urlscan.io logo urlscan.io
SecurityTrails logo

moviesjoy.to Open in urlscan Pro
104.31.16.5  Public Scan

Go To Rescan Add Verdict Report
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Submission Tags: falconsandbox
Submission: On August 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 9 countries across 40 domains to perform 189 HTTP transactions. The main IP is 104.31.16.5, located in United States and belongs to CLOUDFLARENET, US. The main domain is moviesjoy.to. The Cisco Umbrella rank of the primary domain is 168488.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2022. Valid for: a year.
This is the only time moviesjoy.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 104.31.16.5 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.255.6.135 7979 (SERVERS-COM)
1 2a04:4e42::485 54113 (FASTLY)
9 23.47.212.127 16625 (AKAMAI-AS)
1 104.18.70.113 13335 (CLOUDFLAR...)
1 172.255.6.155 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 23.47.209.169 16625 (AKAMAI-AS)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 151.101.64.84 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
24 2606:4700:303... 13335 (CLOUDFLAR...)
8 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.226 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 19 172.217.23.98 15169 (GOOGLE)
3 5 104.18.18.126 13335 (CLOUDFLAR...)
2 3 37.252.172.250 29990 (ASN-APPNEX)
2 35.244.159.8 15169 (GOOGLE)
3 23.47.209.72 16625 (AKAMAI-AS)
1 1 151.101.194.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.157.4.24 198622 (ADFORM)
2 2 3.126.56.137 16509 (AMAZON-02)
1 1 169.50.137.182 36351 (SOFTLAYER)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 51.75.86.98 16276 (OVH)
189 36
29    104.31.16.5 (United States)

ASN13335 (CLOUDFLARENET, US)
moviesjoy.to
img.moviesjoy.to
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700:3031::ac43:8c6f (United States)

ASN13335 (CLOUDFLARENET, US)
bigcache.ml
1    172.255.6.135 (Netherlands)

ASN7979 (SERVERS-COM, US)
pz.unkemptscance.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    23.47.212.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-127.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    172.255.6.155 (Netherlands)

ASN7979 (SERVERS-COM, US)
ckwlurries.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3037::6815:2920 (United States)

ASN13335 (CLOUDFLARENET, US)
adtrue.fun
1    2606:4700:3030::6815:3197 (United States)

ASN13335 (CLOUDFLARENET, US)
megacdn.top
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    23.47.209.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-169.deploy.static.akamaitechnologies.com
z.moatads.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
awscloudfront.ml
2    151.101.64.84 (United States)

ASN54113 (FASTLY, US)
widgets.pinterest.com
2    2606:4700:3034::6815:838 (United States)

ASN13335 (CLOUDFLARENET, US)
livrosdereceita.ml
24    2606:4700:3030::6815:2816 (United States)

ASN13335 (CLOUDFLARENET, US)
livrosdereceita.com
8    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
12    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
8    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
19    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
cm.g.doubleclick.net
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com
sync.teads.tv
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2a05:d018:d29:3602:68f1:8fce:a96f:e71c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    85.114.159.118 (Rottweil, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
Apex Domain
Subdomains		 Transfer
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
271 KB
29 moviesjoy.to
moviesjoy.to — Cisco Umbrella Rank: 168488
img.moviesjoy.to — Cisco Umbrella Rank: 573446
539 KB
24 livrosdereceita.com
livrosdereceita.com — Cisco Umbrella Rank: 604841
322 KB
22 googlesyndication.com
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
126 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
429 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
203 KB
8 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1505
m.addthis.com — Cisco Umbrella Rank: 1429
api-public.addthis.com — Cisco Umbrella Rank: 4330
218 KB
8 bigcache.ml
bigcache.ml — Cisco Umbrella Rank: 397426
81 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
40 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 98
23 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
164 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
2 KB
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 921
516 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
3 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
30 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4891
647 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 603
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 396
418 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187 Failed
86 KB
2 livrosdereceita.ml
livrosdereceita.ml — Cisco Umbrella Rank: 862588
5 KB
2 pinterest.com
widgets.pinterest.com — Cisco Umbrella Rank: 7186
501 B
2 awscloudfront.ml
awscloudfront.ml
5 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1980
ekr.zdassets.com — Cisco Umbrella Rank: 2301
8 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
335 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
457 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1669
584 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
709 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13065
555 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
540 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
792 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1674
875 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 442
1 KB
1 megacdn.top
megacdn.top — Cisco Umbrella Rank: 278151
271 KB
1 adtrue.fun
adtrue.fun — Cisco Umbrella Rank: 289034
598 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 ckwlurries.com
ckwlurries.com — Cisco Umbrella Rank: 560044
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
1 KB
1 unkemptscance.com
pz.unkemptscance.com
1 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
189 40
Domain Requested by
24 livrosdereceita.com moviesjoy.to
livrosdereceita.com
19 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
livrosdereceita.com
18 img.moviesjoy.to moviesjoy.to
12 pagead2.googlesyndication.com moviesjoy.to
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
tpc.googlesyndication.com
livrosdereceita.com
11 moviesjoy.to moviesjoy.to
cdnjs.cloudflare.com
10 cdnjs.cloudflare.com moviesjoy.to
cdnjs.cloudflare.com
8 tpc.googlesyndication.com moviesjoy.to
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 bigcache.ml moviesjoy.to
bigcache.ml
6 securepubads.g.doubleclick.net livrosdereceita.com
securepubads.g.doubleclick.net
moviesjoy.to
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
livrosdereceita.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net moviesjoy.to
4 www.gstatic.com www.google.com
www.gstatic.com
4 s7.addthis.com moviesjoy.to
s7.addthis.com
4 www.googletagmanager.com moviesjoy.to
www.googletagmanager.com
livrosdereceita.com
4 www.google.com moviesjoy.to
www.gstatic.com
www.google.com
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
3 sync.teads.tv googleads.g.doubleclick.net
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 s0.2mdn.net db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
3 api-public.addthis.com s7.addthis.com
2 d5p.de17a.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 c1.adform.net 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 googleads.g.doubleclick.net moviesjoy.to
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
2 db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com securepubads.g.doubleclick.net
moviesjoy.to
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
2 livrosdereceita.ml moviesjoy.to
livrosdereceita.ml
2 widgets.pinterest.com s7.addthis.com
2 awscloudfront.ml moviesjoy.to
awscloudfront.ml
1 onetag-sys.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 ekr.zdassets.com static.zdassets.com
1 megacdn.top bigcache.ml
1 adtrue.fun bigcache.ml
1 fonts.googleapis.com moviesjoy.to
1 ckwlurries.com moviesjoy.to
1 static.zdassets.com moviesjoy.to
1 cdn.jsdelivr.net moviesjoy.to
1 pz.unkemptscance.com moviesjoy.to
0 google2waycm.netmng.com Failed db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
189 53

This site contains links to these domains. Also see Links.

Domain
moviesjoy.plus
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-11 -
2023-07-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
pz.unkemptscance.com
R3		 2022-07-08 -
2022-10-06		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-08 -
2022-12-15		 6 months crt.sh
ckwlurries.com
R3		 2022-07-17 -
2022-10-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.megacdn.top
E1		 2022-08-10 -
2022-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-08		 a year crt.sh
*.livrosdereceita.ml
E1		 2022-06-30 -
2022-09-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Frame ID: 68FAECCB24C1A5BEFF9BCE078FE06E39
Requests: 74 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Frame ID: F8CCB7C4E8396047A5CA40D7BB7A193D
Requests: 7 HTTP requests in this frame

Frame: https://bigcache.ml/
Frame ID: F06E7355D4411D955DAC07064FAF9167
Requests: 5 HTTP requests in this frame

Frame: https://awscloudfront.ml/
Frame ID: 4CB1DEB78D49A5C42BF5733C25731B9F
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 38A408EE7F2A531081BBE76C115A1036
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F3943C3FEC05B8F37D34A9AE688160CD
Requests: 1 HTTP requests in this frame

Frame: blob://https://moviesjoy.to/a5968ed5-ac89-4aae-9940-472c9ad4431b
Frame ID: 0A12BD7A43E1DE703E91B52B8F3FCBBF
Requests: 1 HTTP requests in this frame

Frame: https://livrosdereceita.ml/
Frame ID: C1F0287AF8D0A9D0576E6415B9618B95
Requests: 2 HTTP requests in this frame

Frame: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Frame ID: CC140AA9F69712656B2B9F63CFAB4A3C
Requests: 35 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFLop7r2gpMjF5YYZOViT-AEhA0Z-HvmH4bbj-yRay3ihns5EFert5xDgI1XscurLxaWfNwcV9YauwzTYpF-17cJF-3knU5J-Pe0JHSGnumg4SBzR9ajmjVraA0SeKw6C5lsA5w8jKENXxd6gG_gDJQuXNcZ3Ui_XIkWDFgAy3r4Fa5jr6L2YZTQBa-14QRp1Vx0Px16rOXS_KBvTReYIg_VEW97qbb8faZhiDnTZAHePGFtEWfHqsXGVA3ofUDJbIWrYq7dYcyMo5BbkXkpmwqw7NDSBX4jFGmp34mL2O0ujtRYOLIFT6EYfDMR2akHmbYRBvNFCkjN55eIJKN_8dxMuAsjuoX9_yFQJW&sai=AMfl-YTta_Q9HA77KqnfbpnCHlWT9pnpJLoXHaIfDbC23RKjFzO_WVkWDaYsEBfk1VhgPCwclpWDdvEtxWm8QsME5AS5ejMRIniP8VO64YuIi1K1&sig=Cg0ArKJSzCQDa7Why6OvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6BC308080B5061A28820D418678D6EEA
Requests: 2 HTTP requests in this frame

Frame: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 1D94C998920C1689BE89C3A6BAE5C1A2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYFlKeGYxkBc5xeoJbMRNLiZud20fkbmDQE1mSkdn5UhrIv_dOueZac-w0z0DXChUUSfhWngBNt9MaFcaQZuwq-OTTNdXz3Kz0pGWMPqVdowv6DEgyhsBHrGT9QvF-ooswCypfV9_iPbSGFpcyNMnosJi4YMFfSmQ7AercFLd9JCa8APCpI0xuwZcYbWUaiyGldukS_HQJpzTVZ_gyMd13Qff7JvuxWX7ucZuXlr4b-PPZIhkIiLCsKnrUe2T3DUqz65IxH7GNSmmwj4BSVAEHSfYXGvhww5PplWa41y8Sjtd9MsXP3WDdBDjgy5xLeKOJ5ArdGzajL4I-fpeqfTGfKVI5_zW_DJZ0k0-a&sai=AMfl-YQuZgQTC8KvHJ7PCxebQEv4VUudntBoVeE3TMG2VgD4y1D80_kpDy57LwqOzr-BEl6uYc7YvrViJy7xneWEQ42FDxsn9wrfgTWNdaOG4v40uls0L1HPqIK-vNYszPQ&sig=Cg0ArKJSzLcr_uSzjcCPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A0FDDBC2488941C1E184D13A09887767
Requests: 2 HTTP requests in this frame

Frame: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 643D9F198263368AE59D07AF8FA3F5FB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD3mNLzARjDoNTOATAB&v=APEucNVNsR4qcx8F2c2KA9GaKd8273OjBQjPhoRQGKCcN7cScPsRDSHXvQeaQX_35Yxkr-OXl9K_ypZ89BeuUeaAT5T7iZDGW9F2Yb-QVa43bOXEL2ebqgVqOvhbsEfX995ktNB6YFjHgX1Eubywhumd4sPyUqAKwv4_bLdybKLvqJp-I-OrxF4
Frame ID: F1155784CD0C63D4A96B5A778878CB5B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Frame ID: 91DA20DBAB47D72C0790C82EA5C65557
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNWK9GkwenC0TA3PRt47GMdkISr7DSj3c2dQYMMxTVZ1iSE3oSnjGlX5s86HnN4OqRHRxXQhEkO6JUCkxPKsI1G6bxKs6TFOKs6bwNoB2ylx9TmnTCiwER4Yam8kp6V4oLh52dlpQsA5kqlwMyaRPCkMJUzOM8xvtiioYJQybT1T6Jht6aA
Frame ID: 1F8D73DCD51CEF9B463523525B3793F2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E28AC0D01DA44CB9B93D6CD9BC7DA20
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89B7ABB166458EE646006FD0DAB9AB25
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DADC2A741A20FB593926BBEA24279EED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 65EA4B36910D41C96F192B8A62B28E60
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mavka: The Forest Song 2022 HDTwitterFacebookWhatsAppPinterestTelegramEmailAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

189
Requests

87 %
HTTPS

47 %
IPv6

40
Domains

53
Subdomains

36
IPs

9
Countries

2831 kB
Transfer

6010 kB
Size

39
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1
Request Chain 144
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvRHpGyq1VVTs.la1qxpbQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1&google_hm=2
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJdQ4jqAe6RynBK4kU7LM1k&google_cver=1
Request Chain 146
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1NDE5MjUwMDUxMDA3NjI3OQ%3D%3D
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA0XzoqzUbjWrX2hKhrVId8&google_cver=1
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBNX81NFqmfYn_328GAx3Fk&google_cver=1
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDtU0zYjxHFSXmL--nNz6fU&google_cver=1&google_push=AehlK4CPiZR8FAxWBMkgDd30IjxghGr-KrZOUXC8PKZJWwkZB1OqI7IrT7qfRA3Ilmf8mW7JCdKDmQIucnaPgSf4GFPM6UT1urdRJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDtU0zYjxHFSXmL--nNz6fU&google_push=AehlK4CPiZR8FAxWBMkgDd30IjxghGr-KrZOUXC8PKZJWwkZB1OqI7IrT7qfRA3Ilmf8mW7JCdKDmQIucnaPgSf4GFPM6UT1urdRJA
Request Chain 172
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHEDbrSGqWiW57vmneGjvrs&google_cver=1&google_push=AehlK4Aqs14uQEtdzxeSBD9t7MUmlNrP_gRYu3DMuWD1Lfnje4JLwRe5ydjrBh7aUIxyoN7jyENsU1K4GyXysFpcegtt98MsjCFuMA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lZdDRN8PQ_Kn3QZEiAOwNQ2&google_push=AehlK4Aqs14uQEtdzxeSBD9t7MUmlNrP_gRYu3DMuWD1Lfnje4JLwRe5ydjrBh7aUIxyoN7jyENsU1K4GyXysFpcegtt98MsjCFuMA
Request Chain 173
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEW_aM7SE1R2aC03h_bjK2c&google_cver=1&google_push=AehlK4BAP068tL6eR-nKUfD-Y7WnQVKOb1K5R5loaqZPCSeC8s5rVad8GYQ3CTx_lwE0chPhvSo3stuyzVd1Fcu48LP9pIunIYESIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BAP068tL6eR-nKUfD-Y7WnQVKOb1K5R5loaqZPCSeC8s5rVad8GYQ3CTx_lwE0chPhvSo3stuyzVd1Fcu48LP9pIunIYESIg&google_hm=Nzc2MzE4NjM5MTU3MTE0ODQ4OA%3D%3D
Request Chain 174
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOFEqzdb4LhW-Tvn2wIR8oo&google_cver=1&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVpG6UX5VOHDRr9Dj0mzOqpdNrQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOFEqzdb4LhW-Tvn2wIR8oo&google_cver=1&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVpG6UX5VOHDRr9Dj0mzOqpdNrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg4ODI1MDg1NTQwMDYwMzc0MQ&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVpG6UX5VOHDRr9Dj0mzOqpdNrQ
Request Chain 175
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM4Y6-2Ts4D4QzNUG068J-c&google_cver=1&google_push=AehlK4BMRSoeiu_oduXxH_6yXpxFpk5hu5xFuvxxPl7ELwNJy65gUvlCaK925hGs3mBjG6gvGPkV2yfTOyI88-Uj_MutmgXw_VD-gw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4Y6-2Ts4D4QzNUG068J-c&google_hm=YvRHpGyq1VVTs-la1qxpbQAABGYAAAAB&google_nid=index&google_push=AehlK4BMRSoeiu_oduXxH_6yXpxFpk5hu5xFuvxxPl7ELwNJy65gUvlCaK925hGs3mBjG6gvGPkV2yfTOyI88-Uj_MutmgXw_VD-gw
Request Chain 176
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEMMqBC48GrteMjcMy67Ka4&google_cver=1&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3slHd79E5l5-zxLcCALq7qugWbPE1-w HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEMMqBC48GrteMjcMy67Ka4&google_cver=1&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3slHd79E5l5-zxLcCALq7qugWbPE1-w&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JeXNXSUNwRTJ1R1RMVHl2MHFZRGY3VWZhUWR3QlE5X35B&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3slHd79E5l5-zxLcCALq7qugWbPE1-w
Request Chain 178
  • https://um.simpli.fi/gp_match?google_gid=CAESEKSSqLCt6cUCq0qcW8Pyq9Q&google_cver=1&google_push=AehlK4Al0zchxRuCOCwqGGRAnUfIQJsuD5eo6wxIXDu8CXGI41C8v_mwxeAG9ItmeOTXJd1eTMY_r5BRNuOUwHUJFzSoB45jpI8f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0B0C82833156447B85CF903C16018FB8&google_push=AehlK4Al0zchxRuCOCwqGGRAnUfIQJsuD5eo6wxIXDu8CXGI41C8v_mwxeAG9ItmeOTXJd1eTMY_r5BRNuOUwHUJFzSoB45jpI8f
Request Chain 179
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAf8IZNpM1pHBEvVSxk4Zlg&google_cver=1&google_push=AehlK4C7Wn2hGOiavJWh1w46Vhyg8HELnSFHq6ELZB2w72gvAOMZRnxVOtQEhKHA7968QHOvfXDqoVGKf6FWhC3cZAFMOY0DwoLP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzMDQwMjg3OTc1MjEwODE3NA%3D%3D&google_push=AehlK4C7Wn2hGOiavJWh1w46Vhyg8HELnSFHq6ELZB2w72gvAOMZRnxVOtQEhKHA7968QHOvfXDqoVGKf6FWhC3cZAFMOY0DwoLP
Request Chain 181
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFRn4VViSaU959dN9NSGumI&google_cver=1&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooIpphDv HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFRn4VViSaU959dN9NSGumI&google_cver=1&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooIpphDv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooIpphDv
Request Chain 182
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMYIuGweNnkJbXaeXQ657bw&google_cver=1&google_push=AehlK4D2sQY_p8qEvQRKvQFcRpkd2pJq4IN99F6kuvdY1Eq3ObNFCh3utrP6EdMF-JcBcxR2GjrAm6YpTRVIUOZFLx-viLTzts3Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPQTNNNlUtMS01TldJ&google_push=AehlK4D2sQY_p8qEvQRKvQFcRpkd2pJq4IN99F6kuvdY1Eq3ObNFCh3utrP6EdMF-JcBcxR2GjrAm6YpTRVIUOZFLx-viLTzts3Y
Request Chain 183
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC36dfm6Lp92365r1ZryIZc&google_cver=1&google_push=AehlK4DECNvT54tI0ljfrBKlnfr9npRLbVtU5oacJnLqqz2VDTGgH099B666LfUakF3yMQ8K_Km5ZeCPFvLZ8at8L0sRT-kdQxKC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DECNvT54tI0ljfrBKlnfr9npRLbVtU5oacJnLqqz2VDTGgH099B666LfUakF3yMQ8K_Km5ZeCPFvLZ8at8L0sRT-kdQxKC

189 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mavka-the-forest-song-83248
moviesjoy.to/movie/ 		78 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd32bddca16b041b9d41788e4dd02b0b9123af3eced5e79ffd02495499f517d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
738cb749ae22690d-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 11 Aug 2022 00:04:48 GMT
expect-ct
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUCdMiKh%2F6cgTLhb9Ntj4v3EjCGEuQpiQdHMqIjBzOBfXanfabRxJxClgnE3ZlP%2BE5Vr84ZGC66OyIQYLY5YTtv7r6KSuKuSkiGBOBkxb31WsDB12nsA6F%2FS7pmvcdU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0 1; mode=block
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/ 		138 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1990875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15800
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-22688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKjFq0XLNRYz8aOD%2FWf5PXx7NIG4JHFqOpMgWDhSOWMaQWW26PblNZwGecqAsPmijJ2%2FoXgMr99d4CpzVJVLhAY4%2BLA%2BjeLA%2FW1nK0I5JOI2QKhK5z1NJx6qKqkawI4Zf1IK8GiDbhRh9SCL%2FvA%2BAypU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74aabd5912b-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 		68 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1829277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10234
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-111ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQEZn67%2By18mrwTiunm025PwGEcjEK%2BbsviIcG%2FuWu4xLKiX0IkTtmM1v3VS5X7%2FiS0u7UU50lH7wx3aQD%2BUg3YnZT0mjT9yQ0lnje6i30brJNSEI3pB9QDu%2FhuWNxB38VfElaRJi2u%2FvMUJNsZvS9rm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74aabd7912b-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
style.min.css
moviesjoy.to/css/group_1/theme_8/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/css/group_1/theme_8/style.min.css?v=8.4
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2359033175af9afde3eaa63da23419b4a78ad3a6072925951b5e9df0c0096ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
657539
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Apr 2022 09:23:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d04c-17ff908f538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3%2Fe7Q6c2YLF8H9Ni6%2BdnhbQtuDZtX9hl%2BFYxn4LWSYeqHgwJOP9%2BYT6lBzXfoeuZnMBNjUr1SyvcITaO7NBWqoi9RQcNVTCLeFCZFTOY391TVMpgDFDpZvUHSBT6Ts%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
738cb74a6e98690d-FRA
vue.min.js
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1975755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30769
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402c-16deb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQseM8E5Q0zsj10SVZFSGINPfE%2FJngtlVQ8GZ48cshxXR6OEcJBwee5VKc0szn4rx8eVrd2U7p5e93glOg2Q6giq5pl1SftY%2Beq4Dt3NDjI8r5zCD2MNGtxnR075qdsjME%2BFwHq2qZtJ6HVcWB38yfrW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74aabd8912b-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bcf85e2aaaabbbbb194f96110fa1d8c133547ad011f09d5d031c88a7466c7ce8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Thu, 11 Aug 2022 00:04:48 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-127877694-1
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
deb1823960a9feec2169e478dea82b06f499801c5c5e6331e2022023a3278128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41919
x-xss-protection
0
expires
Thu, 11 Aug 2022 00:04:48 GMT
jquery.min.js
bigcache.ml/ajax/libs/jquery/3.6.0/ 		140 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ef3661e3a0b961a118a269bc8c2828a232ab6a4c33569d1162bb9d76456a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW8ATFq4PlV5ZuaBaT1M09yFOEHAFMmo5a2EoKccrj1DQopLBE0lc0rU50y2VWT3z0svdd16jd3DqVXzxbVTE%2FpTqYKr1c8ff26W4odt3e4OWXlzLSxoBS8EFMlQ6%2F55yN2AUV4HP4yNpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb74b98679b92-FRA
expires
0
24218
pz.unkemptscance.com/r62e7f971714db62e7f971714dd/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pz.unkemptscance.com/r62e7f971714db62e7f971714dd/24218
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 11 Aug 2022 00:04:48 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=1
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://moviesjoy.to
Access-Control-Max-Age
600
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
logo.png
moviesjoy.to/images/group_1/theme_8/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moviesjoy.to/images/group_1/theme_8/logo.png?v=0.1
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd5f95ac599c7b6c1f4f69f706c46e07af1c49281e1e8a41de926315c1586f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1525803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8360
x-xss-protection
1; mode=block
last-modified
Wed, 18 Mar 2020 08:32:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"20a8-170ecc6124b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eYmUmCXr9eRMNEBKPSUTwOp3GeHgsvvJXhRe2OYJYaxBNx3sFUYxvNlWnkmmAK2%2B5%2FJJPHvvjpcHQ5DmAl%2FyGaG1bg7S5vHJ6gbv7RJAnaRssWP%2BZAKbkGtEo00w3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
738cb74b4ad4bbaf-FRA
976afa279423d8f7c7b37302f4cabc27.jpg
img.moviesjoy.to/resize/188x288/97/6a/976afa279423d8f7c7b37302f4cabc27/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/97/6a/976afa279423d8f7c7b37302f4cabc27/976afa279423d8f7c7b37302f4cabc27.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86bf81345f345aa6a0dd6619f8d57a22d269945ae08ff96495322291e4e00e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2373
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17818
last-modified
Thu, 23 Jun 2022 05:00:03 GMT
server
cloudflare
etag
W/"62b3f353-4a410"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y2ZdfHXCGgaiNrCPQ9IYMXI4bkNkOT2Quc%2FTfD902Gpxu3MNyFsg1XH4T%2B5Mo9AhwevM1LPkkA27NUmtd%2F6mcK8rcYk4%2BEV06nOs7ID%2FmLRwUYfULnLHFunSAsc1FH4Zu7s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74b5f44690d-FRA
logo-square.png
moviesjoy.to/images/group_1/theme_8/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moviesjoy.to/images/group_1/theme_8/logo-square.png
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2067b806421d5a8d190e502e208bab3a0661ee1c86c232275d72847bcad573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1525803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8360
x-xss-protection
1; mode=block
last-modified
Wed, 18 Mar 2020 08:32:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"20a8-170ecc6124b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGnTEFlyImhD%2FVW%2FB4oa7GK%2FgFVbReef%2FE2P7JIWC5Z3QNQ3uruCqh21dZ8yDnjXwyw%2FKBYJ75%2FDAQzDqUnJCw5iLKaIrnZvB3f6kDQ%2BXvUrK8PFdRTOfbW8rQ6Qq9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
738cb74b4ad5bbaf-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2516453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCNYRXwcbLGQ%2FvDHHDYTECipzrLqdWUEsnevlMeNIG7R8uc3yY%2FKs3Ncfr6tZfaLDkczS2NNsuSLhuVdPAPROTVWsD0EOXt6RoeTZSLkeeq%2FEwHLRzLBUJle1x4ZsbJfjbXAV7oOPBAUuWACuUdd9Vz%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74b59db5c26-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/popper.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1057121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6680
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-52aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hhYaSw%2BBJvKx3fxRvu98dMOl6xgNjiogvkR6u28uL45BeujuTkC4hM9Jl1UuFXyfKPGiY8kpJr2%2FBeA9BkZdOkl6bloKAdsoTiLqPD2LGGheeREm09pBptLjIJSTaw9TBmykvBzr9mO0CLB%2FJxluGEc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74b59d85c26-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13537
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-e2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fwlt5%2BU1n0awvOUlc%2FoTvIhilE9Ij8CfIXxlGKjH8OykZFAvtwtXmLZfexq3z1YtTNBYP9VYdIjw8o6vFaHmZAamfOk%2FSz1%2F8HiCtwP32kz4A5ep8MkqKLlO4VtzDqenwgrtE%2BwWgnxtpc1dV3lCLbpa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74b59d75c26-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.1/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.1/lazysizes.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb32a635955e226734775639e6f9b84a8ff45b999bc1688f4b8cc9b77178b760
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
619745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2950
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed0-1b91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59nhEmldSpxuoLcSZPZMIXSswVXXLL77YXT0QcMY5qrQXhWoHIGbSgR6HCeVYrm97kVtpGt3q%2FYXSA79rl%2FJsGKBEpMRTh%2F3i33v3gxPpfRwK5h3kUW6Tf1Pd1BAkC6tJhgK4R4aMsbxiGLExTfAuySH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74b59da5c26-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@beta/dist/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@beta/dist/js.cookie.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96f171604e284998042d56431b61046bf7fdc32fd29c5fa399702d03299a7966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
12816
x-jsd-version
3.0.0-beta.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
728
etag
W/"5de-umxYiZHe1aDZ+J/AVp+cMSpsIxY"
x-served-by
cache-fra19163-FRA, cache-tyo11952-TYO
x-jsd-version-type
version
date
Thu, 11 Aug 2022 00:04:49 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Thu, 11 Aug 2022 00:04:49 GMT
x-host
s7.addthis.com
content-length
116325
snippet.js
static.zdassets.com/ekr/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=77196c29-9d2b-4414-bc79-7543a13d07e3
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
D7THHT7GP0AAAFFF
x-amz-id-2
MLIFEMPlb4x4i6bR93PVJs7qBT36JegLZcXbwhidvBWXmFDF9tvyJEfoSAfOD8Il3a5QwDTWxHY2c3o4cXkhVA==
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIMDsAuIZNbaeh56O9VC4vB0PzxO7WWG6MR7XBaYxxO%2FFCLGo4GsW0Hc6r30UdXJyqXpp6Rlb%2F2wWh7WhHA%2Fu%2FQhp6mxkNqckLyxvmFpNiYrrfs4%2F%2Famgd3%2B6VZf%2B5hLsAG%2B6Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-ray
738cb74bb9e69951-FRA
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5117
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqDSpwDrLUi4YMjS9MCBaShVs0lBIW2NohzoCZ9T6GQbiqVFmpl%2FIo0ig8tnBUKR%2BcRxDMNFG6oOntI7eNrNQK3GdRKOQG2dsYPyDeUh2TXwQQBdnJF8%2B%2FMrOQFHV%2FlcLAfOvWgjB6otiVcnoRsHHD4U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74b59d95c26-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
app.min.js
moviesjoy.to/js/group_1/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/js/group_1/app.min.js?v=6.1
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b6d8c821d24799d184efd65d51f6a196cd3204399c0de207d75eedac233af7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
1069362
x-dns-prefetch-control
on
vary
Accept-Encoding
x-xss-protection
0, 1; mode=block
cf-ray
738cb74b4ad1bbaf-FRA
last-modified
Tue, 05 Apr 2022 09:23:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6ac9-17ff909025c"
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKoiTZOAKcdd7cQXxAs79TRg90ewZ8GECFXnZu6GURc2KXPET1iB14Pj%2BH7MYS3PNTLqWurNog5twAFNavTBlYnuqS019dhpy%2BWY2464woocASFczU0dH69UJaJkzDY%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2592000
content-type
application/javascript; charset=UTF-8
24578
ckwlurries.com/fzol7MEb7kEevR/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ckwlurries.com/fzol7MEb7kEevR/24578
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.155 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/css/group_1/theme_8/style.min.css?v=8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 22:17:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 11 Aug 2022 00:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Aug 2022 00:04:48 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 		387 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://moviesjoy.to/
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158422
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:10:18 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
102827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-126b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6pyoHlByuiTaxpYoVm9w1CNr6WONOno9bJZYdNi9NSCpQF7yicx1HuYGwXfAg5VpnIw%2Fgq0Il91M9CWzOdxVX2ql%2BgyPjiXhup7X3duhXAtebR5Lt4c64ZqTwVi05f16N7vuCJ%2BAIOniclyFqzOfqMG"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb74b6e17695d-FRA
expires
Tue, 01 Aug 2023 00:04:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
576177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 08:01:51 GMT
eb65d3aac2a928f605c4282052eb89db.jpg
img.moviesjoy.to/resize/1288x788/eb/65/eb65d3aac2a928f605c4282052eb89db/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/1288x788/eb/65/eb65d3aac2a928f605c4282052eb89db/eb65d3aac2a928f605c4282052eb89db.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d8c85662d28fccb17719b9d0052f152e95d435e22ac6661b02647d8861e594

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
142301
last-modified
Thu, 23 Jun 2022 05:00:03 GMT
server
cloudflare
etag
W/"62b3f353-190eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFE6SqyOGq0ObDbtbrPA0lTct8bmytCRIDtDWYCFweHXcI33IjkDh5e5ZmpHLHIs694RiB9H84BjXguUEqFOfDe1r4b8HLk7FguYxCk%2FWwne7066kYQqS9IAptteb4fXNuSn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74b6f4c690d-FRA
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:47:17 GMT
x-content-type-options
nosniff
age
217051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 11:47:17 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
14063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 20:10:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
326107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 05:29:41 GMT
p300573b163093d16019dd6c7f26de130.otf
bigcache.ml/fonts/ 		448 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/fonts/p300573b163093d16019dd6c7f26de130.otf
Requested by
Host: bigcache.ml
URL: https://bigcache.ml/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db38467e6c9985f5b1319b24cb3369505aa556f3adddfa74b93948302987c0e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
448
pragma
no-cache
server
cloudflare
etag
e1df275f84713f7036a6dbf2c9ab57fc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFgNIZWgZOOUTj4t3PWb4JsQMzGX4OoZAHCZ6t%2FsytsLj77Rw2P3b7rLc7sk2wD9dLu6u2UOZQyaiofJpt4tjTqT0J5ydoKz%2BEFL1wF4%2Fr4PE31EWruikkDNazLxpnhh4nWpF6TIYx4pNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb74c4f2f9c04-FRA
expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127877694-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3768
date
Wed, 10 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 11 Aug 2022 01:02:00 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139883519-66&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127877694-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
356e38db0b737115242c009b83e8b3d61596b1381907b4a7e08d9d95a37e6c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41936
x-xss-protection
0
expires
Thu, 11 Aug 2022 00:04:48 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139883519-74&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127877694-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ff40c70853efcbeb72e949a3442a7c62b14b823a83c06c52539d25ee1e62810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41930
x-xss-protection
0
expires
Thu, 11 Aug 2022 00:04:48 GMT
bootstrap.js
bigcache.ml/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/bootstrap.js
Requested by
Host: bigcache.ml
URL: https://bigcache.ml/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b42715665dadf056f47bdcc7f82516dae9905f20a15fcee528194edaa274e587

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOeD0%2B5nhMT6rvg6nLF4BKnXRh%2FfY9la09U13YukloFvrAAsJuiX4LrtR12YOnFXWukmll6UHQ4KiZ8PDgfgnrbVn%2F%2FYE0pObxPNoKW0SXL7d0F6vbNucKVODqY0eOll%2BSKnMVKlc9kmfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb74ce89ebbdd-FRA
expires
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=883586221&t=pageview&_s=1&dl=https%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&ul=en-us&de=UTF-8&dt=Mavka%3A%20The%20Forest%20Song%202022%20HD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=846477760&gjid=1902517487&cid=67387908.1660176289&tid=UA-127877694-1&_gid=1712153326.1660176289&_r=1&gtm=2ou880&z=1696084086
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://moviesjoy.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moviesjoy.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adtrue.fun/dynamic/ads/ 		0
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrue.fun/dynamic/ads/
Requested by
Host: bigcache.ml
URL: https://bigcache.ml/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4205487
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jk3sgSFFKz0sn6%2B8mxCQUsT266Nyf0TAhJs%2FyCtFqVBD2cqF1Yen0JDgIqKpmjxb8RaCJgvy22uVGU8C2iUwBerZ%2BdJ44pGfMKpA4X9X5w9B3IMk%2BZa9TwR6oz3xggL4w%2F%2BWlQV862C"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb74d78a7bbf7-FRA
expires
0
m542bee40d5e121507accc460c259dd41.otf
megacdn.top/fonts/ 		270 KB
271 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/fonts/m542bee40d5e121507accc460c259dd41.otf
Requested by
Host: bigcache.ml
URL: https://bigcache.ml/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f2bc17c50b43aa397ea2ed31a7622d9da14cd300863b5466ba6ffad98d8be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
276188
pragma
no-cache
server
cloudflare
etag
761b23661a8424e2c7845dd808987e19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdflItkqC6KQ80D9viTvFAWvlEtrK1xIPYeS6PAN9JbuRqoLwcyWPFwmYBpjoMXpe4pCPd5wlpF5UtgN%2BsvfrNMYs5%2Fj0R7Gw3pHz3AswxlqYeD0YqNp6IPP9OUlmNgVpx%2FTypuJc1GSkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb74d7cc39b74-FRA
expires
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=883586221&t=pageview&_s=1&dl=https%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&ul=en-us&de=UTF-8&dt=Mavka%3A%20The%20Forest%20Song%202022%20HD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1044635811&gjid=1506969946&cid=67387908.1660176289&tid=UA-139883519-66&_gid=1712153326.1660176289&_r=1&gtm=2ou880&z=158637832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://moviesjoy.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moviesjoy.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=883586221&t=pageview&_s=1&dl=https%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&ul=en-us&de=UTF-8&dt=Mavka%3A%20The%20Forest%20Song%202022%20HD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=84678462&gjid=181324141&cid=67387908.1660176289&tid=UA-139883519-74&_gid=1712153326.1660176289&_r=1&gtm=2ou880&z=636924852
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://moviesjoy.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moviesjoy.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
9adf2917c7ee736858ec8e71a373649b.jpg
img.moviesjoy.to/resize/188x288/9a/df/9adf2917c7ee736858ec8e71a373649b/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/9a/df/9adf2917c7ee736858ec8e71a373649b/9adf2917c7ee736858ec8e71a373649b.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4868bb78cf16aed40eaaadf6218437652ac1043001007bb20f0e230cee2bd0ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16487
last-modified
Mon, 21 Dec 2020 08:00:03 GMT
server
cloudflare
etag
W/"5fe05603-3608f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AR7dBOrXfIFizNk5mqPkUclFB5A1aBynzW%2BYLpppluUrpCA6JbclVzyMF9CPgclZOkA%2FvmMefOqpqRnURQwu6IRfHj5HhlDpp442%2BvO451pruQwy2BFq2QHAD%2BW%2FLXSg4WKw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c8fbbaf-FRA
fde16edad5b964430de0f930f33a4c27.jpg
img.moviesjoy.to/resize/188x288/fd/e1/fde16edad5b964430de0f930f33a4c27/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/fd/e1/fde16edad5b964430de0f930f33a4c27/fde16edad5b964430de0f930f33a4c27.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f648022b3c0281d7fd4a3f61dc422be875e862e3d5b8c7023d107ce821918f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17841
last-modified
Wed, 28 Aug 2019 06:04:42 GMT
server
cloudflare
etag
W/"5d66197a-22a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tmmMGnXtDqnh2OTzPVGu9L6LkdZuzFhWWDJk6G%2BYuI1aqwSLENvey2FnuDCMnsUqw6MxoNcziHYV9ZcPu5YDSox35XgFKJ3KetgfgSftvibK0ElMlzxhq%2F5fZOEiarkpbP4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c94bbaf-FRA
b04b9b99e191cfc7d802db12a27b135e.jpg
img.moviesjoy.to/resize/188x288/b0/4b/b04b9b99e191cfc7d802db12a27b135e/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/b0/4b/b04b9b99e191cfc7d802db12a27b135e/b04b9b99e191cfc7d802db12a27b135e.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93248da4a316717ba509bf08cdac2f71abab069bc815e59057e4398e2f731545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27645
last-modified
Wed, 28 Aug 2019 06:15:57 GMT
server
cloudflare
etag
W/"5d661c1d-51664"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6apPKwyuTc0KT1wj1dHQIsj5d3O%2BFL4MRftsiDp5sJppi53O3c103RJ4fPmDe%2BykCu0niKBiRG8gmTByfAvG0wyDFDQblcghVBpyQsbDgqDvVHh8hvD7xsWIa3YeNMKUvYx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c95bbaf-FRA
b428934252d299cfeba9e463339f6d29.jpg
img.moviesjoy.to/resize/188x288/b4/28/b428934252d299cfeba9e463339f6d29/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/b4/28/b428934252d299cfeba9e463339f6d29/b428934252d299cfeba9e463339f6d29.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c7907fb8e391d351b83117524e8490aa6fc315f9e061fba775362da07de2be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19858
last-modified
Wed, 28 Aug 2019 06:02:16 GMT
server
cloudflare
etag
W/"5d6618e8-10aa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN4cG4LqE4JFQTOLA19hLmbmIkL4xHVj2PjmLv%2BRSzt5NOyIi3n%2BufIHmW2CZUVoIaiNQUloDaGUZaRSy657AfTv0DjqKgsA8t%2B1aDnmDxsVRfuOOc60TG4ss1eV5%2B6Zadul"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c96bbaf-FRA
812b637be72a2337d93f53a4e3c759ce.jpg
img.moviesjoy.to/resize/188x288/81/2b/812b637be72a2337d93f53a4e3c759ce/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/81/2b/812b637be72a2337d93f53a4e3c759ce/812b637be72a2337d93f53a4e3c759ce.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c6774bf50f8e035933f3e1fc3115d84b781e143c754d03487aa1b1b32fe54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17367
last-modified
Wed, 28 Aug 2019 06:12:44 GMT
server
cloudflare
etag
W/"5d661b5c-2c0b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa4ljUwJQLxbxwKEjSz93%2FB5YstjBC%2Bjj1BRP3E18W7wbGvxieYu8HdoqgdLH%2FS2KisGIJkB7vljZj1BWHErdx0KWjaJwfm9C9UgrO%2FgqMya%2BuP2lHkw6mtY60uvDAw1GsBi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c97bbaf-FRA
328e960edd0510a504c0f8e0f07f886b.jpg
img.moviesjoy.to/resize/188x288/32/8e/328e960edd0510a504c0f8e0f07f886b/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/32/8e/328e960edd0510a504c0f8e0f07f886b/328e960edd0510a504c0f8e0f07f886b.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3748feb5a894be6d7833cfbef101969535da902ac70bf8ed138d3119d7d6715b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24966
last-modified
Wed, 28 Aug 2019 06:55:00 GMT
server
cloudflare
etag
W/"5d662544-47e29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1Sk1IJuRVjIHZqO2AijE9v5JIQ24vcL5be1JF2iQFA6vvJqtQ6nqLsvlFnJFnHOGoFmAH3CpI%2BrBPalZad3C19JawgV1LMPXfnQJxEGZyUjU1RLdKb9r3yM%2BOFY5F4lIX8d"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c98bbaf-FRA
637c1c934d5d8b474f6444e1a6bae24e.jpg
img.moviesjoy.to/resize/188x288/63/7c/637c1c934d5d8b474f6444e1a6bae24e/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/63/7c/637c1c934d5d8b474f6444e1a6bae24e/637c1c934d5d8b474f6444e1a6bae24e.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a30057494e2f11f987ad8ef3db7e16511d6f1716edae93b6bc07e947a30f732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22717
last-modified
Wed, 28 Aug 2019 07:05:05 GMT
server
cloudflare
etag
W/"5d6627a1-9c6e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZopPK%2FTR8WkJHEY3u0Y5AIUr8FmmwgGlqrNI%2FOtxoEO5Nn6Lk8GMGFNNtBFHl4gQtKWxhb1lGa9baHDzb%2BEZYkZxbu5YEsqr8GhmdqGRB0neIZgsjNmR5r1v2KUcDkxXkej4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c99bbaf-FRA
771993b42df6fc5dda1db8688643d3a8.jpg
img.moviesjoy.to/resize/188x288/77/19/771993b42df6fc5dda1db8688643d3a8/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/77/19/771993b42df6fc5dda1db8688643d3a8/771993b42df6fc5dda1db8688643d3a8.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb7cbdc3af8accbf7c9d731203fad9c4c7d75df7cc2c32c9c54b4a60e734f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23015
last-modified
Mon, 16 May 2022 09:00:03 GMT
server
cloudflare
etag
W/"62821293-1e977"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clu%2FyHhLOtWE6B2xNEdD5d7l41E9srdwxsgF5y5kIIFtCcoMF8fY7KOPHQItBbejQKSN6SR%2B9DCcR8tQNkSwwGINXHCEKVFtMhdRigc2z7ZGSwo7KRgtIO8Bhi44ii7uP0Nn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c9abbaf-FRA
e206e87e0ff511fb9edc323cf21c931f.jpg
img.moviesjoy.to/resize/188x288/e2/06/e206e87e0ff511fb9edc323cf21c931f/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/e2/06/e206e87e0ff511fb9edc323cf21c931f/e206e87e0ff511fb9edc323cf21c931f.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402a18c0434346f578d79bed323fe9a2d41ef76a5020a1ad18f265b58e31ca2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17628
last-modified
Fri, 28 Jan 2022 09:00:03 GMT
server
cloudflare
etag
W/"61f3b093-114f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD5A3P%2FhqM1CmhRXH9SN6T5rwRvOYTsgFUepLV%2BcekPvFKtsfQeRxN%2FbS4TokLJ5riyWRVa9r%2F%2FuiQ3rCOGsKCUNL6K6RPVwTlDXUHSzfDqrsXOhu5gEV834zUdTi5kcUssA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c9bbbaf-FRA
04b631ae11128693416d470fdfd098d7.jpg
img.moviesjoy.to/resize/188x288/04/b6/04b631ae11128693416d470fdfd098d7/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/04/b6/04b631ae11128693416d470fdfd098d7/04b631ae11128693416d470fdfd098d7.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47576c5063476b9d4c7c02299538fdf61fe72faa850baf4713f6f9a469d0619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:48 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21733
last-modified
Wed, 28 Aug 2019 06:34:15 GMT
server
cloudflare
etag
W/"5d662067-248be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YruUpUL5M%2Bl%2F3ijKQ3rmcILMdwxOocn6gZ3jQQqlWoNPzmtr4NvII7RdH2QqAAE5iLcgWKAtvryy4GCGdtn8hzi9zfLQtsDkcjTbpiTV8sMok48fOxLMthSY%2FZm%2FSLnIiC5Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74d6c9cbbaf-FRA
96bf48dce7386b35adee3b0c2587d91a.jpg
img.moviesjoy.to/resize/188x288/96/bf/96bf48dce7386b35adee3b0c2587d91a/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/96/bf/96bf48dce7386b35adee3b0c2587d91a/96bf48dce7386b35adee3b0c2587d91a.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce87586ad68edaf8a69097257dcb485512b56f7e8241ff8103331040b170f999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13202
last-modified
Wed, 28 Aug 2019 06:18:17 GMT
server
cloudflare
etag
W/"5d661ca9-3d101"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0bOSkDSYCzB5dIUBlFk3Uez3ayVqQAX%2FWM1th690F5Wm87gfFtO5OUi%2FeH6WRheq5OFNnR3SiXQG0MX7YOi6NDZoj5EwZFm2KtQx1pvemc81Z9auhI6K0kNgH4QfkPvQppX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74e5dafbbaf-FRA
105f369a6c4e0fc89a582dca9834f32e.jpg
img.moviesjoy.to/resize/188x288/10/5f/105f369a6c4e0fc89a582dca9834f32e/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/10/5f/105f369a6c4e0fc89a582dca9834f32e/105f369a6c4e0fc89a582dca9834f32e.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148045b3d82b9866c523f90b63627da50781b6f0ea083f060c8804246330d721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25127
last-modified
Wed, 28 Aug 2019 06:05:32 GMT
server
cloudflare
etag
W/"5d6619ac-126f9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgwqjxA%2BrcmNMZkwqB%2BKoKjBun8HwzBm45MGxFFsf%2BB8HyACpYC8mXyzmiQbF9n9omWsycoA4VEUDPSHknU8c%2B4zM6cGdXuYZVjsAyJg3jHAKqxOADuprAw3MDXBpsKjv%2FGD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74e5db0bbaf-FRA
d20175bb3d97b0ece4a43369c34d6ab6.jpg
img.moviesjoy.to/resize/188x288/d2/01/d20175bb3d97b0ece4a43369c34d6ab6/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/d2/01/d20175bb3d97b0ece4a43369c34d6ab6/d20175bb3d97b0ece4a43369c34d6ab6.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b49266f9c6bb46cec49d167507aa44c8c89d66a2908de79c18f1d0eb577218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20075
last-modified
Tue, 17 Dec 2019 04:15:42 GMT
server
cloudflare
etag
W/"5df8566e-1f203"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9nHHx7bCCac6JfqggcbY5xSskE9xweIh6rGqSQsRpJNtjdeSHx53qLuSQFSEDKrxJjsYNTYZgYHmeZDRV1NEXX0h03DDYs%2FNKf8BQPAMy1wt4XNM6yIV2EUidjMgDOL9phc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74e5db1bbaf-FRA
8554e9e9945e73e6a62e514107806ffe.jpg
img.moviesjoy.to/resize/188x288/85/54/8554e9e9945e73e6a62e514107806ffe/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/85/54/8554e9e9945e73e6a62e514107806ffe/8554e9e9945e73e6a62e514107806ffe.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6583ac979e141fda601e47ad5b3966fa58bf7ff91d73a9025a9c8ab9de39843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23305
last-modified
Tue, 17 Dec 2019 09:02:17 GMT
server
cloudflare
etag
W/"5df89999-4367a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXkIEfC4xAo%2FeuVzRGiFEDD%2BeeWvsHBNETiujP404eJ%2BJT18P4nRqEzfMNkv2B55gOA%2BEp1xZtNRpOgh3x47rhOIp%2F9O95WYc7NR%2B0eyROoNsKzmJQ%2BOoRTLGf0fHiJN1Bhv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74e5db2bbaf-FRA
c2fb123d973896ea47739df42dbf37c9.jpg
img.moviesjoy.to/resize/188x288/c2/fb/c2fb123d973896ea47739df42dbf37c9/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/c2/fb/c2fb123d973896ea47739df42dbf37c9/c2fb123d973896ea47739df42dbf37c9.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ff5edad53ff9e1a9e79569d013cbd1a678de31d1d67db06e426027ff29b2a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21208
last-modified
Wed, 28 Aug 2019 07:04:32 GMT
server
cloudflare
etag
W/"5d662780-40fd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlSFmNthRwffLRZMtXGjKfEvCi7ArRGeG34PDIgzmYTnK7ZcW8MskRlHT2J5roB5S0FwB17lC%2BrWVVnsvfWQp%2BGKIfdGHVZ8F2cf1lJnaTmdjPf9IYSSEKfTlekgkPdnR87F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74e5db5bbaf-FRA
9062ed0b0313f069044f76390382d043.jpg
img.moviesjoy.to/resize/188x288/90/62/9062ed0b0313f069044f76390382d043/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.moviesjoy.to/resize/188x288/90/62/9062ed0b0313f069044f76390382d043/9062ed0b0313f069044f76390382d043.jpg
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f15a08e5c1a82603cdb87260ce3dec896e2fbb98f3c0cc0621ced5eea6c196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16215
last-modified
Thu, 26 Dec 2019 10:00:03 GMT
server
cloudflare
etag
W/"5e0484a3-124cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzJAMuC5WR7waR%2FPC4prsEg9xOrI%2BLGfuYHyzUAEgXuGOQ54FqH%2BtkCidVAaYQ72vyaStE2WWlNj9E%2FcEI9hdYwPZXmIrjzaZDeGGaylzY0vVbTpR5K2ULNn3%2BOu8n97KPoS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
738cb74e5db6bbaf-FRA
login-state
moviesjoy.to/ajax/ 		271 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/ajax/login-state
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3be71a1e4e4de4a2f7fed144b6cd7c4dd9812716324c3b720e5441014cf0f43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
*/*
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
on
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-xss-protection
0, 1; mode=block
server
cloudflare
content-language
en
x-frame-options
SAMEORIGIN
etag
W/"10f-xFzhIsqWKFirmu80+TX+Tj8qFvg"
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwiuRpMrQDBxes4U8CR9bUz7B118wILKc%2B1iwDqUWLnNDI9DYSZIJg%2BgRgM5Y6gQts7nuwEDsxLy61VcSXF1%2FVLAn95oDqSA3tFF%2BsduaKywWsjbQ2gwEwu6X1UZ3O8%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
738cb7502f0cbbaf-FRA
verify
moviesjoy.to/ajax/ 		15 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/ajax/verify?domain=moviesjoy.to
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
*/*
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
on
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix%2F4zvbszw2ig8T7cDs73%2F8f27GBO11C7rcza1AZ8qlUjp96RzfoZql8vUAEzHqaVAWtz%2Bex3Jk8eRgQj5DY%2F%2Bv1wtmQhBYBKIPJn2j1LFtHtKPTFabBd8BgDG7o7jY%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
15
x-xss-protection
0, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
738cb7502f0dbbaf-FRA
anchor
www.google.com/recaptcha/api2/ Frame F8CC 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31031ffd258fd56f04d323ace13482d78e46b0275e7e7821310fdcd17ec0e4af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9TdQkN9ni8RLAqmddpeL5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moviesjoy.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21953
content-security-policy
script-src 'report-sample' 'nonce-9TdQkN9ni8RLAqmddpeL5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 00:04:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
77196c29-9d2b-4414-bc79-7543a13d07e3
ekr.zdassets.com/compose/ 		15 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/77196c29-9d2b-4414-bc79-7543a13d07e3
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=77196c29-9d2b-4414-bc79-7543a13d07e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
9
cf-ray
738cb7513c529bb6-FRA
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
vary
Origin, Accept-Encoding
x-zendesk-zorg
yes
x-request-id
0bcecd2d9af5151c8bd30b05512cd9a6, 0bcecd2d9af5151c8bd30b05512cd9a6
x-runtime
0.003440
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"86d8b086af0fc30d06856e218fcfdb6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FabpatQP00qMswNFXSLMLNp2%2Fd3uEih2xe7eXe5BKmqlElIUStVoIoCdyjHwByOf3LsfbXzgKV7p3fPNzdcJe9O7J%2BE9iPAru%2BHqKHOeBSCupQqi4OZREtQ8%2FyO2UJOhknE%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
access-control-expose-headers
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24640
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
banners
moviesjoy.to/ajax/ 		234 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/ajax/banners?page=detail
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6b2e57fea31e742e2020920695acbee9407f8289c55e55d269ae32aed304f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
*/*
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
on
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-xss-protection
0, 1; mode=block
server
cloudflare
content-language
en
x-frame-options
SAMEORIGIN
etag
W/"ea-WReF+UFwjWLcE8ktK7vtRM4Xrug"
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMo0Y73uGM5evVMUWwJGv8zEzhSqztoKU6Z2LQY81zTpJV5xPMjxtFQU1EdJfmpbxeoLSJJZVy7StmeQAUbmgd7WUBwbfsM5beppCwoEGEVyZ09JHwAzk1jnQEYdEIA%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
738cb750df88bbaf-FRA
83248
moviesjoy.to/ajax/check_favorite/ 		161 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/ajax/check_favorite/83248
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c89c8a01ef5c2070e1a5c69f22d80cc23465cd4a4ca6e1e3ff413872b24dfc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
*/*
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
on
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-xss-protection
0, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
content-language
en
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktl8wSfUoZ0lB%2FrtXFVPyLe1W1eJSnsBD7N%2FYB4U4a4c6S9yGf1HOutJV%2B%2FE4P40udjQjWbzoFxn%2FIfj%2FeKrI4MN7geL9xUYv0ZWlIpPnJfF1ZQLmw7Lzvs0yra%2FkJU%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
738cb750df8abbaf-FRA
83248
moviesjoy.to/ajax/vote_info/ 		857 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/ajax/vote_info/83248
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414c1960f91e3abdcb956b67814de9b3231b5bf8c29e6dbf6c4c750dbb6ea447
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
*/*
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
on
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-xss-protection
0, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
content-language
en
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ru4D9XIf%2BvewZIctZm2P0y6p%2FM1iAUc2UlTpMJkRSadY3Mki3qERUjShcV%2BVvovaIlthtqY0LDGqZ8y%2FR9WQEzIswIJrthwJHFSSV2vZCZrgRfdF4HXtocpFDLcjwnA%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
738cb750df8cbbaf-FRA
83248
moviesjoy.to/ajax/movie/episodes/ 		393 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moviesjoy.to/ajax/movie/episodes/83248
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a80d403d177d1cc5c5094ea500938bbf6aec995210df68aaffd85795682e60
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
*/*
Referer
https://moviesjoy.to/movie/mavka-the-forest-song-83248
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
on
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-xss-protection
0, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
content-language
en
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I39BJoCcnXPfaWpJbLwjzht9fxs1SV94UyEpvQvG8IOTI1ieGelZaNqdpTnJzoYBzRewrstpxnkvTWAsUqXErBBL5Gn8BtL9vN6Q1rrrcWEz0WwzuNPJgukzGKDrX6E%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
738cb750df8dbbaf-FRA
/
bigcache.ml/ Frame F06E 		208 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/
Requested by
Host: bigcache.ml
URL: https://bigcache.ml/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://moviesjoy.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
738cb7513bdabbdd-FRA
content-encoding
br
content-type
text/html
date
Thu, 11 Aug 2022 00:04:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4hVdnlVDuOt928GUMqR64HaqC134UEZCiLoUWFH%2Bf2%2BpvSrsPxgfUgyxlru%2BWKWMOfs46cVar0ehfEdTor9WIgYQVwdzBT0UmXHxr4TTCmrozRpLGRjg22fN3ExJTiO4K5qmvWngBak3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame F8CC 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 15:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 15:16:08 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame F8CC 		387 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158422
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:10:18 GMT
jquery.js
bigcache.ml/ Frame F06E 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/jquery.js
Requested by
Host: bigcache.ml
URL: https://bigcache.ml/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f31c05672de1042057dc12d4373b65bb98ad880bc40d76f6c3958f7efb7276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bigcache.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I11yPXRG0rJcVA4%2FcwRAuwVo%2F%2BpYxtQzu9etFQzskLdMB%2BXhmmRfQpPWhvhYmtKnpZ90soBTOf5ebS5ZM7ODJOy32Q%2FrOLaeVjtYglPvljTPQKbIxZQtf48VRv5kew7Mc9uANStWmcQp7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb751ac2bbbdd-FRA
expires
0
/
awscloudfront.ml/ Frame 4CB1 		208 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://awscloudfront.ml/
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://bigcache.ml/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
738cb7528e6d9112-FRA
content-encoding
br
content-type
text/html
date
Thu, 11 Aug 2022 00:04:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeMIFwi2xjMeB0cuMOiI6PTphEIX%2F0pgiHjuJkG7iYaP3oY%2BEo4IgWycJAHU6Qk0yEQJZAnrzkjly0Oi74PKieBJUVmaPm2PMaMSh2yf%2BY%2Bx8%2BbBopFtjdgInG72kZ1Tt0QPxnMXJojLe%2F%2BHVP59"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F8CC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
104701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8CC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:18:05 GMT
x-content-type-options
nosniff
age
132404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Aug 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8CC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
104701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Aug 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F8CC 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegO6AaAAAAAGzQq4XIIS-HChM4preVV0kH4PDB&co=aHR0cHM6Ly9tb3ZpZXNqb3kudG86NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=86myednyho95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Thu, 11 Aug 2022 00:04:49 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9f0570e6ea6a6e5c70f2e83fd46883a62e5fdd1ffce04471bedf0dbd23166e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css
Origin
https://moviesjoy.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
110104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13580
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-350c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zcAU2aNz2qFpnBk5tYl9QMQf6l8CLYFy3YMydePmBJ9zO13FBmS%2B5pw%2B6SLFRd26f%2FlyKaaVQOJf9pva1qsFA3dduM31qhKGfc%2Btn57frUMUNpNy501jHhu8RSfFmRf5arzlawAoRu7vYMyDDto17qc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738cb7536b73695d-FRA
expires
Tue, 01 Aug 2023 00:04:49 GMT
jquery.js
awscloudfront.ml/ Frame 4CB1 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscloudfront.ml/jquery.js
Requested by
Host: awscloudfront.ml
URL: https://awscloudfront.ml/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f31c05672de1042057dc12d4373b65bb98ad880bc40d76f6c3958f7efb7276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscloudfront.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf9fH6PUDDlTRlGhh0E%2BdRaKNBuGYp61lbRFKFgLzWaDW8AZOLRrLWdz0LwHSfGjSOlh4bl9YjvU%2BVq5GaL5Qtb6wRZ%2FfQeDp8yl2kcFvkQeBcO5JXK7wwideRsq3NZMkgwk2vh2rbtxqkP592ZQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb753bd149085-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5da59293a14f83e9/ 		3 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5da59293a14f83e9/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac0d000c7241f6c456eb3b7ad43592246ae37c93474c89bc6e143b44e5b4d35c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
content-encoding
gzip
etag
674816972--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=50, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
701
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=62f447a1cc6d7d93&bkl=0&bl=1&pdt=181&sid=62f447a1cc6d7d93&pub=ra-5da59293a14f83e9&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=moviesjoy.to&fp=movie%2Fmavka-the-forest-song-83248&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Mavka%3A%20The%20Forest%20Song%2Cwatch%20Mavka%3A%20The%20Forest%20Song%20free%2Cdownload%20Mavka%3A%20The%20Forest%20Song%20free%2Cfull%20Mavka%3A%20The%20Forest%20Song%20online%2CMavka%3A%20The%20Forest%20Song%20full%20hd&colc=1660176290383&jsl=1&uvs=62f447a17c56612c000&skipb=1&callback=addthis.cbs.jsonp__58116896150558350
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67133ef67a060200a05126324f5528294c6a09d7b60326133ddb7731cedc93e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:51 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 38A4 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F394 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://moviesjoy.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 11 Aug 2022 00:04:50 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
c300573b163093d16019dd6c7f26de130.otf
bigcache.ml/fonts/ Frame F06E 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/fonts/c300573b163093d16019dd6c7f26de130.otf
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3ca44af763061bf9f7d0dcb807c0337f1ce91f75cac6293fc1412ea4267427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bigcache.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6692
pragma
no-cache
server
cloudflare
etag
fd18033abf654c587d973f43457e7c2c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxhybCI809Vz2jRltiWFwYFzwyJZ%2FfDgB1wsgEu7ZDv9%2BUCHet2LC5pxQLqaGcpUqsJzf%2FLxi6uWRz3RnLBNO3Z%2F8kT7qekRvEznfzpmz7McXXxSFtIYeOx26%2FCQZkOlqE1PLhlMVJeUVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb757086abbdd-FRA
expires
0
a5968ed5-ac89-4aae-9940-472c9ad4431b
https://moviesjoy.to/ Frame 0A12 		174 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://moviesjoy.to/a5968ed5-ac89-4aae-9940-472c9ad4431b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
174
Content-Type
text/javascript
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 11 Aug 2022 00:04:50 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
i301a18860e11e5a70468ddc2f36fe34b.otf
bigcache.ml/fonts/ Frame F06E 		432 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/fonts/i301a18860e11e5a70468ddc2f36fe34b.otf
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
253add07294baa2c17ff71b677885e5e8ec7ec07c9519584de18f292889ab8a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bigcache.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432
pragma
no-cache
server
cloudflare
etag
4f713aa2465d7bbbfc5a8d9a60f77c51
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PLOm5pdXgCRtvEgwRclyDaJTJvNsdtDARwbQDzWub3ENFC0oS4gPXqCJwyb9bwXoL%2BayWWqMn966w7FNH4v8C5v3mAU55u6YkUe%2FqLtXDHmPSum%2FXSLK2gkK2uahY%2BtTJGhPnLRJiI1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb75758a2bbdd-FRA
expires
0
m4889d3f8297ba3edf6742129c80a4da3.otf
bigcache.ml/fonts/ Frame F06E 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bigcache.ml/fonts/m4889d3f8297ba3edf6742129c80a4da3.otf
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b289c78dd5e2d6c4a44e1ce5f2d2a7e812817b85f83f4e29ea97d5162659030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bigcache.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13584
pragma
no-cache
server
cloudflare
etag
5eda805fb1337a0efe3a9368c5c0a948
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIY82uXKNl4w%2BReAzv3Am45WjQraok0n6deQNOyQPv1YKD61qMdMCXACuiDZ4kxqK6sPQPEs72eNRJthoa9JPcIbcviYHIjt29J3pKMqAtjf1Lv9vGfMoabE%2FisOYfJpx47kpKZFjwzJjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb75798e9bbdd-FRA
expires
0
159.1c3fceccbc80f2a3615f.js
s7.addthis.com/static/ 		564 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-234"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 11 Aug 2022 00:04:50 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
394
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://moviesjoy.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://moviesjoy.to/movie/mavka-the-forest-song-83248
last-modified
Thu, 11 Aug 2022 00:00:00 GMT
server
nginx/1.15.8
date
Thu, 11 Aug 2022 00:04:50 GMT
content-type
application/json
access-control-allow-origin
https://moviesjoy.to
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
count.json
widgets.pinterest.com/v1/urls/ 		101 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&callback=window._ate.cbs.rcb_48900
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16caa966ea93c72da0721325fd490bfc31c364523979dff4c1cd1c7ed3788ffa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
1
accept-ranges
none
x-pinterest-rid
4983781307180083
expires
Thu, 11 Aug 2022 00:19:50 GMT
shares.json
api-public.addthis.com/url/ 		33 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&callback=_ate.cbs.rcb_233n0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
07b1532663ed01a948a44e3616c7a17e4d707041c904443b7ea86bf9242b04dd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
moviesjoy.to/movie/mavka-the-forest-song-83248
last-modified
Thu, 11 Aug 2022 00:04:50 GMT
server
nginx/1.15.8
date
Thu, 11 Aug 2022 00:04:50 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
count.json
widgets.pinterest.com/v1/urls/ 		100 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&callback=window._ate.cbs.rcb_9wqv0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7d4aaa6eb23a03f314e3e3a8851702ba71b7601fdcfae679c5c20438b6001a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
1562586799508590
expires
Thu, 11 Aug 2022 00:19:50 GMT
shares.json
api-public.addthis.com/url/ 		33 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fmoviesjoy.to%2Fmovie%2Fmavka-the-forest-song-83248&callback=_ate.cbs.rcb_9azd0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2c4305b1851de1d15636c20ddfa1136588a08eaca64f66a84f2024634d61fc90
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moviesjoy.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
moviesjoy.to/movie/mavka-the-forest-song-83248
last-modified
Thu, 11 Aug 2022 00:04:50 GMT
server
nginx/1.15.8
date
Thu, 11 Aug 2022 00:04:50 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
/
livrosdereceita.ml/ Frame C1F0 		208 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.ml/
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:838 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Referer
https://bigcache.ml/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
738cb75879a092a1-FRA
content-encoding
br
content-type
text/html
date
Thu, 11 Aug 2022 00:04:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXowSk0XYaNgKaYZuBQuApwyTtEYCJdDNYH90GXoOT6U2ZNyg%2Bz8LMzfhoE625SFoo6cDoUIboYjXAHAF0BuSpBYasYkR9t6KH12DSpVro4fp6pB9X%2Bk2OOpdBIpJ6PvnGuj1DEgTqpQxDwK5h1ezCg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.js
livrosdereceita.ml/ Frame C1F0 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.ml/jquery.js
Requested by
Host: livrosdereceita.ml
URL: https://livrosdereceita.ml/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:838 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f31c05672de1042057dc12d4373b65bb98ad880bc40d76f6c3958f7efb7276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9veB5tOkrtqLENaglenm1NAP1fQGR%2BoVCpDatNQIrwPu91PsVTniID25lxPkYS2%2F%2BFowa6MF099gTqWmcbXNO%2FfIcXgHvvqYGJRbJHulUou8rGkHC7nDsjum2KF2YnYwnGmoiJ3FjfV3ojFuYTEldWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb759cac19bd4-FRA
expires
0
/
livrosdereceita.com/average-credit-card-debt-in-the-u-s/ Frame CC14 		118 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a8a6cde35e86df0bb041d20fd88c2046de4695adebe1dd1570d3127d0079c7

Request headers

Referer
https://livrosdereceita.ml/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
738cb75a6d6a9bf2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 Aug 2022 00:04:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
last-modified
Wed, 10 Aug 2022 15:07:44 GMT
link
<https://livrosdereceita.com/wp-json/>; rel="https://api.w.org/" <https://livrosdereceita.com/wp-json/wp/v2/posts/4013>; rel="alternate"; type="application/json" <https://livrosdereceita.com/?p=4013>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5Z%2FUO61UWR6km%2FP%2BOqklLxfP2iXnpIAL8c4xb%2FSHj6hPKTzxs0WDw%2FxZTdr6vwZCpojHiFPoXi4fru31GuoaBjiy3HVJXStQdqAqdmJw5QFtadN5xNvlEDPa%2Bb8A%2BKZEnSN%2ByRh9wjOLwBXqsU06kr1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-pingback
https://livrosdereceita.com/xmlrpc.php
style.min.css
livrosdereceita.com/wp-includes/css/dist/block-library/ Frame CC14 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 13 Jul 2022 01:14:43 GMT
server
cloudflare
etag
W/"15b64-5e3a582945649"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KUCgSQ2YnC0TgGKfKnENQdhs0sxb6QKV68NLe3hnxDdLRgzphwo7qzE9BXOTXHoaxxtt5ZZHIsBfLFU6HVFEINiftvku4O6Qq%2FSYB%2BMFrLNjf5TFeJ%2BSmViOrbb%2BIv%2FrELXOCE4kEZO8wfwXTPOh76n"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add3f9136-FRA
expires
0
cookie-law-info-public.css
livrosdereceita.com/wp-content/plugins/cookie-law-info/public/css/ Frame CC14 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 23:30:18 GMT
server
cloudflare
etag
W/"c22-5e3173c450bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Eugs1RBHVXNzoYTCm1CNRBYpurJmM8YA5LPSsBGYijAH%2BzAGeaLaJJJ30m%2B6fVgwWOut6exNtofxQ6CyJoQgDSajknfp2Bg2ptxI9nZvxGRzDQp24X5JkmYzOI1o552%2B2W7ADHQ5wCa2YTSJ4xFI%2Fi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add409136-FRA
expires
0
cookie-law-info-gdpr.css
livrosdereceita.com/wp-content/plugins/cookie-law-info/public/css/ Frame CC14 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 23:30:18 GMT
server
cloudflare
etag
W/"6a71-5e3173c450bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMrvGpOSPZRBnHte0YLeo%2BGRlnw7jnBe2AvNA6Y%2F7n5lvXcAW9FI08YMcnMsVLoJJzjIIjgVh5%2FMdhFIN7pX2a7eWCJjfmpYqOYNnz%2Bu5xYYecXYePmYQLTOv%2FUbXPQfe%2FuDuY6%2BhMsCuzTdy6NzhtOK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add429136-FRA
expires
0
global.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34142a3b54120a34f4b119c24b571dd75bacb6234d897a616e6002cf8049e0bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"4ba7-5e3063be8cb35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCzmnJdy8FlB9o29U9pgiCSCsGgaguanaIzTVqqNqQl%2Fz23DOQxQ3sIKgj%2BROy7ZPi5oP71AMjiztygKcFD4B3ut1JwBVIh6c%2BI%2FXuSuF5Fp%2Bgv8YOs9MTbpCpAdyz9E1Ho67VCW3hVqjjI5PLHdJvR2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add3e9136-FRA
expires
0
header.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e2ec022d7022381ad504fee10671dfc7c5ad86f0691798636ca74b92aacd9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"6c51-5e3063be8bb95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNbyypo27osL%2BH72TyL7BPIvTlstQ9ZLzJwtzMGHoOSaP1%2FNQiLUDlkTnG9l5xXr7BwPWPZwjgi3bd49jEGemPRq8TUe79yOUIWwTjQO2PeP8N1WU9Ppd9gmPpuKlf%2F8aRcndXuJhOS54G57zLtrwfko"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add3c9136-FRA
expires
0
content.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6543f4b0035896d00d742419b219b7249f05ba9ec3946e3abb388f750d7de2e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"7dfa-5e3063be8cb35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X85BYJvHhCiNfVlZhHJBDjYhsrS3tbms8AdycmGIPtNFKLlR4yMnSw00lhwyHyDt3HQslJL1L%2Fskgy7BuU39U99sGnOH8M3KfyM2eVPsPuvrtu1BNBvA9bAHs6T24syvunGpRzskR003BfXaiQ0MRffa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add499136-FRA
expires
0
comments.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/comments.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055486b8ef198b37f47f0cd509ca420d37404f693ab5d8600bf366291f131be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18033
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"192e-5e3063be8cb35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYJvdmVEOBnC1bS6BpF5K7oDg%2BpnFkl5tdK3uNESwQ%2B7GTkIyqT3dUNtlgz3AucJDZ9zfGULvzzpv%2FaGO16dQNOdK%2BCIVVRF%2FTf2dwJiSrRgLQlB%2BOkMYsgo7YTYgO5jxejHw0A5O7WnpCA8a63HrlMr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add469136-FRA
expires
0
related-posts.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		996 B
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/related-posts.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f1dc84e4ef961b787e21d203ce06521cced0634ae8b6fc41718f3770d7a42c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18033
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"3e4-5e3063be8bb95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh7e%2BNtV96PRGj95qZOIFCQmCO7BT19OD2IdhCl4vKnV%2BwAVtD%2Bq3M89l1sDxlAv3B4ujQ3Zx8EYhW4hRVa9KC%2FeNItwLV7IsL%2Fzn0X9okjcRAaAj1RZ%2Bii2ZuMoJLuAC9LS3sJgBobfP%2Bjqf4yFuHzS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add479136-FRA
expires
0
kadence-splide.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/kadence-splide.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3683a69cfd4117498b828da5b85b8edea0f84f630656ab218ed5c3d87fb519f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18033
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"1f4e-5e3063be8cb35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9PbvE4SdERYii1X56tLN5Vuva1MEGSiwwjUJiA3h81RX%2B5G603P1oXqj82YbQhCIGuC3w7m0uJr%2B1OCgZfsxLL2ru3%2FDtNzfBVJv9SojcUv9FjS8cJE2guM476WwGlc%2F4vUeAO7DlD7U2Q1By7%2FRdHK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add449136-FRA
expires
0
footer.min.css
livrosdereceita.com/wp-content/themes/kadence/assets/css/ Frame CC14 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.22
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7aabf050aa1b90d020378248c4605e266080e4aa27b16d96fb4f5ecd35dc573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"460a-5e3063be8bb95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcaDMfHsv1RvDsbwfEXaFkOFEezBO1Wk%2B7alBYTI%2FnwCjIgoHIFQgv1m65TWEwHlaAvD%2FZU38qeSb07RYgJPtzaoEopdSlOrsIWiNxmleLybIcYicRCsEA6NUDhhavKEAdoXRS7AS4WHqjP5NzPKMyaS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add4e9136-FRA
expires
0
jquery.min.js
livrosdereceita.com/wp-includes/js/jquery/ Frame CC14 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
etag
W/"15db1-5bd3006388300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTHK7lHWujUrBAfWDmk0FTWhW7KNRx3AfITDW8J5Mh2Y6bSw2WMFdF7BUEjvjAZ0mUYecr%2FocK1g0W5k7uSDsf3p%2Bpy%2BBVvTKkdKdfykM55z44hkpjcinkFgJnC3iKQ6%2F%2FoVxPzPvOjdraVfzKf61xDU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add4c9136-FRA
expires
0
jquery-migrate.min.js
livrosdereceita.com/wp-includes/js/jquery/ Frame CC14 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"2bd8-5b45debe27b80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQrDSEIbwQr3YWTrJ6Up350DZJcmZpAmR%2FPM1YlUM5p18Jasn%2Fuln3i3DFllNOfmfyuiBoyJ7c4Kb%2B4qeOPAeTt6DkrDzHJd3PO9nJp0do9Zir61CNzBLG6rIBHj5cEF5vfDC9SoNunBTQijL5tIvSFx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add4a9136-FRA
expires
0
cookie-law-info-public.js
livrosdereceita.com/wp-content/plugins/cookie-law-info/public/js/ Frame CC14 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 23:30:18 GMT
server
cloudflare
etag
W/"8583-5e3173c450bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5kY%2F3bcQV5P8oRobO%2BwBkJNEWGHr4BTwxq556WxAIaTh5XsxFgRZb0nD72ehVngnLNI7sPaU%2BylhFqkQjF6JtGz3tvaY3U6XUyDt0NlgJdgwdkqTsyyjzetjBEJC9SPNDAK9d8h%2F%2F7XEXzBtJN9rRvd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75add4d9136-FRA
expires
0
js
www.googletagmanager.com/gtag/ Frame CC14 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-227761985-1
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2be37942366d28e7bf07dba422b2f3a871236dd8ea0a598180dd271e39c4e558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41921
x-xss-protection
0
expires
Thu, 11 Aug 2022 00:04:51 GMT
CreditCardsStack.jpg
livrosdereceita.com/wp-content/uploads/2022/07/ Frame CC14 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livrosdereceita.com/wp-content/uploads/2022/07/CreditCardsStack.jpg
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0228960dbb4b2f89b8b770d072d1d14ffdd0201a27baa6740caae5ce961b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92159
pragma
no-cache
last-modified
Tue, 05 Jul 2022 20:27:02 GMT
server
cloudflare
etag
"167ff-5e314acd94b16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpVyEQEEJ%2BaHe%2FAoZs7%2BHpQS3dk26dzNS4nasj%2B5Hl%2B8Eatf20IO9MQHxXAY8ZCXewQQTgilO4jeFsm8x5g%2FSFKN8ltaeGAE%2BoyUQoIfBxDuPQyK8zOpihxHqVDFNTujEn7ubf0KMhbUZ86GGUC2Ma2m"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb75b9dbb9136-FRA
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CC14 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b7e551c458604d5604484615b1c856d9f50e3ee349ab8035d5ebbb013a4f60a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28701
x-xss-protection
0
server
sffe
etag
"1300 / 251 of 1000 / last-modified: 1660136673"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 11 Aug 2022 00:04:51 GMT
cookie-law-info-table.css
livrosdereceita.com/wp-content/plugins/cookie-law-info/public/css/ Frame CC14 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 23:30:18 GMT
server
cloudflare
etag
W/"17e1-5e3173c450bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MQMV7o4HMxMs9EgrzsO5K3PO0FxlW%2F5jfgyrM1X80baUnuPZEPHV2%2B0D7Dw9FkeVjoaUmowc00bvZT6Ifh1SITdZyQ2Zw1BbR5DlJWZvEol9DmngfzfJGs5XFljk9TUPeWX9pvZHCMfAHTQXEFwMbY3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75b8daa9136-FRA
expires
0
comment-reply.min.js
livrosdereceita.com/wp-includes/js/ Frame CC14 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-includes/js/comment-reply.min.js?ver=6.0.1
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
etag
W/"ba5-5dc2a2438e980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQlrd4CaD%2BQMV3h6f76XYKjFYQO4SIJmLS42NyXL4PSLFwr8MxdWsDEMzln3CX0RAj9qZzLN35vUr5i6a44vqfje9szywPLBdAAk2BhgyYxXAKGa%2B2npHWLVEGLy89DoRUrQ%2BqhWTe2aQRcaXOq0hZje"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75b8dac9136-FRA
expires
0
navigation.min.js
livrosdereceita.com/wp-content/themes/kadence/assets/js/ Frame CC14 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.21
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5214fc1616fbd3df53b7934be5e22fbf9f7ad6769f40beced0172cfdb15295

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"5350-5e3063be8ea75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkhUCLiHI5zXkdhwD6nFWMGS5PaJpU7%2FUH%2BQf6EQ7f8QAfFKRo7rcddnF8Y4WGef%2BKFzVloOv6ksGfBbjCQb8ST%2FMg%2FJHs21v4Om%2B26wDmGqDctNMM1ZMatp6r%2F6zvV7B8tQcJLpaMhPj%2F43%2Bx1B5Aky"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75b9dbd9136-FRA
expires
0
splide.min.js
livrosdereceita.com/wp-content/themes/kadence/assets/js/ Frame CC14 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/js/splide.min.js?ver=1.1.21
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac671d4028fea63427cc84384d1c53fbadcba51ef4abc8e8104135cf74876254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18031
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"73e6-5e3063be8dad5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1G8JL3lzeT013ZejVAMif5xYr1khUc%2Btc0bvfB8bBiK%2Fg4VBW%2F7aCvVMktHFWOQI9EsX%2BZnAYweVuvUfcY%2BiNP78tzJri76iSsNzrjkXoOaBTrnX8g8JL8Q%2BtwCcIpRhyH48NLQU6D23wuL2oaMmViBY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75b9dbf9136-FRA
expires
0
splide-init.min.js
livrosdereceita.com/wp-content/themes/kadence/assets/js/ Frame CC14 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-content/themes/kadence/assets/js/splide-init.min.js?ver=1.1.21
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c951a597072dd7d73e9d7218eb09cb7b0eb51bd5bd240650f71f57feecec2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18031
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 05 Jul 2022 03:13:17 GMT
server
cloudflare
etag
W/"13a2-5e3063be8cb35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aazNTk1Iqsky1ZPeppvNEkdIe3z%2BDTWK1CRNg%2BLTKGKhAYGbObgHE6uNJ7%2F%2BcIM2dLo91%2BLeiWZ%2Bycm93%2ByyhtkTUeSgSBPt%2BGekhzygFtlOL%2BO%2Bo2Mv%2BMaSHMUiLyrweTgh5yKUR8wQfsS6cg5bbGnj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75b9dc09136-FRA
expires
0
wp-emoji-release.min.js
livrosdereceita.com/wp-includes/js/ Frame CC14 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livrosdereceita.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18076
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
cloudflare
etag
W/"48b9-5dc6eb878efc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPco6gtEX8PPMPJtWi4Ep7k4b5HfdKWYAWCkthipXYeVs3sPe4QupFpX%2FnqLj2XuA6zBU3LDkqQGCyT9u7pYtNoFa8P0CyZcp8eE1t0VYAy1u%2BoPndm4fDNc4SH9DuULSFx7twxvkxW9%2FzoNNgNjGsny"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
738cb75b9dc19136-FRA
expires
0
analytics.js
www.google-analytics.com/ Frame CC14 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227761985-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3771
date
Wed, 10 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 11 Aug 2022 01:02:00 GMT
pubads_impl_2022080901.js
securepubads.g.doubleclick.net/gpt/ Frame CC14 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068870
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 10:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134589
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 08:35:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Aug 2023 10:37:21 GMT
collect
www.google-analytics.com/j/ Frame CC14 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1824525892&t=pageview&_s=1&dl=https%3A%2F%2Flivrosdereceita.com%2Faverage-credit-card-debt-in-the-u-s%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Average%20credit%20card%20debt%20in%20the%20U.S.%20%E2%80%93%20Recipe%20Books&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=635247597&gjid=187645060&cid=2139406949.1660176291&tid=UA-227761985-1&_gid=835628692.1660176291&_r=1&gtm=2ou880&z=1839906078
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livrosdereceita.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://livrosdereceita.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame CC14 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=livrosdereceita.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CC14 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livrosdereceita.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CC14 		56 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2278781081987895&correlator=2135625159616928&eid=31068870&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=339263271%3A22682343152%2Cgam_livrosdereceita.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3160253828&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1660176291535&lmt=1660144064&dlt=1660176290973&idt=538&adxs=435&adys=740&biw=1600&bih=1200&scr_x=0&scr_y=0&ucis=owuhu6owohx3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flivrosdereceita.com%2Faverage-credit-card-debt-in-the-u-s%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=730x250&msz=730x250&fws=260&ohw=1600&ga_vid=2139406949.1660176291&ga_sid=1660176292&ga_hid=1824525892&ga_fc=true
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6d0398e8fd7dae88a2fda13006d35ac3a42badf96736166de3d60164453ce2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19669
x-xss-protection
0
google-lineitem-id
5495700468
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138325478669
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livrosdereceita.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CC14 		84 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2278781081987895&correlator=2135625159616928&eid=31068870&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=339263271%3A22682343152%2Cgam_livrosdereceita.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=2&adks=1859660881&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1660176291542&lmt=1660144064&dlt=1660176290973&idt=538&adxs=435&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&ucis=8e34d3w9009b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flivrosdereceita.com%2Faverage-credit-card-debt-in-the-u-s%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=730x280&msz=730x280&fws=260&ohw=1600&ga_vid=2139406949.1660176291&ga_sid=1660176292&ga_hid=1824525892&ga_fc=true
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e838c5671a9420703b124997c01965e207cfe6f46b7334b712af277c164c3040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35951
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livrosdereceita.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6BC3 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6BC3 		0
0
container.html
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D94 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livrosdereceita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 00:04:52 GMT
expires
Fri, 11 Aug 2023 00:04:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1.-Cartao-de-credito-mais-facil-de-aprovar-conheca-5-otimas-opcoes-768x410.jpg
livrosdereceita.com/wp-content/uploads/2022/06/ Frame CC14 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livrosdereceita.com/wp-content/uploads/2022/06/1.-Cartao-de-credito-mais-facil-de-aprovar-conheca-5-otimas-opcoes-768x410.jpg
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3c0a13c1c672288aab00a28698f52524f587e51b71821d7898b6d4f5832356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28526
pragma
no-cache
last-modified
Tue, 05 Jul 2022 04:16:52 GMT
server
cloudflare
etag
"6f6e-5e3071f49c56c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FakMgL42s1%2F7oL8hBlzquudUOYFeHxA7pODh4NR1OHd%2FWqyi%2BmhR4bVsRVtQvHVWQP7k%2Be4UHXBVsnZs20HPUUfRCrMgbtvGQWGnEZpKs3G9nGNQol2AMdQXhIuAC0uR1NOs32QTjonqXlUkbtxhSLPg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb7621af69136-FRA
expires
0
3f526220-e6ba-11e9-bf6d-a5720a163528.jpg
livrosdereceita.com/wp-content/uploads/2022/06/ Frame CC14 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livrosdereceita.com/wp-content/uploads/2022/06/3f526220-e6ba-11e9-bf6d-a5720a163528.jpg
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd9b38679e5f92aa681e354bf60c9e952a476d22a224b9612e24a7a49d9be490

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22393
pragma
no-cache
last-modified
Tue, 05 Jul 2022 04:33:07 GMT
server
cloudflare
etag
"5779-5e3075960af81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCfywO%2BZOS8muHn5Nt42rheKZ6ZCAWVV4jrPJZ5Tza%2BCYaA5EzZM0Oa%2FVKM5%2BAjUaQepEj0q%2F0tzwk8DJ35QXP3IJyw8p9oOyRzBaqYELuBNUPUl1iemWyC36fKft6NHnpsuNDqw6laNY%2FrQHXXLwc1J"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb7621af79136-FRA
expires
0
Depositphotos_55776159_s_2.jpg
livrosdereceita.com/wp-content/uploads/2022/07/ Frame CC14 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livrosdereceita.com/wp-content/uploads/2022/07/Depositphotos_55776159_s_2.jpg
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8462287ed0841f4d26f5dab1be12ae5dbb959116e69bea7489959b3cf93daf1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17507
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36565
pragma
no-cache
last-modified
Tue, 05 Jul 2022 19:46:53 GMT
server
cloudflare
etag
"8ed5-5e3141d4ac304"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rokdIzk%2B6mVktbcRTlqxzwLByQZC2pkLgZKsM18GOX75FvtgTSVxwcDKrHn0XPrenGpzMOC5YtMjSSto3%2Bw8joo0cN4d8Ce5olsPsPalkCH15WJt8drkqgaiSuzwHbWDpNKVMzwDksus6q5RYZLdkWjE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
738cb7621af89136-FRA
expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CC14 		49 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2278781081987895&correlator=2135625159616928&eid=31068870&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=339263271%3A22682343152%2Cgam_livrosdereceita.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3160253828&sfv=1-0-38&ris=1&rcs=1&fsapi=false&prev_scp=in2w_key%3D925%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx392%26in2w_key4%3D--g---%2C--g---%26in2w_key5%3Doptimization%26in2w_key6%3D--gh--qgz%26in2w_key7%3D392%26in2w_key8%3D925%252C926%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D8%26in2w_keypm%3Ddiv-gpt-ad-1645028988074-0%26in2w_key9001%3D1&eri=1&sc=1&cookie=ID%3Dd49e7009c555c3ad%3AT%3D1660176291%3AS%3DALNI_MYZVhgVgDuB0tjQYwcf_vMOT_LEiw&abxe=1&dt=1660176292169&lmt=1660144064&dlt=1660176290973&idt=538&adxs=435&adys=-3458&biw=1600&bih=1200&scr_x=0&scr_y=0&ucis=owuhu6owohx3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flivrosdereceita.com%2Faverage-credit-card-debt-in-the-u-s%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=730x250&msz=730x250&fws=260&ohw=1600&ga_vid=2139406949.1660176291&ga_sid=1660176292&ga_hid=1824525892&ga_fc=true
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f0ee07790d707ea58832f35e98a10adc1a22e5bbe72557fb2059e4b2ed796dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17243
x-xss-protection
0
google-lineitem-id
5645478603
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376944918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livrosdereceita.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A0FD 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0FD 		0
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CC14 		71 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2278781081987895&correlator=2135625159616928&eid=31068870&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=339263271%3A22682343152%2Cgam_livrosdereceita.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=3160253828&sfv=1-0-38&rcs=2&fsapi=false&prev_scp=in2w_key%3D926%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx392%26in2w_key4%3D--g8gz%26in2w_key5%3Doptimization%26in2w_key6%3D--gh--qgz%26in2w_key7%3D392%26in2w_key8%3D925%2C926%26in2w_key9001%3D2%26in2w_keypm%3Ddiv-gpt-ad-1645028988074-0&eri=1&sc=1&cookie=ID%3Dd49e7009c555c3ad%3AT%3D1660176291%3AS%3DALNI_MYZVhgVgDuB0tjQYwcf_vMOT_LEiw&abxe=1&dt=1660176292468&lmt=1660144064&dlt=1660176290973&idt=538&adxs=435&adys=-4613&biw=1600&bih=1200&scr_x=0&scr_y=0&ucis=owuhu6owohx3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flivrosdereceita.com%2Faverage-credit-card-debt-in-the-u-s%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=730x250&msz=730x250&fws=260&ohw=1600&ga_vid=2139406949.1660176291&ga_sid=1660176292&ga_hid=1824525892&ga_fc=true
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c09e405f61ed65c16523cc7af33358d225f503318dfd30562658335c12b81bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livrosdereceita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35413
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livrosdereceita.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 643D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068870
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livrosdereceita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 00:04:52 GMT
expires
Fri, 11 Aug 2023 00:04:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F115 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD3mNLzARjDoNTOATAB&v=APEucNVNsR4qcx8F2c2KA9GaKd8273OjBQjPhoRQGKCcN7cScPsRDSHXvQeaQX_35Yxkr-OXl9K_ypZ89BeuUeaAT5T7iZDGW9F2Yb-QVa43bOXEL2ebqgVqOvhbsEfX995ktNB6YFjHgX1Eubywhumd4sPyUqAKwv4_bLdybKLvqJp-I-OrxF4
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 00:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 91DA 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 22:53:06 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 91DA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 23:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 23:55:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 91DA 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoWl5DyMXmeUgXadpfsekacei_sy4zQgPS8FNyntdy2Qlpy8dGq4mHvDaw9KHSONy_g0UXrPIqjIlBfuysPGDHoO3c909OK5t_NqjeGa22F8C0YMPZispIzqA2X-_TVu7NeAkG_Mu5leDHxXtWH9bO5XInQkwhmD2SchCkb9k2tWbYRx7MV3GI08HR-SGN4LGS1mFMYYgba-w4GNdTIRGQ-0HP0n3Q20YI-uAO2efEXJReM2_ebfe2W4P7-nC1nuDXQZL13C5h1av4Hi7mTiqFC1kc_RwugCkO0sEnCINDJE2pVzDTQmuKBewS2XkMJV-IVKeyJqMBbWnCFMFDtBS6jcP9BCpdCt1RnI81JqkAwl0cXOLfpDuMTttjOZR-T7au4U6WCrxDIFOEfIgp3XhqTbdIZJqVdKNB4mHyOYJCXI7uw9TcmD8ZDIbfPSwuJyjaUZgwBd8xsdg9si3H7Bh6HOat06_hUaao4yWAQTfyJjQO2HU0pSaG8w2e4m8w9meWHWmNO3BY9Ulqjg1S6fKE0NgnujvNnN1-4ed2FLciTCUxx-ph9B3zykYBATPkA2UGPwiH_OH855bwa7DMcmvu4UfovsPMsneKI53cxXZoczQBruEtftquYHu5RINoJ-f-mXxUPEsx9P53EqQM5Il0T3CwpvZRBiZbvHwrb03D-RXWhKb7_SoPlFbCeze1TwPgB62FxvFHSKytPm7wjC1uYOIS-5dWeNkhKqFpA3Bn8MdW30KznUDgeOF6rsfQnH-XNREW1FkVYuxa1n6ZcA4GvczU8miu1Ke7jlrORtKAm9t4nPgrUzsCdRaFpmtVmqf-zPfW062OqUFWqL4WTSiH7QsbizV52clqQASxgAAAcavvoyo7lhV6ZVDMzh1So7EMB6Dp5t8lBn40C0xgzdZitQTU4rMmCWRQbHfRMxd9fkS4AWuFDcR58hAtEo5xI5EL0grV3a2FREVua8j0itixCaC-uKOxt1A2tzGp0wkAqXlyZyQNStpvSNX18sC1TpX7cRuaXvDNhooGgQHJv9MpB_JXpNRElpdIQ0_LXk0N84VsDz9yDbeRdz9Z5P32BV4UhlsGrTz1iVll1fIXtSARGo8wZ88teRw8sevcBn9uoz387FKGt8B-Ml979WSE9ciX4OugJdvIQhvG7vH9vjxQ3T7zd82nchsPgXtD9pVPi_tsIAZD8Bi8m2XauQJo&sai=AMfl-YR-nT1FEGNItzabbSLxYf4YPkImDZ_X5VloXO3eLXqIOWvgxhgVRQPslCdaPRlhXQEo7t6HecnDcExnTJmT5KKdH7vKufUdbku0xrSEkMv8QH-QKkY_RvslgFY7npeAX7F3kqeYHp_nMAqpmqRgJDsRRtcE6kZxoiqdgvW8KokGcCxju3jkF9QcHoHv3SSAIM4_DIlXsj3dIATtes_qSJaUthKMCLX6cpXiEbKF8PykEKc7dwePh3IqUva2Y90kedy-aBvDutHfnGGchmGDAmxL3wI5gTlP3aaaYjEVS5_M&sig=Cg0ArKJSzKndXjL0wGtREAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220808.47386&adurl=
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 11 Aug 2022 00:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 91DA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 16:26:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 91DA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 23:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 23:19:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91DA 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Aug 2022 00:04:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 91DA 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 23:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 23:50:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91DA 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdVSCQfYT3hpm1Gqti1T3nZqTQZM60vCcTjZ_40guVAe5Gwkoa9ZmQ_AzcgCHERBW7CiQg089iBaXIDVNCigl80su2Tu9yqvZvK8jy9YtnYqx4eWk
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9759360733032575328
s0.2mdn.net/simgad/ Frame 91DA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9759360733032575328
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b248cbab130c31827a3c7956efe817beafcb9ccb822d5364405565f566f892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 23:57:36 GMT
x-content-type-options
nosniff
age
259636
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17145
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 09:45:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Aug 2023 23:57:36 GMT
rum
dsum-sec.casalemedia.com/ Frame F115
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD3mNLzARjDoNTOATAB&v=APEucNVNsR4qcx8F2c2KA9GaKd8273OjBQjPhoRQGKCcN7cScPsRDSHXvQeaQX_35Yxkr-OXl9K_ypZ89BeuUeaAT5T7iZDGW9F2Yb-QVa43bOXEL2ebqgVqOvhbsEfX995ktNB6YFjHgX1Eubywhumd4sPyUqAKwv4_bLdybKLvqJp-I-OrxF4
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
738cb766bd0dbb77-FRA
pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNvvV3atPHkDoICX0YwnbJanN%2FktZdRcUjNRsewursRo9b1wT0PWj6EqIWUJ0zuGTt68QVgYOLPASoYIB79pof6nOhTnGepRy1IxZvXGfpKvv%2BVQGZWpqIIyUr%2B1E6UtPXv0pICjglarrg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F115
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvRHpGyq1VVTs.la1qxpbQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1&google_hm=2
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD3mNLzARjDoNTOATAB&v=APEucNVNsR4qcx8F2c2KA9GaKd8273OjBQjPhoRQGKCcN7cScPsRDSHXvQeaQX_35Yxkr-OXl9K_ypZ89BeuUeaAT5T7iZDGW9F2Yb-QVa43bOXEL2ebqgVqOvhbsEfX995ktNB6YFjHgX1Eubywhumd4sPyUqAKwv4_bLdybKLvqJp-I-OrxF4
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
738cb7677e0bbb77-FRA
pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d23TXZiyOiB%2Ft3vRvmvQwbY0MSq%2BBpWmxNoLLoTrB9XNI0Tpqs9VZV5zrCAa4HW%2FA%2BowSQnlU0SjWNPscB%2FGNu63Oaa7vI657mPeQ46HMQEDJ4FnOIJuoEdngl632wv0UH5LlBt6OFfOtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5KIx2mGoah8ndHvLjQpl8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F115
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJdQ4jqAe6RynBK4kU7LM1k&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJdQ4jqAe6RynBK4kU7LM1k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD3mNLzARjDoNTOATAB&v=APEucNVNsR4qcx8F2c2KA9GaKd8273OjBQjPhoRQGKCcN7cScPsRDSHXvQeaQX_35Yxkr-OXl9K_ypZ89BeuUeaAT5T7iZDGW9F2Yb-QVa43bOXEL2ebqgVqOvhbsEfX995ktNB6YFjHgX1Eubywhumd4sPyUqAKwv4_bLdybKLvqJp-I-OrxF4
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Aug 2022 00:04:52 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
73b187ad-5f60-417b-92dc-9d6c3feca37f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJdQ4jqAe6RynBK4kU7LM1k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F115
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1NDE5MjUwMDUxMDA3NjI3OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1NDE5MjUwMDUxMDA3NjI3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD3mNLzARjDoNTOATAB&v=APEucNVNsR4qcx8F2c2KA9GaKd8273OjBQjPhoRQGKCcN7cScPsRDSHXvQeaQX_35Yxkr-OXl9K_ypZ89BeuUeaAT5T7iZDGW9F2Yb-QVa43bOXEL2ebqgVqOvhbsEfX995ktNB6YFjHgX1Eubywhumd4sPyUqAKwv4_bLdybKLvqJp-I-OrxF4
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Aug 2022 00:04:52 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
20f848b5-5774-4a99-9479-0df5e616a780
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1NDE5MjUwMDUxMDA3NjI3OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1F8D 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNWK9GkwenC0TA3PRt47GMdkISr7DSj3c2dQYMMxTVZ1iSE3oSnjGlX5s86HnN4OqRHRxXQhEkO6JUCkxPKsI1G6bxKs6TFOKs6bwNoB2ylx9TmnTCiwER4Yam8kp6V4oLh52dlpQsA5kqlwMyaRPCkMJUzOM8xvtiioYJQybT1T6Jht6aA
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 00:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 643D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 22:53:06 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 643D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 23:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 23:55:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 643D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 16:26:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 643D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5WxSCsyPpmN8iKvmPqG2PPGliAJZBo6nE76E0YfKe6T9ncJPjXYA7WcVRQEHhQh82oN8Aldx-17B3kpyfkCIjG-UsCIvlw1pNs5kBLvzxoMrUhH0
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 643D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 23:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 23:19:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 643D 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Aug 2022 00:04:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 643D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 23:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 23:50:52 GMT
l
www.google.com/ads/measurement/ Frame 643D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRx_3lQKtfxc8mGI-BJWRz2TG2wQJmK28dzuhp6I8o5zwaeoIAtyf-LM7qwjwcW99_SIumQGzdEkhKcgf9giG6JN-lPNA
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
17190344291950496624
s0.2mdn.net/simgad/ Frame 643D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17190344291950496624
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d5c007ca975b1e1d932bc558293c9e67cd0cb1e60c15109f5a7fa200e758f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:02:09 GMT
x-content-type-options
nosniff
age
90163
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12284
x-xss-protection
0
last-modified
Mon, 30 May 2022 22:00:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 23:02:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 643D 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuY6N1_s0r9a4yJY2CrJr6U5EVt4QkECGBOQtiZMcZraJCPRbx6SQhqej3yY7auU4pY84Z2EIS-NJ0sfPPfVjdmpP7BsAu9rmHHk2GOA-z_xQbPrJZxlwCseYvueD2GwBLFR4DBe2KSPVBQJjCfQzBzuF93rXgb3-P0-7WFGu5pYwzEmxT0hlh0YiQig9gg7KWoE_1UbLocXExkVNZpXVr6MBieZ6UFWBfdJpHqCV_bjC6kS9lfGS7YVFPlRgGy4pt0VJDlLOFaZmu93LWv7QzcMo3_TtkE0PJhWjRC8UJ5E0vPruSJW2pd5iYJa9Xzb5G_ngKwbBVQzv7uE0JboGgCTIlvrkxx0tizNZIWZb_ICeDUObDqhjTiujHUmCWsUC754rbKOrzaEmoqepzuzAENG-pf31q6ZINmMEmCZSFrZWWA2DwQQzZO_dSTQctUvW1ys5dtey7wa3Df5mgCPyC4XNpDP-TiFBmH05mPLNq6xQv70LBuZ8dPnaBhdWiF0bPYzXPMuc3HQ0IuNWRziNekd4cZpBp-jwfYPkpFf8c92L0dfqhROPHFdZty4B4jlHbQYhlYG1FD22fJZAL2bJir-yOOAZQ77GN63qDq_kbbbSVMvULIDuoH-Gh3OmS4i5HPtGlFDQF0y4zmvKtoVPv7ZP8ESDk9XLRguWhgSZ-zscEX8FcuqO4cEF7ePv9uE8zVHsreAGMaE8_rDRFJT3ZJg3_B5xJbU0Pz08aIKU_iNS6nymMM-h9c8r7CcVmz7_2B-J_7tj4Tza1zDzwgDko6Yl5zHQjKTYyC0fdqCzKTWYjBCAP77XeqodBclHH59zoWkPYZBrFnq_FeG4BThLmChIRSLvFa6ZAzqAHZOG3ZGyInRp6N56AxWhjiBCgC6hGrS0UQ1HstKH09b1tm_2mouCsk-TziqHmPI7jKpfYO0bzAiJBhwk1BHtee9B_Odwu847F4lN_po2UwX7ATBolgnAiIoEPtPJvlfr2c81Deq5NBBeScTimA-RMsn1npECxp4Jv4uKv4rAr5YLFQ0x0aZ-aGEke0zA7RitpsKHF0rUlKLc_fy3omINrDHb02vQCOMq4nFn4dsshZn4H9n518eseLgahADN31V6bveqI4kRuJr__N8C1__fp1do5zMkXl1BMg2F06ZdeoZBw0n4MMJ0qZUlO-I-dv3u7VhI0LIGBO4pZ3NpAW5U7q6YaQDwejzHUiT8aL1dCru0fDtEk9DaJwiW5bv5xkKEm-RVdO2crxmBA3gemvciyBwKY9&sai=AMfl-YT8F8-wTIkwojbeB00lveEQrXTKlgL-OU6dcomD_JSL3mOh6EG3BBEtPg0doRM_PBttE88bjKFvdofsOeWhE1PXmPj9Sfo74UBmmyMgAsJGmMlzdJZE5HV8ofDKZuwqBC5BUMK-UVdrMO6fnb2IEUMMmagH_CLQY17ArPm1xgkxi6b0V3kwHImOj2-qqYZj5nGKFfJICW183EEd2-s5M4IN-BFqVLGLbwiBHQR1XbA2EAwV04lMPB1kN3AHmJdsxamwHBWX-AeD-5izU_1S8zhwzT_UOHEfXHRMBhMljwfH54wGEf1uEWHpDeeoprIEmCvh&sig=Cg0ArKJSzJK12LBuoChBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20220808.39864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 11 Aug 2022 00:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1E28 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27455
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Thu, 11 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 91DA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a51e16ca7b49d84feeeee02528e26e8f867242df80e8fde6df3b59f527b5784e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 1F8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA0XzoqzUbjWrX2hKhrVId8&google_cver=1
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA0XzoqzUbjWrX2hKhrVId8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNWK9GkwenC0TA3PRt47GMdkISr7DSj3c2dQYMMxTVZ1iSE3oSnjGlX5s86HnN4OqRHRxXQhEkO6JUCkxPKsI1G6bxKs6TFOKs6bwNoB2ylx9TmnTCiwER4Yam8kp6V4oLh52dlpQsA5kqlwMyaRPCkMJUzOM8xvtiioYJQybT1T6Jht6aA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA0XzoqzUbjWrX2hKhrVId8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 1F8D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNWK9GkwenC0TA3PRt47GMdkISr7DSj3c2dQYMMxTVZ1iSE3oSnjGlX5s86HnN4OqRHRxXQhEkO6JUCkxPKsI1G6bxKs6TFOKs6bwNoB2ylx9TmnTCiwER4Yam8kp6V4oLh52dlpQsA5kqlwMyaRPCkMJUzOM8xvtiioYJQybT1T6Jht6aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 1F8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBNX81NFqmfYn_328GAx3Fk&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBNX81NFqmfYn_328GAx3Fk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNWK9GkwenC0TA3PRt47GMdkISr7DSj3c2dQYMMxTVZ1iSE3oSnjGlX5s86HnN4OqRHRxXQhEkO6JUCkxPKsI1G6bxKs6TFOKs6bwNoB2ylx9TmnTCiwER4Yam8kp6V4oLh52dlpQsA5kqlwMyaRPCkMJUzOM8xvtiioYJQybT1T6Jht6aA
Protocol
H2
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 11 Aug 2022 00:04:53 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBNX81NFqmfYn_328GAx3Fk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1F8D 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxD2waYCGImE28sBMAE&v=APEucNWK9GkwenC0TA3PRt47GMdkISr7DSj3c2dQYMMxTVZ1iSE3oSnjGlX5s86HnN4OqRHRxXQhEkO6JUCkxPKsI1G6bxKs6TFOKs6bwNoB2ylx9TmnTCiwER4Yam8kp6V4oLh52dlpQsA5kqlwMyaRPCkMJUzOM8xvtiioYJQybT1T6Jht6aA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 11 Aug 2022 00:04:53 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 89B7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27455
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Thu, 11 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DADC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
545927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 16:26:05 GMT
expires
Fri, 04 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 65EA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
545927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 16:26:05 GMT
expires
Fri, 04 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 91DA 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoWl5DyMXmeUgXadpfsekacei_sy4zQgPS8FNyntdy2Qlpy8dGq4mHvDaw9KHSONy_g0UXrPIqjIlBfuysPGDHoO3c909OK5t_NqjeGa22F8C0YMPZispIzqA2X-_TVu7NeAkG_Mu5leDHxXtWH9bO5XInQkwhmD2SchCkb9k2tWbYRx7MV3GI08HR-SGN4LGS1mFMYYgba-w4GNdTIRGQ-0HP0n3Q20YI-uAO2efEXJReM2_ebfe2W4P7-nC1nuDXQZL13C5h1av4Hi7mTiqFC1kc_RwugCkO0sEnCINDJE2pVzDTQmuKBewS2XkMJV-IVKeyJqMBbWnCFMFDtBS6jcP9BCpdCt1RnI81JqkAwl0cXOLfpDuMTttjOZR-T7au4U6WCrxDIFOEfIgp3XhqTbdIZJqVdKNB4mHyOYJCXI7uw9TcmD8ZDIbfPSwuJyjaUZgwBd8xsdg9si3H7Bh6HOat06_hUaao4yWAQTfyJjQO2HU0pSaG8w2e4m8w9meWHWmNO3BY9Ulqjg1S6fKE0NgnujvNnN1-4ed2FLciTCUxx-ph9B3zykYBATPkA2UGPwiH_OH855bwa7DMcmvu4UfovsPMsneKI53cxXZoczQBruEtftquYHu5RINoJ-f-mXxUPEsx9P53EqQM5Il0T3CwpvZRBiZbvHwrb03D-RXWhKb7_SoPlFbCeze1TwPgB62FxvFHSKytPm7wjC1uYOIS-5dWeNkhKqFpA3Bn8MdW30KznUDgeOF6rsfQnH-XNREW1FkVYuxa1n6ZcA4GvczU8miu1Ke7jlrORtKAm9t4nPgrUzsCdRaFpmtVmqf-zPfW062OqUFWqL4WTSiH7QsbizV52clqQASxgAAAcavvoyo7lhV6ZVDMzh1So7EMB6Dp5t8lBn40C0xgzdZitQTU4rMmCWRQbHfRMxd9fkS4AWuFDcR58hAtEo5xI5EL0grV3a2FREVua8j0itixCaC-uKOxt1A2tzGp0wkAqXlyZyQNStpvSNX18sC1TpX7cRuaXvDNhooGgQHJv9MpB_JXpNRElpdIQ0_LXk0N84VsDz9yDbeRdz9Z5P32BV4UhlsGrTz1iVll1fIXtSARGo8wZ88teRw8sevcBn9uoz387FKGt8B-Ml979WSE9ciX4OugJdvIQhvG7vH9vjxQ3T7zd82nchsPgXtD9pVPi_tsIAZD8Bi8m2XauQJo&sai=AMfl-YR-nT1FEGNItzabbSLxYf4YPkImDZ_X5VloXO3eLXqIOWvgxhgVRQPslCdaPRlhXQEo7t6HecnDcExnTJmT5KKdH7vKufUdbku0xrSEkMv8QH-QKkY_RvslgFY7npeAX7F3kqeYHp_nMAqpmqRgJDsRRtcE6kZxoiqdgvW8KokGcCxju3jkF9QcHoHv3SSAIM4_DIlXsj3dIATtes_qSJaUthKMCLX6cpXiEbKF8PykEKc7dwePh3IqUva2Y90kedy-aBvDutHfnGGchmGDAmxL3wI5gTlP3aaaYjEVS5_M&sig=Cg0ArKJSzKndXjL0wGtREAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&vt=11&dtpt=147&dett=2&cstd=0&cisv=r20220808.47386&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Aug 2022 00:04:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 643D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2336e313c001c29a61c07034c116ace536884cc3caeb5f5250f9ceaa6a77a2c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 643D 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuY6N1_s0r9a4yJY2CrJr6U5EVt4QkECGBOQtiZMcZraJCPRbx6SQhqej3yY7auU4pY84Z2EIS-NJ0sfPPfVjdmpP7BsAu9rmHHk2GOA-z_xQbPrJZxlwCseYvueD2GwBLFR4DBe2KSPVBQJjCfQzBzuF93rXgb3-P0-7WFGu5pYwzEmxT0hlh0YiQig9gg7KWoE_1UbLocXExkVNZpXVr6MBieZ6UFWBfdJpHqCV_bjC6kS9lfGS7YVFPlRgGy4pt0VJDlLOFaZmu93LWv7QzcMo3_TtkE0PJhWjRC8UJ5E0vPruSJW2pd5iYJa9Xzb5G_ngKwbBVQzv7uE0JboGgCTIlvrkxx0tizNZIWZb_ICeDUObDqhjTiujHUmCWsUC754rbKOrzaEmoqepzuzAENG-pf31q6ZINmMEmCZSFrZWWA2DwQQzZO_dSTQctUvW1ys5dtey7wa3Df5mgCPyC4XNpDP-TiFBmH05mPLNq6xQv70LBuZ8dPnaBhdWiF0bPYzXPMuc3HQ0IuNWRziNekd4cZpBp-jwfYPkpFf8c92L0dfqhROPHFdZty4B4jlHbQYhlYG1FD22fJZAL2bJir-yOOAZQ77GN63qDq_kbbbSVMvULIDuoH-Gh3OmS4i5HPtGlFDQF0y4zmvKtoVPv7ZP8ESDk9XLRguWhgSZ-zscEX8FcuqO4cEF7ePv9uE8zVHsreAGMaE8_rDRFJT3ZJg3_B5xJbU0Pz08aIKU_iNS6nymMM-h9c8r7CcVmz7_2B-J_7tj4Tza1zDzwgDko6Yl5zHQjKTYyC0fdqCzKTWYjBCAP77XeqodBclHH59zoWkPYZBrFnq_FeG4BThLmChIRSLvFa6ZAzqAHZOG3ZGyInRp6N56AxWhjiBCgC6hGrS0UQ1HstKH09b1tm_2mouCsk-TziqHmPI7jKpfYO0bzAiJBhwk1BHtee9B_Odwu847F4lN_po2UwX7ATBolgnAiIoEPtPJvlfr2c81Deq5NBBeScTimA-RMsn1npECxp4Jv4uKv4rAr5YLFQ0x0aZ-aGEke0zA7RitpsKHF0rUlKLc_fy3omINrDHb02vQCOMq4nFn4dsshZn4H9n518eseLgahADN31V6bveqI4kRuJr__N8C1__fp1do5zMkXl1BMg2F06ZdeoZBw0n4MMJ0qZUlO-I-dv3u7VhI0LIGBO4pZ3NpAW5U7q6YaQDwejzHUiT8aL1dCru0fDtEk9DaJwiW5bv5xkKEm-RVdO2crxmBA3gemvciyBwKY9&sai=AMfl-YT8F8-wTIkwojbeB00lveEQrXTKlgL-OU6dcomD_JSL3mOh6EG3BBEtPg0doRM_PBttE88bjKFvdofsOeWhE1PXmPj9Sfo74UBmmyMgAsJGmMlzdJZE5HV8ofDKZuwqBC5BUMK-UVdrMO6fnb2IEUMMmagH_CLQY17ArPm1xgkxi6b0V3kwHImOj2-qqYZj5nGKFfJICW183EEd2-s5M4IN-BFqVLGLbwiBHQR1XbA2EAwV04lMPB1kN3AHmJdsxamwHBWX-AeD-5izU_1S8zhwzT_UOHEfXHRMBhMljwfH54wGEf1uEWHpDeeoprIEmCvh&sig=Cg0ArKJSzJK12LBuoChBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&vt=11&dtpt=87&dett=2&cstd=0&cisv=r20220808.39864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: moviesjoy.to
URL: https://moviesjoy.to/movie/mavka-the-forest-song-83248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Aug 2022 00:04:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
google2waycm.netmng.com/cm/ Frame 89B7 		0
0
pixel
cm.g.doubleclick.net/ Frame 89B7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDtU0zYjxHFSXmL--nNz6fU&google_push=AehlK4CPiZR8FAxWBMkgDd30IjxghGr-KrZOUXC8PKZJWwkZB1OqI7IrT7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDtU0zYjxHFSXmL--nNz6fU&google_push=AehlK4CPiZR8FAxWBMkgDd30IjxghGr-KrZOUXC8PKZJWwkZB1OqI7IrT7qfRA3Ilmf8mW7JCdKDmQIucnaPgSf4GFPM6UT1urdRJA
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1660176293.006730,VS0,VE92
x-served-by
cache-hhn4039-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDtU0zYjxHFSXmL--nNz6fU&google_push=AehlK4CPiZR8FAxWBMkgDd30IjxghGr-KrZOUXC8PKZJWwkZB1OqI7IrT7qfRA3Ilmf8mW7JCdKDmQIucnaPgSf4GFPM6UT1urdRJA
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 89B7
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHEDbrSGqWiW57vmneGjvrs&google_cver=1&google_push=AehlK4Aqs14uQEtdzxeSBD9t7MUmlNrP_gRYu3DMuWD1Lfnje4JLwRe5ydjrBh7aUIxyoN7jyENsU1K4GyXysFpc...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lZdDRN8PQ_Kn3QZEiAOwNQ2&google_push=AehlK4Aqs14uQEtdzxeSBD9t7MUmlNrP_gRYu3DMuWD1Lfnje4JLwRe5ydjrBh7aUIxyoN7jyENsU1K4GyXysFpcegtt98MsjCFuMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lZdDRN8PQ_Kn3QZEiAOwNQ2&google_push=AehlK4Aqs14uQEtdzxeSBD9t7MUmlNrP_gRYu3DMuWD1Lfnje4JLwRe5ydjrBh7aUIxyoN7jyENsU1K4GyXysFpcegtt98MsjCFuMA
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 11 Aug 2022 00:04:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lZdDRN8PQ_Kn3QZEiAOwNQ2&google_push=AehlK4Aqs14uQEtdzxeSBD9t7MUmlNrP_gRYu3DMuWD1Lfnje4JLwRe5ydjrBh7aUIxyoN7jyENsU1K4GyXysFpcegtt98MsjCFuMA
x-host
tde-deliveryengine-production-78dd496b74-n6ph4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 89B7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEW_aM7SE1R2aC03h_bjK2c&google_cver=1&google_push=AehlK4BAP068tL6eR-nKUfD-Y7WnQVKOb1K5R5loaqZPCSeC8s5rVad8GYQ3CTx_lwE0chPhvSo3stuyzVd1Fcu48LP9pIu...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BAP068tL6eR-nKUfD-Y7WnQVKOb1K5R5loaqZPCSeC8s5rVad8GYQ3CTx_lwE0chPhvSo3stuyzVd1Fcu48LP9pIunIYESIg&google_hm=Nzc2MzE4NjM5MTU3MTE0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BAP068tL6eR-nKUfD-Y7WnQVKOb1K5R5loaqZPCSeC8s5rVad8GYQ3CTx_lwE0chPhvSo3stuyzVd1Fcu48LP9pIunIYESIg&google_hm=Nzc2MzE4NjM5MTU3MTE0ODQ4OA%3D%3D
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 11 Aug 2022 00:04:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BAP068tL6eR-nKUfD-Y7WnQVKOb1K5R5loaqZPCSeC8s5rVad8GYQ3CTx_lwE0chPhvSo3stuyzVd1Fcu48LP9pIunIYESIg&google_hm=Nzc2MzE4NjM5MTU3MTE0ODQ4OA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 89B7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOFEqzdb4LhW-Tvn2wIR8oo&google_cver=1&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVpG6...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOFEqzdb4LhW-Tvn2wIR8oo&google_cver=1&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknN...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg4ODI1MDg1NTQwMDYwMzc0MQ&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg4ODI1MDg1NTQwMDYwMzc0MQ&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVpG6UX5VOHDRr9Dj0mzOqpdNrQ
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg4ODI1MDg1NTQwMDYwMzc0MQ&google_push=AehlK4Da-37_WLGv1Uu3quwrk01cZcBG6h9nU2lkCf8gyBMifi33BDyu3N9j_K8GHqiD9K3xknNxVpG6UX5VOHDRr9Dj0mzOqpdNrQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 89B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM4Y6-2Ts4D4QzNUG068J-c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4Y6-2Ts4D4QzNUG068J-c&google_hm=YvRHpGyq1VVTs-la1qxpbQAABGYAAAAB&google_nid=index&google_push=AehlK4BMRSoeiu_oduXxH_6yXpxFpk5hu5xFu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4Y6-2Ts4D4QzNUG068J-c&google_hm=YvRHpGyq1VVTs-la1qxpbQAABGYAAAAB&google_nid=index&google_push=AehlK4BMRSoeiu_oduXxH_6yXpxFpk5hu5xFuvxxPl7ELwNJy65gUvlCaK925hGs3mBjG6gvGPkV2yfTOyI88-Uj_MutmgXw_VD-gw
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JdVxzF4qFlPcGI0OT%2F7reQX7jFcJvS4vmVE41rEY5vSPSwnBJLcZYhqEQxTbK06d5VPCW%2FsH50fNdpb796qP3hz77dbX1CdFs2rqlJyPDDJdyUsai9khFf0gs6PApjlqOJp5Hd7xxjWJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4Y6-2Ts4D4QzNUG068J-c&google_hm=YvRHpGyq1VVTs-la1qxpbQAABGYAAAAB&google_nid=index&google_push=AehlK4BMRSoeiu_oduXxH_6yXpxFpk5hu5xFuvxxPl7ELwNJy65gUvlCaK925hGs3mBjG6gvGPkV2yfTOyI88-Uj_MutmgXw_VD-gw
cache-control
no-cache
cf-ray
738cb7672e48694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 89B7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEMMqBC48GrteMjcMy67Ka4&google_cver=1&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3sl...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEMMqBC48GrteMjcMy67Ka4&google_cver=1&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3sl...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JeXNXSUNwRTJ1R1RMVHl2MHFZRGY3VWZhUWR3QlE5X35B&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JeXNXSUNwRTJ1R1RMVHl2MHFZRGY3VWZhUWR3QlE5X35B&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3slHd79E5l5-zxLcCALq7qugWbPE1-w
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JeXNXSUNwRTJ1R1RMVHl2MHFZRGY3VWZhUWR3QlE5X35B&google_push=AehlK4AHZC3ywaWxO-bFg62Cwp2SIyjerO_bqN2jQ4f9UP40yXQ5cmkCDgQCOX9OCDJ4D8Z3slHd79E5l5-zxLcCALq7qugWbPE1-w
date
Thu, 11 Aug 2022 00:04:53 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 89B7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kpg-Zd8EfLoJo4YzlfluYJVf1euiUQd-PnUdv4e9IGUcZ3wXPLkfp6g-2HEXa28v2CT5QSMQ
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1E28
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKSSqLCt6cUCq0qcW8Pyq9Q&google_cver=1&google_push=AehlK4Al0zchxRuCOCwqGGRAnUfIQJsuD5eo6wxIXDu8CXGI41C8v_mwxeAG9ItmeOTXJd1eTMY_r5BRNuOUwHUJFzSoB45jpI8f
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0B0C82833156447B85CF903C16018FB8&google_push=AehlK4Al0zchxRuCOCwqGGRAnUfIQJsuD5eo6wxIXDu8CXGI41C8v_mwxeAG9ItmeOTXJd1eTMY_r5BRNuOUwHU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0B0C82833156447B85CF903C16018FB8&google_push=AehlK4Al0zchxRuCOCwqGGRAnUfIQJsuD5eo6wxIXDu8CXGI41C8v_mwxeAG9ItmeOTXJd1eTMY_r5BRNuOUwHUJFzSoB45jpI8f
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 11 Aug 2022 00:04:53 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0B0C82833156447B85CF903C16018FB8&google_push=AehlK4Al0zchxRuCOCwqGGRAnUfIQJsuD5eo6wxIXDu8CXGI41C8v_mwxeAG9ItmeOTXJd1eTMY_r5BRNuOUwHUJFzSoB45jpI8f
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 10 Aug 2022 00:04:53 GMT
pixel
cm.g.doubleclick.net/ Frame 1E28
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAf8IZNpM1pHBEvVSxk4Zlg&google_cver=1&google_push=AehlK4C7Wn2hGOiavJWh1w46Vhyg8HELnSFHq6ELZB2w72gvAOMZRnxVOtQEhKHA7968QHOvfXDqoVGKf6FWhC...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzMDQwMjg3OTc1MjEwODE3NA%3D%3D&google_push=AehlK4C7Wn2hGOiavJWh1w46Vhyg8HELnSFHq6ELZB2w72gvAOMZRnxVOtQEhKHA7968QHOvfXDqoVGKf6FWhC3cZA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzMDQwMjg3OTc1MjEwODE3NA%3D%3D&google_push=AehlK4C7Wn2hGOiavJWh1w46Vhyg8HELnSFHq6ELZB2w72gvAOMZRnxVOtQEhKHA7968QHOvfXDqoVGKf6FWhC3cZAFMOY0DwoLP
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzMDQwMjg3OTc1MjEwODE3NA%3D%3D&google_push=AehlK4C7Wn2hGOiavJWh1w46Vhyg8HELnSFHq6ELZB2w72gvAOMZRnxVOtQEhKHA7968QHOvfXDqoVGKf6FWhC3cZAFMOY0DwoLP
Date
Thu, 11 Aug 2022 00:04:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dot.gif
s0.2mdn.net/ Frame 1E28 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEF3iKSz4ZOreI0-du8N6vhc&google_cver=1&google_push=AehlK4DarHCwA2RjDRv94Xdr_vt0JMn5OnX4upyaXXY5sdUejbs7vxGNZIOBpxZBLncWrFccfya1yUfPOYIXXFmft2qRF-Zjs27G
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 00:04:52 GMT
pixel
cm.g.doubleclick.net/ Frame 1E28
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFRn4VViSaU959dN9NSGumI&google_cver=1&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooI...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFRn4VViSaU959dN9NSGumI&google_cver=1&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEo...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooIpphDv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooIpphDv
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4As7Mrm9Z4NnZTbLxvrBmfsrcB2Wh9555GmNGyExXktrMDnDiA6dE5D7R8_Bhsp59T0pZ9e2VtQpu_Yy9v0e5ZEooIpphDv
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1E28
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMYIuGweNnkJbXaeXQ657bw&google_cver=1&google_push=AehlK4D2sQY_p8qEvQRKvQFcRpkd2pJq4IN99F6kuvdY1Eq3ObNFCh3utrP6EdMF-JcBcxR2Gjr...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPQTNNNlUtMS01TldJ&google_push=AehlK4D2sQY_p8qEvQRKvQFcRpkd2pJq4IN99F6kuvdY1Eq3ObNFCh3utrP6EdMF-JcBcxR2GjrAm6YpTRVIUOZFLx-viLTzts3Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPQTNNNlUtMS01TldJ&google_push=AehlK4D2sQY_p8qEvQRKvQFcRpkd2pJq4IN99F6kuvdY1Eq3ObNFCh3utrP6EdMF-JcBcxR2GjrAm6YpTRVIUOZFLx-viLTzts3Y
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPQTNNNlUtMS01TldJ&google_push=AehlK4D2sQY_p8qEvQRKvQFcRpkd2pJq4IN99F6kuvdY1Eq3ObNFCh3utrP6EdMF-JcBcxR2GjrAm6YpTRVIUOZFLx-viLTzts3Y
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1E28
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC36dfm6Lp92365r1ZryIZc&google_cver=1&google_push=AehlK4DECNvT54tI0ljfrBKlnfr9npRLbVtU5oacJnLqqz2VDTGgH099B666LfUakF3yMQ8K_Km5ZeCPFvLZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DECNvT54tI0ljfrBKlnfr9npRLbVtU5oacJnLqqz2VDTGgH099B666LfUakF3yMQ8K_Km5ZeCPFvLZ8at8L0sRT-kdQxKC
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DECNvT54tI0ljfrBKlnfr9npRLbVtU5oacJnLqqz2VDTGgH099B666LfUakF3yMQ8K_Km5ZeCPFvLZ8at8L0sRT-kdQxKC
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DECNvT54tI0ljfrBKlnfr9npRLbVtU5oacJnLqqz2VDTGgH099B666LfUakF3yMQ8K_Km5ZeCPFvLZ8at8L0sRT-kdQxKC
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
um
sync.teads.tv/ Frame 1E28 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPJBBQZxtlDQgnRJzZIJ20M&google_cver=1&google_push=AehlK4CbqDWfJcf4uqVRmE31aby9F7yJzZgm55DQqkFyKPLQBibXJz_9YNozTcNRL2iP8x2h4Do8-Z19HdKnSYArSpVxHNkek_0pjQ
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 11 Aug 2022 00:04:53 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 1E28 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT10gsrFVasncZ_y5OZUJU795bxS6jG7lEgx115ZUn11thT8LcSF5BM_3bALavrS2XjoS1XA
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 00:04:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame DADC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
123529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:46:03 GMT
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 65EA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
123529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:46:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DADC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuPMLo0f0Yu6BNJLigAfY7opwAAAAADgB4AQC&bg=!h4SlhMDNAAZGjrx1Zo47ACkAdvg8WnqNEJYv9r6_lP2wF-eutay5lnVCLgZ9scu0t5jl_3ulVH8h5AIAAACGUgAAAANoAQeZA78KnMZHyDIFBqMjJMAnIRVc9H9uYctlqVhBtPq8cGGRSWtQzbr9SPUywtBkTRauhpXAxaGecRhDiwWFrfBCQ-UbNs2SxTOVAfZDPCdQxX4cJm9KXgFXyFfr6FlCxA5kabxfV3XVMh85axPtY5XG6DLxk7xQgXnpp1y4A_mShwNN4rBu2kLUD3E_ykb7AnSPmi9rfLAVoSL2oywK6gHHSELagI6oe_srGX-1ZFsUN0ljZOjP-kUWeeSQneptFNeHRrDrwKk3J4d6kaAghvX6roftg6Y69UMnkDWIofNgEo2DkjU0TQXflm2z6w5vrziDXRMes45-_-DLxXHKb_Jy8wlsydLnaH9gZoAcdEk8geDUl28SXVFFToOD9DrbC05Ugek7wAvL1089Tz-Dooy5BxcAZgK_JULiK8KWOAX0dfdpc01cgfs36X-bUYbTNDAA09uNdWfw_xGsvxcKgeQ6qE1JFitUZhOg3DhRj4LSXnNoO2klly82kiBU_g4-nsRw0uYgFKhfbmIMzVfwCQEoxCqY8h0vCDPILCOTFw-c8y_nGH3w64zV5FLWhPUjmnm2znAWK3upRIxvv2nXtuBvj8TE2jLuD-h8ImgPaxJ_Nas9MbjJ_iE23nO60ujWdR7xBWJaepwa15O5KMIVCn_xr9Qvc3KWIanAxC0ePQVxiGLzucs_4TxGjD961S5PVou1t6maBxUyuClQUSoSKG9RTLJDLaUldWgTd_ZwmQtIny7zolE2G0zJRxYfiGveDUWFxbbbA3rNtKPGtHJYAp7WovGa6JX6Y8ffjm4VxHRMmUXkIYunKyNzcBJ48P-7JsDfgHOLcMa75OYhp2VgGc_pgaxn8Ht9AeAeuds94kV7KxNCSt2RUtwCAtQFZgsq3OsSf2YW7VY5245kPR7yCmeZleFqsYSF_28tWBo_fEM6bfIjxR2JAW8RSopL3AjuyXa_wExvOWai6IBwH1NkxXsRQ-7T-cwezHdaWjFyN1uuO_LUHYXPx3frJ4MMV6iXhcZcdmHa8WGtDRPN6Je5Lm3fNZRWlAD4dQHrCRilD9_lFHk_q8E-FasFxSk12dSlCfsXU7nJfdz5JlEul9IvOMev3Cr_OIGy5hPbF25Dr8Uh9xk6N2u4LxM1nYPvoKgOwhwg9j7nrnHDiop0_UaWy_Ft0wLEDnGl9LotchH0LYLQz3VTmygQsx7ci9pxzEWQyg6VxmI7g0kakJ57uW7J4DBgvyR5zabl1AAqE_dzgVg-rwlmWnMV2fVg3-oUwFbTrViieg
Requested by
Host: livrosdereceita.com
URL: https://livrosdereceita.com/average-credit-card-debt-in-the-u-s/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65EA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDtqYpEf0YpbWH6XZ-gbNnJ7gCAAAAAA4AeAEAg&bg=!vr2lvfnNAAZGjrx1Zo47ACkAdvg8Wh5bpo-kbSP3bHQSJPnppYNkPRumg9J5OO0U7p5G7NpxW2YQKwIAAACHUgAAAAFoAQeZA3t0kHK1mwXsisbKe9G1FvkRcEK7dYAThuWKlYIcHqDuiiQq4K6PPOHPH0P5tLEpEiZ4ZBbjQVEc_fDMpCpK_UlppMdYp5wNyIUciEuNZzlJX_uRYC3QF73FBv2UDqrjBC-f3nK0sjvPNUxv8HcrAYkcBpNKFydykpvA4Hkzr2aj-YIugkbKOXZ5KBIUv1w9LEQNsIH3a3q_jcf_cKQhaZiS3Tbbj5NUecHzwKDsF_JmTySphyfBj2H4Q4fIajXOQQ_ta8jn0UPQkDWu_8NuxBeqJUayfdO3adaId94pjWJnpacXGRKnRvKj2RQUdsTW7ePYdma573akDCqDOv6OWiUlNNPLERUymLws6kpw648BBEeUHTutAoY9hYC7NIg-uK5bOdqCc4qb7fbafe-TMxG9hQE2RtXBkdLCPkNhUNqB5jX3BiP7LkH0QoDZEdC6Prag0hFrw7pyEdrh3u6MHz1DcxQ0E0JXlGFy_50_AkRkSRIlSWHMFugV8OK7nrYu8W0bsd0fmsfHS-9bgw4dYm3nF5Vi8L0vsftpxEkEnC19KPHdRoT_X5AlvjLoT0HyAi9duFdR4xwZ9XFTgoHpdk33r2oG1pyH4GbXWkPHbHyCCOH6BIL2Xza97KDWQfZShoO-FFc32pQzjApFFuWZ7EG0JkWWM22XQUfkbpYbXoUnY2nwgqNtW-gAIvCYZ1ZVsfhKD8ynMR5sGK9WWcdRhMRM80MYCKxkQHCycGj-rcGbFlWWAJoHcaOpO8nHxBN4nNPTH9RdRf8Yh4E8P1XxeJyk6fdTC1IfMNr-_3m5NQm7TI61PZ0FNb37mQmhPc4-RyzyqzAr541GejzNsUwR_VhNqAWP_5vsfLJXFjfambWS0KK3QOiPc8kHKqAKcWcwCTRn7EJ0AVz8AfXLgMmWuqavxgfJ_1in_f_V8EqnMJnglTyHG-SzBowSw-_T4EmPPnBI1aracI9YFpKucIizLG0uQQYH8RbxYtYnlw5m0FkrZhTif8WWTRHSjs61RioCei9Ez-UUrsT8XWGagMY3SgW0YomJhDB3XBaekkIO85mGy3XdzHuIy2Kcn5dX9cWR18bEDFjn2xTDntGc2az39vyVtWDBskg2I5TG3XisB3gWK3QFIJQ8Ro0cU1nlzNrh2z01K8k3viAcllBFz_ttaLwVuQfL6iTa8r2V9Js
Requested by
Host: db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
URL: https://db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 00:04:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFLop7r2gpMjF5YYZOViT-AEhA0Z-HvmH4bbj-yRay3ihns5EFert5xDgI1XscurLxaWfNwcV9YauwzTYpF-17cJF-3knU5J-Pe0JHSGnumg4SBzR9ajmjVraA0SeKw6C5lsA5w8jKENXxd6gG_gDJQuXNcZ3Ui_XIkWDFgAy3r4Fa5jr6L2YZTQBa-14QRp1Vx0Px16rOXS_KBvTReYIg_VEW97qbb8faZhiDnTZAHePGFtEWfHqsXGVA3ofUDJbIWrYq7dYcyMo5BbkXkpmwqw7NDSBX4jFGmp34mL2O0ujtRYOLIFT6EYfDMR2akHmbYRBvNFCkjN55eIJKN_8dxMuAsjuoX9_yFQJW&sai=AMfl-YTta_Q9HA77KqnfbpnCHlWT9pnpJLoXHaIfDbC23RKjFzO_WVkWDaYsEBfk1VhgPCwclpWDdvEtxWm8QsME5AS5ejMRIniP8VO64YuIi1K1&sig=Cg0ArKJSzCQDa7Why6OvEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYFlKeGYxkBc5xeoJbMRNLiZud20fkbmDQE1mSkdn5UhrIv_dOueZac-w0z0DXChUUSfhWngBNt9MaFcaQZuwq-OTTNdXz3Kz0pGWMPqVdowv6DEgyhsBHrGT9QvF-ooswCypfV9_iPbSGFpcyNMnosJi4YMFfSmQ7AercFLd9JCa8APCpI0xuwZcYbWUaiyGldukS_HQJpzTVZ_gyMd13Qff7JvuxWX7ucZuXlr4b-PPZIhkIiLCsKnrUe2T3DUqz65IxH7GNSmmwj4BSVAEHSfYXGvhww5PplWa41y8Sjtd9MsXP3WDdBDjgy5xLeKOJ5ArdGzajL4I-fpeqfTGfKVI5_zW_DJZ0k0-a&sai=AMfl-YQuZgQTC8KvHJ7PCxebQEv4VUudntBoVeE3TMG2VgD4y1D80_kpDy57LwqOzr-BEl6uYc7YvrViJy7xneWEQ42FDxsn9wrfgTWNdaOG4v40uls0L1HPqIK-vNYszPQ&sig=Cg0ArKJSzLcr_uSzjcCPEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEOhT9NsjkJCnO1PGDEBiekg&google_cver=1&google_push=AehlK4BOSccSQhunkVvOfFYnXEtL4_05sXCsO5z84dUJ911nr9stZrAdCb_0rV2bvEmkdwTRKRmef--zKTNYXMxz__Eoadrdws_DMA

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Vue string| recaptcha_site_key object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| gtag object| dataLayer function| 20c2353f84c70aee669d3af094e1f056 function| $ function| jQuery function| Popper object| bootstrap object| _0x3aba function| _0x1cd0 object| _0x27b0ad string| _0x3755de object| _0x14aef1 object| _0x448f06 function| _0xf09420 object| _0xbbeadf boolean| _0x77c9 boolean| mutexNetwork function| MobileDetect object| lazySizes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData object| _0x3bbe function| _0x1bd6 string| _0x23805c object| _0x5b29d7 string| _0x7716f9 object| _0x51fef5 object| _0x59f894 object| _0x16af2e string| _0x4a334b string| _0x5f1bf1 string| _0x3c3157 string| _0x25ebe8 string| _0x4fa6cc string| _0x454268 function| _0x3b8fd7 string| _0xb9c492 string| _0x4ee4cf string| _0x3f519d object| _0x562356 string| _0x5c6292 string| _0x518731 string| _0x54d299 function| _0xc41083 string| _0x134da0 string| _0x5a6bad string| _0x2bd872 object| _0x5a3ca7 string| _0xdcf4a9 string| _0x82040c string| _0x1f3a82 function| _0x42213d object| _0x4daf42 object| _0x33d351 boolean| _0x5bbf77 object| _0x3308df object| _0x2b1f61 object| Cookies function| postscribe string| currPage function| changeServer boolean| is_login object| movie boolean| is_process function| check_login function| redirect function| vote_info function| vote_submit function| like function| dislike function| get_episodes function| check_favorite function| submit_add_favorite function| add_favorite function| remove_favorite function| watch function| watch2 function| showModalRegister function| showModalLogin object| app function| _0x173302 string| css function| _0x39426c object| zEWebpackACJsonp function| zE function| zEmbed object| closure_lm_839217 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| zEACLoaded boolean| __@@##MUH object| addthis_config object| addthis_share object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

39 Cookies

Domain/Path Name / Value
pz.unkemptscance.com/ Name: GL_UI4
Value: eJw9jd1OgzAcxYHy4TIhnoQH2CNQ3NBdGh%2FCS1LaP6wO2qXUEd%2FexkSvzi%2FnIyeKoqSuEN9zBvYlTjgMx2E887FrW%2FXS0PnEW8G7bpDPnXzlvG2x02vvxTCTT%2FE4kSGnZS%2BtohJPIfpzrsZuJkU2OGFUiWwJjblEMTi7reRqhtSIhZC%2FX5wNmi3i0zow3hwDaxM4bpDYtWbVDsWHNioMqz0S3lRlHmF%2Fm4UfrVt6rfIY2eSEIsRveJDC02TdNwpF69XbG2Bn1f%2F3f3%2FZxhvkiu5ahnPrL%2BR%2BAEL2Slk%3D
pz.unkemptscance.com/ Name: GL_GI10
Value: eJxNjEFLw0AUhNONrg2VyIB47h9oIEGwVzGlB6EHLz0ua%2FraLJh9y%2B5WXX%2B9sYXibeYb5suyTNyXEMahbOqnqq4fq6ZeVs0S%2BYEYol3htuOjjT4pqwfCzZr8oG2C9HQwbCE2W8zOWXW8I1y3q8U%2Fdno9bNjHfv7WG0uLLYXoev1hNK46ExOm7bgOR7tD8dfPmtmoufDcBIfildIXvc%2Bf1ygsRRUc0Xh5Ye%2FY60goL%2FSkkDmmJijn%2BTvJCe6iGeiHLSne7wNFKTD5lOIXq9VOPQ%3D%3D
ckwlurries.com/ Name: GL_UI4
Value: eJw9jd1OgzAcxYHy4TIhnoQH2CNQ3NBdGh%2FCS1LaP6wO2qXUEd%2FexkSvzi%2FnIyeKoqSuEN9zBvYlTjgMx2E887FrW%2FXS0PnEW8G7bpDPnXzlvG2x02vvxTCTT%2FE4kSGnZS%2BtohJPIfpzrsZuJkU2OGFUiWwJjblEMTi7reRqhtSIhZC%2FX5wNmi3i0zow3hwDaxM4bpDYtWbVDsWHNioMqz0S3lRlHmF%2Fm4UfrVt6rfIY2eSEIsRveJDC02TdNwpF69XbG2Bn1f%2F3f3%2FZxhvkiu5ahnPrL%2BR%2BAEL2Slk%3D
ckwlurries.com/ Name: GL_GI10
Value: eJxNjEFLw0AUhNONrg2VyIB47h9oIEGwVzGlB6EHLz0ua%2FraLJh9y%2B5WXX%2B9sYXibeYb5suyTNyXEMahbOqnqq4fq6ZeVs0S%2BYEYol3htuOjjT4pqwfCzZr8oG2C9HQwbCE2W8zOWXW8I1y3q8U%2Fdno9bNjHfv7WG0uLLYXoev1hNK46ExOm7bgOR7tD8dfPmtmoufDcBIfildIXvc%2Bf1ygsRRUc0Xh5Ye%2FY60goL%2FSkkDmmJijn%2BTvJCe6iGeiHLSne7wNFKTD5lOIXq9VOPQ%3D%3D
.moviesjoy.to/ Name: _ga
Value: GA1.2.67387908.1660176289
.moviesjoy.to/ Name: _gid
Value: GA1.2.1712153326.1660176289
.moviesjoy.to/ Name: _gat_gtag_UA_127877694_1
Value: 1
.moviesjoy.to/ Name: _gat_gtag_UA_139883519_66
Value: 1
.moviesjoy.to/ Name: _gat_gtag_UA_139883519_74
Value: 1
moviesjoy.to/ Name: __atuvc
Value: 1%7C32
moviesjoy.to/ Name: __atuvs
Value: 62f447a17c56612c000
.addthis.com/ Name: uvc
Value: 1%7C32
.addthis.com/ Name: loc
Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==
livrosdereceita.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
livrosdereceita.com/ Name: cookielawinfo-checkbox-functional
Value: no
livrosdereceita.com/ Name: cookielawinfo-checkbox-performance
Value: no
livrosdereceita.com/ Name: cookielawinfo-checkbox-analytics
Value: no
livrosdereceita.com/ Name: cookielawinfo-checkbox-advertisement
Value: no
livrosdereceita.com/ Name: cookielawinfo-checkbox-others
Value: no
.livrosdereceita.com/ Name: _ga
Value: GA1.2.2139406949.1660176291
.livrosdereceita.com/ Name: _gid
Value: GA1.2.835628692.1660176291
.livrosdereceita.com/ Name: _gat_gtag_UA_227761985_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk4iHImPraWcVglCaNFum-DKttEgeTO6RdKvD2jQKM9RkT236rwN1c8aO5zYiY
.livrosdereceita.com/ Name: __gads
Value: ID=d49e7009c555c3ad:T=1660176291:S=ALNI_MYZVhgVgDuB0tjQYwcf_vMOT_LEiw
.casalemedia.com/ Name: CMID
Value: YvRHpGyq1VVTs.la1qxpbQAA
.casalemedia.com/ Name: CMPS
Value: 1126
.casalemedia.com/ Name: CMPRO
Value: 1126
.adnxs.com/ Name: uuid2
Value: 6254192500510076279
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>2mT3`-!]tbPl1M>e)ZlrFUfJ+tGXxoD<yafZXoy-->mC8c`s4gEa[@v(`dW*-QuuC+*bpRz*qF1`*b^MO)kU-r
.adfarm1.adition.com/ Name: UserID1
Value: 7130402879752108174
.simpli.fi/ Name: suid
Value: 0B0C82833156447B85CF903C16018FB8
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2295974344-DF0F-43F2-A7DD-06448803B035%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~26io
.de17a.com/ Name: guid
Value: 1.1153767703760321710
.casalemedia.com/ Name: CMTS
Value: 1123
.yahoo.com/ Name: A3
Value: d=AQABBKVH9GICEDX-og5m5kHdOMSjTL3Z-MMFEgEBAQGZ9WL-YgAAAAAA_eMAAA&S=AQAAApsJkx4LgMQ0EW0cH0FNWfA
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvRHpQAFgt6eNAAK
.adform.net/ Name: uid
Value: 4888250855400603741

1 Console Messages

Source Level URL
Text
network error URL: https://adtrue.fun/dynamic/ads/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
adservice.google.de
adtrue.fun
api-public.addthis.com
awscloudfront.ml
bigcache.ml
c1.adform.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
ckwlurries.com
cm.g.doubleclick.net
d5p.de17a.com
db396cba6b770d5fb5a69959c3a44c39.safeframe.googlesyndication.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.moviesjoy.to
livrosdereceita.com
livrosdereceita.ml
m.addthis.com
megacdn.top
moviesjoy.to
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pz.unkemptscance.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.zdassets.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
google2waycm.netmng.com
s7.addthis.com
securepubads.g.doubleclick.net
www.googletagservices.com
104.18.18.126
104.18.70.113
104.18.72.113
104.31.16.5
142.250.185.226
142.250.186.162
151.101.194.49
151.101.64.84
169.50.137.182
172.217.23.98
172.255.6.135
172.255.6.155
213.155.156.165
23.47.209.169
23.47.209.72
23.47.212.127
2606:4700:3030::6815:2816
2606:4700:3030::6815:3197
2606:4700:3031::ac43:8c6f
2606:4700:3034::6815:838
2606:4700:3037::6815:2920
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2006
2a04:4e42::485
2a05:d018:d29:3602:68f1:8fce:a96f:e71c
2a06:98c1:3121::3
3.126.56.137
35.190.0.66
35.244.159.8
37.157.4.24
37.252.172.250
51.75.86.98
69.173.144.138
85.114.159.118
00b6d8c821d24799d184efd65d51f6a196cd3204399c0de207d75eedac233af7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055486b8ef198b37f47f0cd509ca420d37404f693ab5d8600bf366291f131be7
07b1532663ed01a948a44e3616c7a17e4d707041c904443b7ea86bf9242b04dd
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb7cbdc3af8accbf7c9d731203fad9c4c7d75df7cc2c32c9c54b4a60e734f54
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148045b3d82b9866c523f90b63627da50781b6f0ea083f060c8804246330d721
16caa966ea93c72da0721325fd490bfc31c364523979dff4c1cd1c7ed3788ffa
18f15a08e5c1a82603cdb87260ce3dec896e2fbb98f3c0cc0621ced5eea6c196
1a30057494e2f11f987ad8ef3db7e16511d6f1716edae93b6bc07e947a30f732
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
22d8c85662d28fccb17719b9d0052f152e95d435e22ac6661b02647d8861e594
2336e313c001c29a61c07034c116ace536884cc3caeb5f5250f9ceaa6a77a2c4
2359033175af9afde3eaa63da23419b4a78ad3a6072925951b5e9df0c0096ab2
253add07294baa2c17ff71b677885e5e8ec7ec07c9519584de18f292889ab8a5
2be37942366d28e7bf07dba422b2f3a871236dd8ea0a598180dd271e39c4e558
2c4305b1851de1d15636c20ddfa1136588a08eaca64f66a84f2024634d61fc90
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
30f2bc17c50b43aa397ea2ed31a7622d9da14cd300863b5466ba6ffad98d8be5
31031ffd258fd56f04d323ace13482d78e46b0275e7e7821310fdcd17ec0e4af
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34142a3b54120a34f4b119c24b571dd75bacb6234d897a616e6002cf8049e0bb
356e38db0b737115242c009b83e8b3d61596b1381907b4a7e08d9d95a37e6c6d
3683a69cfd4117498b828da5b85b8edea0f84f630656ab218ed5c3d87fb519f6
36b49266f9c6bb46cec49d167507aa44c8c89d66a2908de79c18f1d0eb577218
3748feb5a894be6d7833cfbef101969535da902ac70bf8ed138d3119d7d6715b
3b289c78dd5e2d6c4a44e1ce5f2d2a7e812817b85f83f4e29ea97d5162659030
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25
3f0228960dbb4b2f89b8b770d072d1d14ffdd0201a27baa6740caae5ce961b28
3ff40c70853efcbeb72e949a3442a7c62b14b823a83c06c52539d25ee1e62810
402a18c0434346f578d79bed323fe9a2d41ef76a5020a1ad18f265b58e31ca2f
414c1960f91e3abdcb956b67814de9b3231b5bf8c29e6dbf6c4c750dbb6ea447
418c6774bf50f8e035933f3e1fc3115d84b781e143c754d03487aa1b1b32fe54
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4868bb78cf16aed40eaaadf6218437652ac1043001007bb20f0e230cee2bd0ed
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021
49ef3661e3a0b961a118a269bc8c2828a232ab6a4c33569d1162bb9d76456a12
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5214fc1616fbd3df53b7934be5e22fbf9f7ad6769f40beced0172cfdb15295
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a80d403d177d1cc5c5094ea500938bbf6aec995210df68aaffd85795682e60
58f31c05672de1042057dc12d4373b65bb98ad880bc40d76f6c3958f7efb7276
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cd32bddca16b041b9d41788e4dd02b0b9123af3eced5e79ffd02495499f517d
5cd5f95ac599c7b6c1f4f69f706c46e07af1c49281e1e8a41de926315c1586f9
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6543f4b0035896d00d742419b219b7249f05ba9ec3946e3abb388f750d7de2e4
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
67133ef67a060200a05126324f5528294c6a09d7b60326133ddb7731cedc93e5
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6d0398e8fd7dae88a2fda13006d35ac3a42badf96736166de3d60164453ce2da
6e2067b806421d5a8d190e502e208bab3a0661ee1c86c232275d72847bcad573
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5
8462287ed0841f4d26f5dab1be12ae5dbb959116e69bea7489959b3cf93daf1c
86bf81345f345aa6a0dd6619f8d57a22d269945ae08ff96495322291e4e00e08
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c3c0a13c1c672288aab00a28698f52524f587e51b71821d7898b6d4f5832356
8c951a597072dd7d73e9d7218eb09cb7b0eb51bd5bd240650f71f57feecec2e3
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
93248da4a316717ba509bf08cdac2f71abab069bc815e59057e4398e2f731545
93c89c8a01ef5c2070e1a5c69f22d80cc23465cd4a4ca6e1e3ff413872b24dfc
96f171604e284998042d56431b61046bf7fdc32fd29c5fa399702d03299a7966
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d5c007ca975b1e1d932bc558293c9e67cd0cb1e60c15109f5a7fa200e758f11
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51e16ca7b49d84feeeee02528e26e8f867242df80e8fde6df3b59f527b5784e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac0d000c7241f6c456eb3b7ad43592246ae37c93474c89bc6e143b44e5b4d35c
ac671d4028fea63427cc84384d1c53fbadcba51ef4abc8e8104135cf74876254
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42715665dadf056f47bdcc7f82516dae9905f20a15fcee528194edaa274e587
b7aabf050aa1b90d020378248c4605e266080e4aa27b16d96fb4f5ecd35dc573
b7d4aaa6eb23a03f314e3e3a8851702ba71b7601fdcfae679c5c20438b6001a6
b7e551c458604d5604484615b1c856d9f50e3ee349ab8035d5ebbb013a4f60a2
bcf85e2aaaabbbbb194f96110fa1d8c133547ad011f09d5d031c88a7466c7ce8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c09e405f61ed65c16523cc7af33358d225f503318dfd30562658335c12b81bdd
c1b248cbab130c31827a3c7956efe817beafcb9ccb822d5364405565f566f892
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
c2ff5edad53ff9e1a9e79569d013cbd1a678de31d1d67db06e426027ff29b2a3
c3be71a1e4e4de4a2f7fed144b6cd7c4dd9812716324c3b720e5441014cf0f43
c4a8a6cde35e86df0bb041d20fd88c2046de4695adebe1dd1570d3127d0079c7
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
ca6b2e57fea31e742e2020920695acbee9407f8289c55e55d269ae32aed304f5
cd9b38679e5f92aa681e354bf60c9e952a476d22a224b9612e24a7a49d9be490
ce87586ad68edaf8a69097257dcb485512b56f7e8241ff8103331040b170f999
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d47576c5063476b9d4c7c02299538fdf61fe72faa850baf4713f6f9a469d0619
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
db38467e6c9985f5b1319b24cb3369505aa556f3adddfa74b93948302987c0e1
deb1823960a9feec2169e478dea82b06f499801c5c5e6331e2022023a3278128
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2c7907fb8e391d351b83117524e8490aa6fc315f9e061fba775362da07de2be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f648022b3c0281d7fd4a3f61dc422be875e862e3d5b8c7023d107ce821918f
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e838c5671a9420703b124997c01965e207cfe6f46b7334b712af277c164c3040
e9e2ec022d7022381ad504fee10671dfc7c5ad86f0691798636ca74b92aacd9d
eb32a635955e226734775639e6f9b84a8ff45b999bc1688f4b8cc9b77178b760
ec3ca44af763061bf9f7d0dcb807c0337f1ce91f75cac6293fc1412ea4267427
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ee07790d707ea58832f35e98a10adc1a22e5bbe72557fb2059e4b2ed796dbd
f2f1dc84e4ef961b787e21d203ce06521cced0634ae8b6fc41718f3770d7a42c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6583ac979e141fda601e47ad5b3966fa58bf7ff91d73a9025a9c8ab9de39843
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fe9f0570e6ea6a6e5c70f2e83fd46883a62e5fdd1ffce04471bedf0dbd23166e
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520