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=WXH38uqxKyYAX--3CK8&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9-Qu55VIuPlsYP4Zd0EaOK-J9OUuZAJ7K-Djx5AJXwxA&oe=62E75A62
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: faddc27bd45c8f200c7b0b21ad99fe5e33c3f1bfd14e7b257a6bbb3d7c38548c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 294562157
date: Mon, 04 Jul 2022 13:58:55 GMT
x-fb-trip-id: 1709462857
last-modified: Sun, 13 Oct 2019 13:54:28 GMT
x-content-cdn-origin-ts: 1656943135180
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=2674273333
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: sg3hQu7griiKyiWHMqJKxKwBpZWM76n6MIyLrstZxP-b0PCM9_k8FJcwx0VFvN-976jovJ2-rgzEgpnLYVu7sQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2040552241
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 3663

GET
H2 200 13501980_1425262704156325_3292143360584521552_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/ Frame 21E7 1 KB
2 KB 35ms
9ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/13501980_1425262704156325_3292143360584521552_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=yqR4ASO_gEMAX8WbnQw&_nc_ht=scontent-frt3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT_ULTnq3dCiDnJ42fCkf0qO6fy3fkgu_dfhmabjHXntLA&oe=62E96078
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3af7c308de399c%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ff1fd77f6de2fddc%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=de_DE&numposts=5&sdk=joey&version=v2.8&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cb0662da6f0265b30565b0b5b9b6106d41970a8a9bd118dd0aeac2900695d280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 1316120461
date: Mon, 04 Jul 2022 13:58:55 GMT
x-fb-trip-id: 2050670934
last-modified: Sun, 03 Jul 2016 19:33:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1954864639
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2237777584
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1466

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1348873690144928&bg=!Q0ClQATNAAaLlKKnq5Q7ACkAdvg8WpqQ9K5DHvhsMdtZUcWqEF4F52yzc1R7ds3upJ4Z1W7gnbPM-wIAAABTUgAAAAFoAQcKAB2x8qXz-edhOEtdnA-Hk_Yzem6srN-f8Q09izScLpkCrdCMft3I5diIwVcD56rsr2ziz3JIt2QiYe5EJz1SZGsXezTjQ90QZbXt5hIUoIohFxQ4dKwpDCSQ6wVrsSjhyYmzST7lGjxaCF_gS0MoIUaZRSVSf_S8hT8mGVyPUL4t1sJEUJjNVAYAI5OZzzd3jIljc7b7zW_hnOGPyMKSqqtoTN6U2zMcijcFozSmp6OcXLNE9Zi6Lu1m_7TJAQ0i6eOHk1njIJoYk5JOLXVRQ8XloGTSx2Eitltu-c57kiZTCACSEio-FrkEaz5HbS_3c8vrskfp-UTDumrdCPB95G869fHD3xzcZnGc3GrNdD96J1g0yhM_F9Zl3zHAEmHuYuHcM6L662VUESEUyaNd2piENyu3vwelrYkqDQZcW3TVFTqk4ZUlkGNFX9EDIBxHGelpzLWOSN540Shzl-4dQFbzviU0eErzxuJbNBQ7byi1VOiJ9RhSWC3_XblrH4yfivBgxqRcm_k_qID40dsZW-ovqBmPjW8O_wS7wyCtYqC5cmWP1MJkRqdFd07FAVzVOkJuJ0PU3pUgR-un75pj3x-PpjxW-bW2hRwmggVJvyrxv8Jj_VoVgb8QVSwcjXXhm8BKttruXN6vi7_rnX_kzfLANr4EbSCDhxEbaSNALJvi8bQjYXXrvbxlXFGPQxcadp6GWolyqhg8Weyvg7e6tNu2QqqE71M3OhVSVuQztqIdD3yG78RydnhsHmMempishcQqr4-2VDhijhFQYgcBlEtOsnqf1n3v5hWfojc0sKFMH3DSV1IDG8ChsFCqvU7hSZ6lVuNYNyE3OFSWB6iAwYIFk3zaAIrjqoBdKmDXZTlQ5WzzbWVijNlzO9b44sVYbLpoBGY343SfgQxPXRyuL2zjhwICu0emfab_XIIvynW-kFD982imTU_SBg3fmiw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-6979376228164642&su=tv.ifindfast.com&eid=44759875%2C44759926%2C44759837%2C42531608&doc=complete&pg_h=2623&pg_w=1600&pg_hs=2623&c=4&aa_c=0&av_h=370&av_w=513.750&av_a=144712.500&s=30&all_s=30&b=596.609&all_b=596.609&d=0.564&all_d=0.564&ard=0.138&all_ard=0.138&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tv.ifindfast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 13:58:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sfp.js Show response
addresseepaper.com/ Frame 232D 48 KB
15 KB 207ms
196ms Script
application/javascript 2606:4700:3038::6815:eb02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://addresseepaper.com/sfp.js

Requested by

Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

473dfe26e5ad478a354a003498bcb7f683108aecef6b8facf6ed5dbf42caccec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:58:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 2b5c221ea1adc5bbd7a8e930bcb8b6fb
last-modified: Mon, 04 Jul 2022 13:58:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHlo61SfF3Xiidcj%2BFXKqPK4XjQTSctmiv5wKxbVYALm%2Ba%2B52xHJpVfJDBqqPPxzYUMdE%2FWGEiWhpiHVTmXiK8ZN0KLzcVDk75izvyPFIdk9W3VfO0As9A9Fk3tUntisXUF8wcVbBAnTw15LP7hRGJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 725860eb496f90ba-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
simplewebanalysis.com/ Frame 232D 40 B
200 B 8ms
7ms XHR
text/html 18.194.245.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://simplewebanalysis.com/stats
Requested by: Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.245.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-245-245.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 72d18078a38d486d7e4f75b95fcf1adab73a0ece0b49ab9708b4042c8af11bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://rkc.primetubsub.xyz
date: Mon, 04 Jul 2022 13:58:56 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
content-type: text/html; charset=UTF-8

GET
H3

200

/
www.google.com/ Frame 232D
Redirect Chain

https://assuranceapprobationblackbird.com/pxf.gif?uuid=ef5db9a4-ed7c-4d07-8734-dc23a79d6215&eb=9b47e89dfc65ad002c6d58a8b4df3d9d&te=6d283cd4b3a0ba79ea26d1afdf15d561&ua=Mozilla%2F5.0%20(Windows%20NT%...
https://google.com/
https://www.google.com/

0
0

85ms
85ms

Image
text/html

2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/
Protocol: H3
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rkc.primetubsub.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

bfcache-opt-in: unload
date: Mon, 04 Jul 2022 13:58:56 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://www.google.com/
cache-control: private, max-age=2592000
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
expires: Mon, 04 Jul 2022 13:58:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Domain: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0

Domain: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.15.0

Domain: landing.hentaiheroes.com
URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
toglooman.com/42	1970-01-20 13:01:19	Name: OAID Value: 048d0565c67b461bae7acfc4c3a3cf0b
toglooman.com/42	1970-01-20 13:01:19	Name: oaidts Value: 1656943131
tv.ifindfast.com/	1970-01-20 04:15:50	Name: XSRF-TOKEN Value: eyJpdiI6InRyTjBFR1NGRXk3Q0hocFNNeEVwckE9PSIsInZhbHVlIjoiQlN6MnQxQnBvbmdEb3J5YkFTeUFjYXA3Rm1UK2Q3T1Bqb1N2dXRrUW12cFBkWTRcL1lnRmRGeEV0K3Z0c1l0WE4wYjVSMHdlMk1VOHh1cmdQbTRBXC9oQT09IiwibWFjIjoiYTYzNmFjZGIzYzQxOGMxNjQ0ODY0Y2EwYzQyZmE5Y2UyOWQwNDFkNGM3MjU2MWRkZjc4M2FhYWI3ZTI4MDBlOSJ9
tv.ifindfast.com/	1970-01-20 04:15:50	Name: laravel_session Value: eyJpdiI6ImNFRlVBcFRLMGdFUjJzTDhRM1A1RXc9PSIsInZhbHVlIjoiNlhyUWdNS0pYblNqY29iZm1aNUxuQ0Q5S3hYYjVhbUpqVHZMbEJoR1dLYloycmVNbVwvZWptVGNjRVFCd0pWQ2VjTDV5MGNaeFBZcUU4c1wvUnlGdXpldz09IiwibWFjIjoiMmQ1MzE1MDQ4MGRhODQwNGVjOGY0YTI3NDI2NGI2MDRmYzUyNTNmYmExNjdkZWU5NGVlOGYxMDRmMGQ0ZTUzMCJ9
.branddnewcode1.me/	1970-01-20 04:58:55	Name: uuid Value: fa174e02-3d57-4a5a-afe3-e966c8fa4b43
.ifindfast.com/	1970-01-20 21:46:55	Name: _ga Value: GA1.2.647370816.1656943131
.ifindfast.com/	1970-01-20 04:17:09	Name: _gid Value: GA1.2.427241033.1656943131
.ifindfast.com/	1970-01-20 04:15:43	Name: _gat_gtag_UA_65085328_1 Value: 1
.ifindfast.com/	1970-01-20 13:37:19	Name: __gads Value: ID=b90ead022f70ab57-22c667a4c4cd00df:T=1656943131:RT=1656943131:S=ALNI_MbieIie37oX_Q2ybz0yljctPDrZ6A
thaudray.com/	1970-01-20 13:01:19	Name: OAID Value: ec0654dd85c74f61a42794816df9f9e5
thaudray.com/	1970-01-20 13:01:19	Name: oaidts Value: 1656943131
my.rtmark.net/	1970-01-20 13:01:19	Name: ID Value: ec0654dd85c74f61a42794816df9f9e5
toglooman.com/	1970-01-20 13:01:19	Name: scm Value: 1
toglooman.com/	1970-01-20 13:01:19	Name: oaidts Value: 1656943131
thaudray.com/	1970-01-20 04:25:47	Name: syncedCookie Value: true
simplewebanalysis.com/	1970-01-23 19:51:43	Name: uid_id2 Value: ef5db9a4-ed7c-4d07-8734-dc23a79d6215:2:1
.doubleclick.net/	1970-01-20 13:37:19	Name: IDE Value: AHWqTUnYaybCt1m0-0ns6tIYQae07ACjd01MBIHG9Qfgoh3fi7Y3SdmHtl98ge0dHTg
tm-offers.gamingadult.com/	1970-01-20 04:16:26	Name: HH-offer470 Value: 1
daddylive.eu/	1970-01-20 04:16:08	Name: a Value: n56EmJGxbgAdOoRaKtd33g4iDQ9CTFqi
toglooman.com/	1970-01-20 13:01:19	Name: OAID Value: ec0654dd85c74f61a42794816df9f9e5
.doubleclick.net/	1970-01-20 04:15:46	Name: DSID Value: NO_DATA
daddylive.eu/	1970-01-20 04:16:04	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYsLyHAFiwvIcgAGBAsAAIDxJX-5A36TwjAj1U_9GewAgvAOzDCdtlFda3a_ZryedwQBHMEUCIQDRVTHlbI-MU8-62v-00WuNfBnLFMx2rnChRSH-EkSQbQIgBIMEj5NFIYZAuwMO3HSskyE94E2_OdNYE918-2tHyYfCACAjkFq759HrIgYiHPB9TQLYvt5jS4LE6LUOZ8oIR0Fks8QAECABCsgAIAJyAAAAAAAAAC7FABAM-ZMKe7S_CXjUXVVC_4iZwwBIMEYCIQDE0QSCXCNzIbDVwX3hGXnnzFyvqQB8evFsKKQUQfbiMAIhAJWeXgve_7D1_lCeCNbMFMwTCct4iup6szgJ3oxcEUBd
tagm.tchibo.de/	1970-01-20 06:25:19	Name: tchibo_et_gk Value: a8906c29857c4a5587e81b5a2d0ca3d6%7c02.09.2022+13%3a58%3a52
tagm.tchibo.de/	1970-01-20 08:34:55	Name: tchibo_et_uk Value: 228d568d5b134749a8f0697354bb5d10%7c
tagm.tchibo.de/	1969-12-31 23:59:59	Name: session_session Value: 2100147d436140fea488f5aa

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://dozubatan.com/400/4938067 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://onvictinitor.com/apu.php?zoneid=4938033 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://tzegilo.com/stattag.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://tzegilo.com/stattag.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://c.adsco.re/(Line 55) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://c.adsco.re/(Line 55) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://spellingreasoningexamine.com/8f/0c/d2/8f0cd2e68e97bc49d78b7e937003b6a1.json Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=(Line 128) Message: Mixed Content: The page at 'https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5' was loaded over HTTPS, but requested an insecure image 'http://landing.hentaiheroes.com/wp-content/uploads/2019/02/ShinjukuBG_Mob.jpg'. This content should also be served over HTTPS.
javascript	error	URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8= Message: Access to font at 'https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8= Message: Access to font at 'https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.15.0' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.15.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHc4dbf42509cfe7d1ad82c0be9e0f9b28&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8= Message: Access to font at 'https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://landing.hentaiheroes.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.15.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
ad.doubleclick.net
addresseepaper.com
adsco.re
adservice.google.com
adservice.google.de
ajax.googleapis.com
assuranceapprobationblackbird.com
branddnewcode1.me
c.adsco.re
code.jquery.com
connect.facebook.net
daddylive.click
daddylive.eu
datatechonert.com
dozubatan.com
excellernod.xyz
fonts.googleapis.com
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
houbekuwucoo.com
landing.hentaiheroes.com
maxcdn.bootstrapcdn.com
mojk11m6kfcp.l4.adsco.re
mojk11m6kfcp.n4.adsco.re
mojk11m6kfcp.s4.adsco.re
my.rtmark.net
onvictinitor.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.licenses4.me
rkc.primetubsub.xyz
s0.2mdn.net
s10.histats.com
s4.histats.com
scontent-ams4-1.xx.fbcdn.net
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
simplewebanalysis.com
spellingreasoningexamine.com
ssl.google-analytics.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tagm.tchibo.de
thaudray.com
tm-offers.gamingadult.com
toglooman.com
tpc.googlesyndication.com
tv.ifindfast.com
tzegilo.com
uptimecdn.com
vcdnads.ru.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.xadsmart.com
xadsmart.com
youradexchange.com
4.adsco.re
6.adsco.re
landing.hentaiheroes.com
104.153.197.251
13.224.189.66
139.45.195.8
139.45.197.237
139.45.197.238
139.45.197.239
142.250.181.230
142.250.185.194
144.217.67.42
162.252.214.5
18.194.245.245
185.177.94.89
185.200.116.90
185.200.118.90
192.243.61.225
192.243.61.227
192.99.0.58
2001:41d0:203:2511::3
2001:4de0:ac18::1:a:3a
213.202.235.8
2606:4700:3030::6815:3e61
2606:4700:3031::6815:159a
2606:4700:3031::6815:3361
2606:4700:3032::ac43:906f
2606:4700:3034::ac43:cdf0
2606:4700:3038::6815:ea4c
2606:4700:3038::6815:eb02
2606:4700::6811:a6ba
2606:4700::6812:acf
2606:4700:e6::ac40:cc22
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9b
2a00:1450:400e:800::200a
2a02:6ea0:c700::10
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::3
31.172.80.234
35.190.41.116
37.48.68.71
38.132.109.186
46.105.201.240
01d8a0aee986e6d400187aa8b9cf73817b75bcab1c221057d1f60dee3d7f47fb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
051a58a8adcdd3760185cc295626f5aba285002c1ccee541c29d3ec93032384c
05f4993afb2524fa3b89b0bd5ccac106c4f5cd6528e62e9ca77a3ff00c127507
070308ea32fb93565f063924c8c89e1b693f55b45e3c4c6dc1f7f111c2e8237b
0c295ae7181fd4c1a58fd04aee758c3b0fbb8626b69f200423b963907546b6d1
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4
122544c09e45fad987f50b4471fcc2d2f0e16681fb2c1310e7de095cde38c3f6
1258003d80f59713ae6ea157f86f77f8cf36664130dc706f4b455689410fe73b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
15de14d7d813d1d3ebd6cbc95aa65a4234f76cfe649bf06ebd46e06a2fba9f63
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1807ba2df66eb3c363042d9ff69dbe7b441533c1b27239dd4972fe21eb326e5b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184706c05b668b178b427bdc28fbb32f774c0023c996cf401a5bbc79c8e9caec
18c273dbd544a2e871e8b0d53147a6cafe847912b1f4344b1d73ee9d055fe37e
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
264f8589037fec6ff581b45d83154d1fa82a06d11fbb23d16fa86e91d88efd53
26968435703f42f548195e31049e1f621c267346a0295be2bafa457b5904ace9
28eb4f183218e11c46c6ce032c76881efe4c20e36a1bbd3b567211d5a8bdedd4
2961bb57dcfff925f2e03ad6ad741a457b5f5482bd5b5c221cc20d5d1bfb4268
29626e5f99ebf4d20633eeab94a6a689636e06e9cc4a2260e84443627955d4a6
29a51e93bdcb28e9e5fdb09e3bb8c1ff7ed4cb11a202329521a15dade226be05
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
300ccb368c39caab0fd98031570ecb126fd2f74cebd1ce7f2bb979fe76e6d17f
30a10b07816b425dd1c4457e3e9b92d01b6497aff21fb699782437ae629ab162
31e275f06538883fd5ed7f653f2c2400cbdeecfb8012baa8a4e97ca222462cad
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774
3745a53e54fda7baa37e2a5f9a6492f1d9a425a5f5ba326737e4da471aa74a21
38beba8deebd2a8d990f795130b970c669c5024b25c4773efbe8431aaae91ec4
3b7b161d39bb0c658b1baa6c328d6a1813ae5f6b7ca5f4e96715b77d21fd3efd
3cf8b7162673959132927322a9958321c8a76e0a65baef32577ca3c6054772cd
3df9a61c6a3d47c9828142633f4e4ea011610c2d06881571a99a22d6b82952f1
3e8ce2e8d7020bc64018f090913f948b3f12f5f1877d4215d759c550043901c8
3faf97587e8696e87cee4109534f3ca4f34fc6d6dbff733df4ce12eb11da5e9f
3ffba6fd79829508ea3f2c59b343943b2bca31850c5f27ba3b1307cd7e1350ba
403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000
473dfe26e5ad478a354a003498bcb7f683108aecef6b8facf6ed5dbf42caccec
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
4a6dbbc267f2ddec9271d72eb89d7c4f6e88288dd54cba58a46e0ace58f68deb
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4d437bd66ca636c4dab60793ea6e6d7568e690d328ac05c298f4c4656bb01859
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50d7c75e56650fe19ab4c2c193bb14f99785c7d2dafe43316f9283b773e8fb8e
523299c1166ab515ae4f114c6903860557bcd93dae6a8d76c7f8e4a9d84a7a24
5233ab43396187e5554419a81eaa9e09181c58ed44d2ccbc0ad2081e6ac897bb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53dfd4f09adb92e0a4d1344b4ab24f29ee24f33cd3e929bac57444eef5f6d1dc
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55768d95f576cfd4534b202e78ec8e455fc0ce0a550aa16c974491d0f8f79940
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5659449734950307b29747dbfbf5e6321dfb97281f6866289e2096d93618b526
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57813f921f6dc8d3243cc03a391dcb2537ad8e526c5c1b4698d5672fd37404d8
57db07c04e86feddc99e94313f0738af62045563affc7ea6f094568fa86ffd92
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
58baa65a42c26461673d916f55edbb801de83e2d10f02f13e8ca2ef098aa2a25
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b1f1ec7641e3ee6d7dbb3f0fc3f1b33be11e6480a05810cb0e5afdea21be49c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624171f60254ebfc2225434f968861e2cabb83fbe73f84d7ae7f974438b96048
6425d5675af34596e013c25096c085108f5d5d77bed45bcf2c14d97087d7c2ea
6572622012c7c8ec932f0f766a9d9645f240e9b6e42377a7f791108b3959609e
676d7f390cec34e64efea474c42fb143cde01d1e6acfbc5bc88f753fc85362a5
67836110ff3f431af5501d7fc628b5d64a9867b0abb5cd15a75d4db505aab7d8
6dee9e420e660b079aaf0c3100be7e9e168088acf27a0598f15f3cfc1cf4062c
6e74c085ab5474861b63592f5e6155cad2d123d75fc74fc7ff8d520d49ebe1a0
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7018271911a30563a9b380ce5605efd408e2c0f4b775fb6ebc56c8af23848cf1
72d18078a38d486d7e4f75b95fcf1adab73a0ece0b49ab9708b4042c8af11bb1
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7811befbe4e72185d6732a41a5a8771c92de591f43368c1e8eec848eaa376365
79393c200901f3746631226a8b66e98e72411b928e643e1f6708e17a6d097056
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e456efb6d9344bd2963f779e88d6369351c73224c02247bef7512cc2a3eb08c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
7ff2b41b3d1d6abec3ec8dcb7548723c8494b0b285956d8667f7fd1ae9b965dc
806e40b46e4f028d397a985e1f2fc54505f416a670106c2c7c1ec17beb739ce1
808a4a07faab1cfc538cab033d0f8ae15cee15912dc49f21fc11a13ded056947
80ab6f1b9fc7bd8c05656d179cbb35c8d9a4dc0c5a4121e3ed6b527b7b63eb6b
82732c70a47094531308ac098d61f5d93ca9384b3a1a28d11ce841eebb0dbb6b
82e3824cab4bb9498ee86d9fab1e93f8eb8a5e6541654571f3016a5c20df4d12
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cdd52754359df68e8c0ba61584d79b387b34f6ee223303f96b71e7a1d888a1
865e03c14520affa816b36c9221a81c9c4d64f6b055320b9704a2d671e025d0b
866d4e109d45cc75283a55da524d647bfb8065a7f30ec23759aef9af3b535c71
874c4bdc201a59e602432811b04905b94224486a4b082cc608f6f6a820a0bd4c
877c6a8db0a35cdaaaacfe76fb7743297ef1a2c41877d2756114e9e17316f6f6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b482977d6a217a7d33311cbd7178e4bf64a43b0e9201c66b916ee4344ff8933
8c868accc358ae4a37418d5f9bba1497534de8d86f2be11242db46dc6042fbcd
8d182d0d0d81123c896f23afc91e0c3af0866b6032565211de9e3dbe18761ba4
92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1
942966188f9f7481a6ea802543df9d28c5dcd4cb93881340aadead3d1a88cd0c
94728b3a94f288051f4014eb55a30923f3a601c714272257c1970b8ac0105e44
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
99a253a69ffb1139d83f5d5ad502120a67b1ed68082d0c9f86bc5a0d29747d4d
9ba4bc0d8c159a76090af1818774d152c0a73e2d9bb41154e24ee28951afacbe
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9e426b06ebb2fe02a8f495c8d6e2b5aea53f3446cac8aa0fd2cc0bebe366676a
9ef3a6c36bc741e3a84d412e95fa513bd140d5ae0ba34b996dea51c3bf362f61
9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3
9f868167dadde7a0b3914cac9bfb32e93e7ca924bf31669822db66e27f0356c8
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a0ae86685d6487a6518b1691f8f24697e599b6c43f64a76ef3d58427c8df7072
a16f2892563f5fd497af832e8b27876bc93e5be9d435abd410bba28cde376132
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d57439b7cbb156c806a42b54429bac881c3f9f34c717e5085862b0fa56c972
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c
a2cebfe3738dbd10570bcfea24eb240323f7f03312fce23f999ecbc9fb3cc6cb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61d99915f5d27e8161ff2640c89b47f9e7cb368443783a4636b62b91741548f
a726c7d268c461ef460f720e97e86a4f61e233900e236fc8dfa8639c3ade84cf
a7faadd483773a3efca0f1cfe737cd46ca666ab995e2639f7b27fec9acf6023b
a8eb0a0b7cb7f5a2c06f9edc03c06c9891363db33f1ec8661d362b440b946fa1
aa00fbe7d08b8497e093308576b833d82b6453fccc243af014023414ee167746
aafd90762cf0baccd5affc19ea69914ca3ad8d208f1c6a6e64830e4b4ab9ee2b
adfcaa2b70712351123edc5a9214111e2097c212a935b65d73bae93f55eacd7a
afd22bcafdd4f86131ae624f3c1af6cafe399bd1714eb20b1dd67d09a236c748
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b03ef2f92d21e770f8e42753983408da67a9be624c0cd33d27cc9194d43631e1
b0d3ca2990b5035185009a899c2b26213e46ed432bef5f76ccc95e62e22bf9a5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22b9bdb648ebc267d6aafbf35829ee45a812397de97a6f0c77c914d775f5023
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b23fc3e24a4f8ca9e480761f1bdde949020ef4d1beaa18f475b0613dcce6329e
b2a41676c1d9924d36e10c6efb453198c18b97f97ad832c3df09f4758fc0f36a
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
bbea7cfab9600d8e9877854a463e938dfb144d453f95ab0fac06b19c424983b5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1546cf6804f6502b3111d49f5d3d345dca7ac2c2dbfd023c3b60fdf0a2a034a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5508da9f608322f51f362bf602b103b157c1da12556b7a35b0fd3ae87ada308
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c91722fdcccbbbeabdcbd7963b8f83aae97be648b57a24d07cdec5ea4b0f57b5
ca1ba1eb75f3f1a79f18deeb9961400705d3c8d3578d7954b3b01e1d1c1dad50
cb0662da6f0265b30565b0b5b9b6106d41970a8a9bd118dd0aeac2900695d280
cd17f01961d141b2d7b0bac4d4fe797860e06da06d9d586fb9ae383d216eaee0
cf2e7a901d9ef837fd5621416baa9ecfb4e29127ef8cd3595fd7f476666e29c9
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d0c6a55fbd3e75031909f5cb7bb05b561313edae55c5657e5435c8a9623adcb5
d1720308715a666e0101dc0c35b623b0cb770be5ddfebf5846d3b3050c10b48a
d3a494f6ed2a539d510cb4eb22a577c9dfa857978d10181bef128cd77c96ac8c
d40d38a967a5b28fb5694bc58d6137b6a05755c8e278474cb65538cb15d7f966
d43f7893898155240ded8a92ba94f8318c4b0485f08235e0f9e25b5ceb500f32
d4d360a7f3a5de290090bd365ba8417a5c80f37789fb9c59bc3934c709d23a7a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d699ff1bf3af353f1126d2943d0519a064ced8fefde32d356727a89e35e2f784
d763ddbbd7eb1cd50641cd21c74229b114ddb4dfcad9124f5c6f4d66b5ad76ec
d790296508e80df5d7aef531e2dec0a85f52eedd59c5d351d8335b177a50e737
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d863e5cbdb8ca9be0b1942adf1b5cafa458e401554f5f318f87b55b74eb9860d
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8aa6e55196f83b24a1d0bf5bba339d7a2de44ddbbb737646ac8c7c0b3d1b3bc
da00f449f85b42e3107383cb93a9ceda490776d21d85c8ce765964727a83958d
da8c1f01d54faba43a84d2a4515abf9295a79e60cc408f0e6550870d2717a3c2
daf89a0354c623167b30a7f2320cd6d8cf848a8ed11987d5a498d4d44c120673
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8c5734d7a3ac147bb7ac2a8b8b4f058b8504af439d6f5ed67c132cf8f847a6
df0d1fa694a2eb85a40a076494e13b5c6ccb1ea9c5f67eb08e947c5275218255
e06c9663c81219e7e5f06ca2514f972f6bf5d22d92a75ff1ff45ffdeec639dca
e3310a29d294596719ee9e305bb9988eb7ae6b4cba5ed59732e6775d82df62c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
e9f06952867c10dccc0df42a8df94fc57321956ad9df1c279f375a76eac46782
ea16b5bf3bb9e7cd1f37dedcb3dd42992c6146d7ffecbf2ff01ee26c211b6d2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d3bbffb375eb33fd80a0290b9ca86c1969a0aa541b0ac25f2be83e9b7b27cc
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f4f09dea12f5d1524e13a0a00e7f22c8f2d7cb19bf705e7ba4e98ae4c1efc54d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81cf47223d61d871657ae1e73ab17bc49a8805db8196e44f54d39d203279785
f89fe265e1908ab67e24df43cba9793e1a30d40f395c0f5cd8df752dfd7bc52e
f8e5d979726676c0f15ca0a3c451b6b04cc082b4b8c1bda842cbb0a461894223
f90525e71e464c5e8cc69a9c94f9ddfb28d14cb44fbebd500b7e300fc379fba4
f90e73f11dd3a33e7b1505cf6094bea93aee39bebcaae59cf4b288f1c1531945
faddc27bd45c8f200c7b0b21ad99fe5e33c3f1bfd14e7b257a6bbb3d7c38548c
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff8d031e894322b1708346eea1b94a8df8f0f0a3adbe2b4cbe490e37f3d4dc31
ffec59eccbd2e41d6738f54aea2d098a17d424b0bd8c3af3ed1c37d2916f0f2a

tv.ifindfast.com Open in urlscan Pro 31.172.80.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

297 Requests

96 %HTTPS

62 %IPv6

44 Domains

66 Subdomains

56 IPs

9 Countries

7854 kBTransfer

15344 kBSize

25 Cookies

13 Outgoing links

Redirected requests

297 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tv.ifindfast.com Open in urlscan Pro
31.172.80.234 Public Scan

Screenshot
Live screenshot

Full Image

297
Requests

96 %
HTTPS

62 %
IPv6

44
Domains

66
Subdomains

56
IPs

9
Countries

7854 kB
Transfer

15344 kB
Size

25
Cookies

297 HTTP transactions
6 data transactions