fa.efek.stream Open in urlscan Pro
159.100.30.174  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request NTWitO2aziMCxkD Show response fa.efek.stream/v/	4 KB 1 KB	95ms 33ms	Document text/html	159.100.30.174 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.100.30.174 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 59d10b8945e287b38fd577e8e5b88f45acd1011d4a453ed703400f44c99caa50 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 06 Jun 2023 07:29:10 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	style.css fa.efek.stream/jw/	2 KB 908 B	26ms 25ms	Stylesheet text/css	159.100.30.174 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://fa.efek.stream/jw/style.css Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.100.30.174 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 308f4a4f64efc2316ce322dafb69969b885510d81ede98857afa6c9f51befb3a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Mon, 26 Jul 2021 13:41:08 GMT server nginx etag W/"60febb74-620" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 06 Jun 2023 19:29:10 GMT
GET H2	200	juicycodes.js Show response fa.efek.stream/jw/	3 KB 2 KB	26ms 25ms	Script application/javascript	159.100.30.174 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://fa.efek.stream/jw/juicycodes.js Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.100.30.174 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash cdebe228ef80544349377a2c980924203795a498738ca50431ddaf8fe56d2f68 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Mon, 26 Jul 2021 13:41:15 GMT server nginx etag W/"60febb7b-c59" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 06 Jun 2023 19:29:10 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	154ms 32ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700 Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f9136ad24f8c7fa07243aece00e594d28edaef3deec731cb3e7467371d9b44fe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 06 Jun 2023 07:29:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 06 Jun 2023 07:18:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Jun 2023 07:29:10 GMT
GET H2	200	d.js Show response fa.efek.stream/jw/	256 B 469 B	26ms 26ms	Script application/javascript	159.100.30.174 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://fa.efek.stream/jw/d.js?v=123 Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.100.30.174 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 75c538f5bb2c9a4e442e8e924a4b62bd5494f8d63e08ed9633418061e7a7dbd4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 Dec 2021 08:41:14 GMT server nginx etag "61bafbaa-100" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 256 expires Tue, 06 Jun 2023 19:29:10 GMT
GET H2	200	loading2.gif fa.efek.stream/jw/	80 KB 80 KB	44ms 43ms	Image image/gif	159.100.30.174 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://fa.efek.stream/jw/loading2.gif Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.100.30.174 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash c3b3bcb5175be50def6b951d967399e34ee8699234d835d083ccdbc906b357ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT strict-transport-security max-age=31536000 last-modified Mon, 26 Jul 2021 14:15:54 GMT server nginx etag "60fec39a-13f80" content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 81792 expires Thu, 06 Jul 2023 07:29:10 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 63 KB	111ms 58ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-172750999-1 Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 54dba9f73a4535e98d74d37e611f6c0552d23c85686a0b827674e189974054a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 64349 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 06 Jun 2023 07:29:10 GMT
GET H/1.1	200 OK	42525 Show response ig.fishedtopple.com/rPBSuXvXmUCr/	0 2 KB	404ms 29ms	Script application/javascript	23.109.82.219 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ig.fishedtopple.com/rPBSuXvXmUCr/42525 Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 23.109.82.219 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Tue, 06 Jun 2023 07:29:10 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=1 Transfer-Encoding chunked Connection keep-alive Server nginx Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Access-Control-Max-Age 600 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://fa.efek.stream Vary Accept-Encoding Access-Control-Allow-Credentials true Keep-Alive timeout=20 Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
GET H2	200	js Show response www.googletagmanager.com/gtag/	119 KB 47 KB	81ms 31ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-102652514-1 Requested by Host: fa.efek.stream URL: https://fa.efek.stream/v/NTWitO2aziMCxkD?down=load Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d0306490b62118a6ca7025f94701a8cbafe4e62681749d738e8308e3a0874a27 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47389 x-xss-protection 0 last-modified Tue, 06 Jun 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 06 Jun 2023 07:29:10 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	74ms 25ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fa.efek.stream accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 23:02:35 GMT x-content-type-options nosniff age 203195 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 23:02:35 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	70ms 20ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fa.efek.stream accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 17:12:56 GMT x-content-type-options nosniff age 396974 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 May 2024 17:12:56 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	82ms 20ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-102652514-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 06 Jun 2023 06:35:27 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 3223 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Tue, 06 Jun 2023 08:35:27 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	205 KB 73 KB	36ms 33ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2594K7N2V9&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-172750999-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1224c1660a7ffa9393f0c6e5b0d7e55c8157c1fada8465c8cd934b7605b340ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 06 Jun 2023 07:29:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 75092 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 06 Jun 2023 07:29:10 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 244 B	88ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-2594K7N2V9&gtm=45je35v0&_p=2061365783&cid=993216448.1686036551&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686036550&sct=1&seg=0&dl=https%3A%2F%2Ffa.efek.stream%2Fv%2FNTWitO2aziMCxkD%3Fdown%3Dload&dt=Filmapik%20Player&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2594K7N2V9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fa.efek.stream/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Tue, 06 Jun 2023 07:29:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fa.efek.stream cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 205 B	29ms 28ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2061365783&t=pageview&_s=1&dl=https%3A%2F%2Ffa.efek.stream%2Fv%2FNTWitO2aziMCxkD%3Fdown%3Dload&ul=en-us&de=UTF-8&dt=Filmapik%20Player&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1826924403&gjid=1523202867&cid=993216448.1686036551&tid=UA-102652514-1&_gid=599341683.1686036551&_r=1&gtm=457e35v0&jsscut=1&z=1292267111 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fa.efek.stream/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 06 Jun 2023 07:29:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fa.efek.stream cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| _0x7487 object| JuicyCodes number| tid function| ButtonClicked boolean| FirstLoading function| RestoreSubmitButton function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fa.efek.stream/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2vaj9h337v1jlg3gkciu67gpuk
			.efek.stream/	1970-01-20 21:56:36	Name: _ga_2594K7N2V9 Value: GS1.1.1686036550.1.0.1686036550.0.0.0
			.efek.stream/	1970-01-20 21:56:36	Name: _ga Value: GA1.2.993216448.1686036551
			.efek.stream/	1970-01-20 12:22:02	Name: _gid Value: GA1.2.599341683.1686036551
			.efek.stream/	1970-01-20 12:20:36	Name: _gat_gtag_UA_102652514_1 Value: 1
			ig.fishedtopple.com/	1970-01-20 12:22:02	Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEuI0qPQTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iL3imTgqmpKCj4q%2FHjtGB04kfzqoTfd%2BfBO70MnguJvIZdsvMnR%2F8mmE%2FkiGn5SCtogpPwfprrsZuJkMuHDeqQj4HY6pQCme3hVyTIjN8JhTvF2dD5jP%2FtA4pY31gbQLHLRK7NGl9j%2FJDGxWG9R4Ja%2Bu6iPBwm7g%2FWzcPWhUx8tFxRYjfsJPc02jdN0pFy9XbG2AnNfz7v7%2FpxloUilYtw7n1F3I%2FG8hPPw%3D%3D
			ig.fishedtopple.com/	1970-01-20 12:22:02	Name: GL_GI10 Value: eJw9i0FrwkAUhJONrKY2kQF%2FQP9AAwmCvRYVDz17XmJ8hqXkvWWzrV1%2FfasFD8MMM%2FMlSaKWJZR1KJt6XdX1qmrqtz8h60mgtjs8d%2FLFwUfD7UCY7skPLUdoT70VLjD%2FD6aTE%2BFpu3s98CfLhR%2FDjSsw6WyIBfKb3b%2FlDJkdHfIPihc6vrzvkTMFMzqiE%2FKNeCe%2BDYTy0d45nWFmR%2BO8%2FESdYhHsQFdhMnI%2BjxS0Qvqt1S%2FNlD%2F%2F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fa.efek.stream
fonts.googleapis.com
fonts.gstatic.com
ig.fishedtopple.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
159.100.30.174
2001:4860:4802:32::36
23.109.82.219
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2008
1224c1660a7ffa9393f0c6e5b0d7e55c8157c1fada8465c8cd934b7605b340ba
308f4a4f64efc2316ce322dafb69969b885510d81ede98857afa6c9f51befb3a
54dba9f73a4535e98d74d37e611f6c0552d23c85686a0b827674e189974054a3
59d10b8945e287b38fd577e8e5b88f45acd1011d4a453ed703400f44c99caa50
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
75c538f5bb2c9a4e442e8e924a4b62bd5494f8d63e08ed9633418061e7a7dbd4
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c3b3bcb5175be50def6b951d967399e34ee8699234d835d083ccdbc906b357ea
cdebe228ef80544349377a2c980924203795a498738ca50431ddaf8fe56d2f68
d0306490b62118a6ca7025f94701a8cbafe4e62681749d738e8308e3a0874a27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f9136ad24f8c7fa07243aece00e594d28edaef3deec731cb3e7467371d9b44fe