urlscan.io logo urlscan.io
SecurityTrails logo

tv.ifindfast.com Open in urlscan Pro
31.172.80.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Submission: On July 17 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 8 countries across 42 domains to perform 218 HTTP transactions. The main IP is 31.172.80.234, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is tv.ifindfast.com.
TLS certificate: Issued by R3 on June 27th 2022. Valid for: 3 months.
This is the only time tv.ifindfast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 31.172.80.234 44066 (DE-FIRSTC...)
1 185.177.94.89 39572 (ADVANCEDH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
1 1 52.222.214.124 16509 (AMAZON-02)
4 107.22.28.167 14618 (AMAZON-AES)
1 192.99.13.63 16276 (OVH)
1 35.190.41.116 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 139.45.197.237 9002 (RETN-AS)
44 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.166 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.197.238 9002 (RETN-AS)
5 139.45.197.239 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.227 15169 (GOOGLE)
3 52.29.132.48 16509 (AMAZON-02)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 162.252.214.5 53334 (TUT-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.61.227 39572 (ADVANCEDH...)
1 104.153.197.251 53334 (TUT-AS)
2 3 2a03:2880:f11... 32934 (FACEBOOK)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f08... 32934 (FACEBOOK)
218 54
24    31.172.80.234 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
tv.ifindfast.com
1    185.177.94.89 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-89.ah-server.com
branddnewcode1.me
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
19    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2606:4700:3036::ac43:decf (United States)

ASN13335 (CLOUDFLARENET, US)
daddylive.click
1    2606:4700:3037::ac43:c753 (United States)

ASN13335 (CLOUDFLARENET, US)
daddylive.eu
2    2606:4700:3033::6815:4b27 (United States)

ASN13335 (CLOUDFLARENET, US)
daddylive.one
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
26    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:3034::6815:30cd (United States)

ASN13335 (CLOUDFLARENET, US)
superfastcdn.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    52.222.214.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-124.fra56.r.cloudfront.net
excellernod.xyz
4    107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com
sbtlj.nergyflexibilit.pics
1    192.99.13.63 (Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
1    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2606:4700:3034::ac43:b286 (United States)

ASN13335 (CLOUDFLARENET, US)
rkc.primetubsub.xyz
4    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
thaudray.com
dozubatan.com
44    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:2250:fc00:10:abc1:d740:21 (United States)

ASN16509 (AMAZON-02, US)
d11enq2rymy0yl.cloudfront.net
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700:3038::6815:ea4d (United States)

ASN13335 (CLOUDFLARENET, US)
vcdnads.ru.com
1    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
onvictinitor.com
5    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
toglooman.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com
3    52.29.132.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
1    2606:4700:e6::ac40:cd22 (United States)

ASN13335 (CLOUDFLARENET, US)
player.licenses4.me
3    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
hereditarylenientparents.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
jubsaugn.com
3    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
4    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
ftmvdb16aolm.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
ftmvdb16aolm.n4.adsco.re
1    185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
ftmvdb16aolm.s4.adsco.re
1    2606:4700:3038::6815:eafe (United States)

ASN13335 (CLOUDFLARENET, US)
addresseepaper.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
dismantlepenantiterrorist.com
1    104.153.197.251 (United States)

ASN53334 (TUT-AS, US)
PTR: 104-153-197-251.customer.totaluptime.net
xadsmart.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-2.xx.fbcdn.net
1    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frx5-2.xx.fbcdn.net
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frx5-1.xx.fbcdn.net
1    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent-ams2-1.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
63 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
842 KB
30 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
ad.doubleclick.net — Cisco Umbrella Rank: 217
225 KB
24 ifindfast.com
tv.ifindfast.com
167 KB
17 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 553
scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 11918
scontent-frx5-2.xx.fbcdn.net — Cisco Umbrella Rank: 13771
scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 11303
scontent-ams2-1.xx.fbcdn.net — Cisco Umbrella Rank: 12423
732 KB
13 adsco.re
c.adsco.re — Cisco Umbrella Rank: 17586
6.adsco.re — Cisco Umbrella Rank: 18127
4.adsco.re — Cisco Umbrella Rank: 19691
ftmvdb16aolm.l4.adsco.re
ftmvdb16aolm.n4.adsco.re
ftmvdb16aolm.s4.adsco.re
adsco.re — Cisco Umbrella Rank: 14738
72 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 17
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
254 KB
5 gstatic.com
p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com
www.gstatic.com
17 KB
5 toglooman.com
toglooman.com — Cisco Umbrella Rank: 31624
134 KB
4 nergyflexibilit.pics
sbtlj.nergyflexibilit.pics
145 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
33 KB
3 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 13478
692 B
3 thaudray.com
thaudray.com — Cisco Umbrella Rank: 44908
27 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 6937
www.google.de — Cisco Umbrella Rank: 4915
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
ssl.google-analytics.com — Cisco Umbrella Rank: 411
37 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
2 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 282
97 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15099
s4.histats.com — Cisco Umbrella Rank: 12573
5 KB
2 superfastcdn.com
superfastcdn.com — Cisco Umbrella Rank: 94920
60 KB
2 daddylive.one
daddylive.one
27 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
86 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819
83 KB
1 dismantlepenantiterrorist.com
dismantlepenantiterrorist.com — Cisco Umbrella Rank: 125589
425 B
1 addresseepaper.com
addresseepaper.com — Cisco Umbrella Rank: 17346
23 KB
1 jubsaugn.com
jubsaugn.com
1 hereditarylenientparents.com
hereditarylenientparents.com
594 B
1 licenses4.me
player.licenses4.me — Cisco Umbrella Rank: 245415
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10511
544 B
1 onvictinitor.com
onvictinitor.com — Cisco Umbrella Rank: 274936
1 dozubatan.com
dozubatan.com — Cisco Umbrella Rank: 43932
1 ru.com
vcdnads.ru.com — Cisco Umbrella Rank: 492832
26 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 695
30 KB
1 cloudfront.net
d11enq2rymy0yl.cloudfront.net
10 KB
1 primetubsub.xyz
rkc.primetubsub.xyz — Cisco Umbrella Rank: 471416
29 KB
1 xadsmart.com
www.xadsmart.com Failed
xadsmart.com — Cisco Umbrella Rank: 106173
140 B
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 34630
899 B
1 excellernod.xyz
excellernod.xyz
623 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 957
644 B
1 daddylive.eu
daddylive.eu — Cisco Umbrella Rank: 392864
554 B
1 daddylive.click
daddylive.click
552 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
40 KB
1 branddnewcode1.me
branddnewcode1.me
19 KB
218 42
Domain Requested by
44 tpc.googlesyndication.com tv.ifindfast.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
25 googleads.g.doubleclick.net pagead2.googlesyndication.com
tv.ifindfast.com
googleads.g.doubleclick.net
24 tv.ifindfast.com tv.ifindfast.com
19 pagead2.googlesyndication.com tv.ifindfast.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
8 www.google.com 6 redirects tv.ifindfast.com
tpc.googlesyndication.com
6 www.googletagservices.com googleads.g.doubleclick.net
5 toglooman.com thaudray.com
toglooman.com
4 ad.doubleclick.net 2 redirects googleads.g.doubleclick.net
4 sbtlj.nergyflexibilit.pics daddylive.one
sbtlj.nergyflexibilit.pics
3 www.facebook.com 2 redirects connect.facebook.net
3 www.gstatic.com googleads.g.doubleclick.net
3 4.adsco.re daddylive.one
c.adsco.re
tv.ifindfast.com
3 6.adsco.re daddylive.one
c.adsco.re
tv.ifindfast.com
3 c.adsco.re d11enq2rymy0yl.cloudfront.net
c.adsco.re
3 simplewebanalysis.com vcdnads.ru.com
3 thaudray.com daddylive.one
thaudray.com
2 scontent-frt3-2.xx.fbcdn.net www.facebook.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com
2 s0.2mdn.net tpc.googlesyndication.com
2 superfastcdn.com daddylive.one
superfastcdn.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 daddylive.one tv.ifindfast.com
daddylive.one
2 connect.facebook.net tv.ifindfast.com
connect.facebook.net
2 maxcdn.bootstrapcdn.com tv.ifindfast.com
maxcdn.bootstrapcdn.com
1 scontent-ams2-1.xx.fbcdn.net www.facebook.com
1 scontent-frx5-1.xx.fbcdn.net www.facebook.com
1 scontent-frx5-2.xx.fbcdn.net www.facebook.com
1 xadsmart.com d11enq2rymy0yl.cloudfront.net
1 dismantlepenantiterrorist.com tv.ifindfast.com
1 adsco.re c.adsco.re
1 addresseepaper.com vcdnads.ru.com
1 ftmvdb16aolm.s4.adsco.re c.adsco.re
1 ftmvdb16aolm.n4.adsco.re c.adsco.re
1 ftmvdb16aolm.l4.adsco.re c.adsco.re
1 jubsaugn.com thaudray.com
1 hereditarylenientparents.com vcdnads.ru.com
1 player.licenses4.me rkc.primetubsub.xyz
1 my.rtmark.net thaudray.com
1 onvictinitor.com thaudray.com
1 dozubatan.com thaudray.com
1 vcdnads.ru.com rkc.primetubsub.xyz
1 code.jquery.com rkc.primetubsub.xyz
1 d11enq2rymy0yl.cloudfront.net daddylive.one
1 rkc.primetubsub.xyz daddylive.one
1 ssl.google-analytics.com daddylive.one
1 youradexchange.com superfastcdn.com
1 s4.histats.com s10.histats.com
1 excellernod.xyz 1 redirects
1 s10.histats.com daddylive.one
1 www.google.de tv.ifindfast.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 daddylive.eu 1 redirects
1 daddylive.click 1 redirects
1 www.googletagmanager.com tv.ifindfast.com
1 branddnewcode1.me tv.ifindfast.com
0 www.xadsmart.com Failed daddylive.one
218 61
Subject Issuer Validity Valid
tv.ifindfast.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
branddnewcode1.me
R3		 2022-07-15 -
2022-10-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-25 -
2022-07-24		 3 months crt.sh
*.daddylive.one
E1		 2022-06-26 -
2022-09-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.superfastcdn.com
E1		 2022-07-09 -
2022-10-07		 3 months crt.sh
histats.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
nergyflexibilit.pics
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-20 -
2023-06-20		 a year crt.sh
*.primetubsub.xyz
E1		 2022-06-07 -
2022-09-05		 3 months crt.sh
thaudray.com
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.vcdnads.ru.com
E1		 2022-06-11 -
2022-09-09		 3 months crt.sh
dozubatan.com
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
onvictinitor.com
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
toglooman.com
R3		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
simplewebanalysis.com
Amazon		 2022-04-01 -
2023-04-30		 a year crt.sh
*.licenses4.me
E1		 2022-06-06 -
2022-09-04		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
hereditarylenientparents.com
R3		 2022-07-06 -
2022-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.l4.adsco.re
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.n4.adsco.re
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.s4.adsco.re
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.addresseepaper.com
E1		 2022-06-25 -
2022-09-23		 3 months crt.sh
dismantlepenantiterrorist.com
R3		 2022-06-30 -
2022-09-28		 3 months crt.sh
xadsmart.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh

This page contains 32 frames:

Primary Page: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Frame ID: 0830961473B4D01FE94A0D34D222C3D5
Requests: 50 HTTP requests in this frame

Frame: https://daddylive.one/s2w/stream-144.php
Frame ID: C84200BF7257AB4B3F38182F3FF4B3F0
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 09EF992C03571BA3ADB237BBA5A472CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Frame ID: F9F2DE0DEC01DDCF74255756BBB79B03
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Frame ID: A01F1B8715572901FABF14CD22805C58
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Frame ID: 9FE513E81C23A1C851049E2977892918
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Frame ID: F6266089EA7DDAA845F1E69628F86D39
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&adk=1812271804&adf=3025194257&lmt=1658066178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177898&bpp=1&bdt=181&idt=101&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600%2C255x600&nras=1&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=105
Frame ID: BCB14610B6C00A8D2B85427879F520F9
Requests: 1 HTTP requests in this frame

Frame: https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
Frame ID: C8ADCC393DDCBAACC02E39A607CC8795
Requests: 5 HTTP requests in this frame

Frame: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Frame ID: C4BDDF3A1550F399567BFB977F73C4C0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Frame ID: A33B8F779B2A83F276DA3E069C0FCE45
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CNqG1-yJgPkCFTX-uwgdUC8Ckg;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 2027428E21511BE664EAB67A6F1259E2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Frame ID: 331C3DB4125377CECE2C103C77949714
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CL372eyJgPkCFTiB_Qcd_zkMsQ;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 3A7A51983A2C1456AC39F50F176B76DE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8421A1E180897C01D0515354AE158029
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C7018DF197504691E2095FD15281718
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7A02B5480E91EC609979FDB50DD6D600
Requests: 2 HTTP requests in this frame

Frame: https://p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: AD3E15A922DD8F952CD59E6663E88013
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 153A7E2976F12D7B93794B7A9526988B
Requests: 2 HTTP requests in this frame

Frame: https://player.licenses4.me/player.php?id=premium144&test=true
Frame ID: DF22788AED6D175FD87E23D5978DE95C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: B611A892485B9953D1EC35237FAC9072
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: D4DEECD8F4D6133735C8D1518F93DC24
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Frame ID: 34F7AF80E37121F82E3BE7829C4B2D99
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Frame ID: FC97672743B1ECAA670B9F6FF6F2A51B
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 733A81A687013FCCDE46256F534B1AC5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D2A07D20FC7FEEC24348B6DBE468BC3E
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CHeebo%3A400
Frame ID: BCA26D3869CA841AC695A23DFA8F4E50
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D5C990EFB2E4F50ECDF4574A1212AAB1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Frame ID: 804218AE3E74FEA51C4C2B6CD4DD93BF
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Frame ID: 0E7636749CD06F6A8B0ED579FA007BAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29157749F31DDAA784728691C356A760
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 358FC32D782A7364BFD034E2FE1E7D45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ערוץ ספורט 5 לצפייה ישירה

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

218
Requests

97 %
HTTPS

63 %
IPv6

42
Domains

61
Subdomains

54
IPs

8
Countries

3229 kB
Transfer

9137 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://daddylive.click/s2w/stream-144.php HTTP 301
  • https://daddylive.eu/s2w/stream-144.php HTTP 301
  • https://daddylive.one/s2w/stream-144.php
Request Chain 49
  • https://excellernod.xyz/redirect?tid=953898 HTTP 302
  • https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
Request Chain 60
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CNqG1-yJgPkCFTX-uwgdUC8Ckg;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 73
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CL372eyJgPkCFTiB_Qcd_zkMsQ;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 127
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 130
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 131
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 179
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 181
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 193
  • https://www.facebook.com/v2.8/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width= HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width

218 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
tv.ifindfast.com/tv/ 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
1956bb1d1eba27d3240d9ae1abbb0529e528cbf7ddc3c3deb0756e9a5cf8e18e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-length
5884
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:17 GMT
expires
-1
pragma
no-cache
server
nginx
vary
Accept-Encoding
gy3dknzugy5ha3ddf44donq
branddnewcode1.me/code/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://branddnewcode1.me/code/gy3dknzugy5ha3ddf44donq
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.89 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-89.ah-server.com
Software
nginx /
Resource Hash
191042ba153a2d60daa09dd507eb6ccf71b05006cf773278ca0b5b8a980fe6ad
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Jul 2022 13:56:17 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
bootstrap.min.css
tv.ifindfast.com/assets/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/bootstrap.min.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
aa00fbe7d08b8497e093308576b833d82b6453fccc243af014023414ee167746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Mon, 05 Jul 2021 18:54:09 GMT
server
nginx
etag
W/"60e35551-1d97a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
11125723
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e55ae71d8339ddb30e4376a027623d28
cf-ray
72c37aeb1a362373-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
owl.carousel.min.css
tv.ifindfast.com/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/owl.carousel.min.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
f4f09dea12f5d1524e13a0a00e7f22c8f2d7cb19bf705e7ba4e98ae4c1efc54d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-bcc"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
genius1.css
tv.ifindfast.com/assets/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/genius1.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
3faf97587e8696e87cee4109534f3ca4f34fc6d6dbff733df4ce12eb11da5e9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Mon, 05 Jul 2021 18:53:54 GMT
server
nginx
etag
W/"60e35542-5196"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
genius-slider.css
tv.ifindfast.com/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/genius-slider.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
8d182d0d0d81123c896f23afc91e0c3af0866b6032565211de9e3dbe18761ba4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-1f19"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
genius-gallery.css
tv.ifindfast.com/assets/css/ 		3 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/genius-gallery.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
28eb4f183218e11c46c6ce032c76881efe4c20e36a1bbd3b567211d5a8bdedd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-abb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
lightbox.css
tv.ifindfast.com/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/lightbox.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
b23fc3e24a4f8ca9e480761f1bdde949020ef4d1beaa18f475b0613dcce6329e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-f33"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
animate.min.css
tv.ifindfast.com/assets/css/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/css/animate.min.css
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
26968435703f42f548195e31049e1f621c267346a0295be2bafa457b5904ace9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-ce3f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo350.png
tv.ifindfast.com/assets/images/logo/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tv.ifindfast.com/assets/images/logo/logo350.png
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
a61d99915f5d27e8161ff2640c89b47f9e7cb368443783a4636b62b91741548f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
"6097cd7a-811e"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
33054
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7699871555d1cfba1d7ea8e1b5f9f417bcadd2810266ea166e692d32fd33b26f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56493
x-xss-protection
0
server
cafe
etag
12846198696168631702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Jul 2022 13:56:17 GMT
tvwhite.png
tv.ifindfast.com/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tv.ifindfast.com/assets/img/tvwhite.png
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
4a6dbbc267f2ddec9271d72eb89d7c4f6e88288dd54cba58a46e0ace58f68deb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
last-modified
Mon, 19 Jul 2021 05:02:08 GMT
server
nginx
etag
"60f50750-979"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2425
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
tv.ifindfast.com/assets/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/jquery.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-17629"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
owl.carousel.min.js
tv.ifindfast.com/assets/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/owl.carousel.min.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
99a253a69ffb1139d83f5d5ad502120a67b1ed68082d0c9f86bc5a0d29747d4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-a728"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wow.min.js
tv.ifindfast.com/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/wow.min.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-1ff6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.smooth-scroll.js
tv.ifindfast.com/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/jquery.smooth-scroll.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
38beba8deebd2a8d990f795130b970c669c5024b25c4773efbe8431aaae91ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-24a3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
tv.ifindfast.com/assets/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/bootstrap.min.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-90b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.mixitup.min.js
tv.ifindfast.com/assets/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/jquery.mixitup.min.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
f81cf47223d61d871657ae1e73ab17bc49a8805db8196e44f54d39d203279785

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-6ddf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
lightbox.min.js
tv.ifindfast.com/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/lightbox.min.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
051a58a8adcdd3760185cc295626f5aba285002c1ccee541c29d3ec93032384c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 10:56:04 GMT
server
nginx
etag
W/"612e0ac4-24a7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
plugins.js
tv.ifindfast.com/assets/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/plugins.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
874c4bdc201a59e602432811b04905b94224486a4b082cc608f6f6a820a0bd4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-54ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
genius.js
tv.ifindfast.com/assets/js/ 		1 KB
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/genius.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
58baa65a42c26461673d916f55edbb801de83e2d10f02f13e8ca2ef098aa2a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-4f1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
genius-slider.js
tv.ifindfast.com/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.ifindfast.com/assets/js/genius-slider.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
a16f2892563f5fd497af832e8b27876bc93e5be9d435abd410bba28cde376132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
W/"6097cd7a-3230"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65085328-1
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d232260d3bcca7336f759e3ba8f6919cada23872ae20f412a60f7f2dd32a02e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40234
x-xss-protection
0
last-modified
Sun, 17 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Jul 2022 13:56:17 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
341c1014109f273040169372f49ce68b0927eb699a7ba61aec94d2c9ed6f5465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
h0ybZaC+JKp3oCjA7Df3IA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
8mIjxsgz505UmUjmX/wzk5XVdB2+k/gdpgiOslaKALMUg8JECjUycdEOF+4QEIezuVxoebWFCO1ZCm8ieq4T+Q==
x-fb-trip-id
2050670934
x-fb-content-md5
ce89a7e91f182a59a1b482a1eb81c1dd
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 17 Jul 2022 13:56:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0f4492da024fbfbe3f988c8c84d09420"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 17 Jul 2022 14:03:12 GMT
stream-144.php
daddylive.one/s2w/ Frame C842
Redirect Chain
  • https://daddylive.click/s2w/stream-144.php
  • https://daddylive.eu/s2w/stream-144.php
  • https://daddylive.one/s2w/stream-144.php
76 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daddylive.one/s2w/stream-144.php
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7338c69b447bb0d02ab75295d20a5527138e27cfb63acf90c4cc94400fdc14be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72c37aed3d8359fb-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
greydedi
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crERkQ27hXC827SIpkA3NASicvsUQzSAMf3kVOmc3wMBrzSCiPDejlQocENUg9dOTbAjD1FItgmlWQsFQ5MrPHPvRN49n%2B7EarEcTJs3xnSnGf5HMjaP4Q5lcZ90pYeAMIo80hQ4FqpbfxtP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
72c37aec9ad7baa6-MXP
date
Sun, 17 Jul 2022 13:56:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 17 Jul 2022 14:56:18 GMT
location
https://daddylive.one/s2w/stream-144.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3qOTAFCgY3dBQm2qc2YPAW3GvnHWwkPaKUhjo5SbIPf%2BlHPNyTXU8laQUxTbLBuHVFKCDFXU%2BciB2Zn1lePUOq%2FLTMwdCyS4b5HAJ7%2F9wlNADVcSOQQvoVzqmX5LZOJxaHQPi8w4sx4ZgM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://tv.ifindfast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-cachedat
04/09/2022 08:19:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
acdf7a8400e02a13ee5dafb047d3f3e2
accept-ranges
bytes
cf-ray
72c37aeb6d040221-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=31e027b869629cc618e94deb1c77569e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0aed09ee4732bc2f4ed5074c15f03f14fb676aa4f2978eadf8f8d1a07284b47c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tv.ifindfast.com/
Origin
https://tv.ifindfast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2DF7NUWZXB/ALS1FMJMHZw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85964
x-fb-rlafr
0
x-fb-debug
kwKFVWVgIxb1S9xH6JlgbjSyzqRNTAdbymYE+jjLSpKNFBZkGnZd560SfW9wYJe7agzsnzxVvRK9U1RnbDwnYw==
x-fb-content-md5
53c125f483e7b595d7afa9f4753443d6
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 17 Jul 2022 13:56:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9fab1c49c2977a3322fd5c766ed7729e"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 17 Jul 2023 13:42:35 GMT
prev.png
tv.ifindfast.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tv.ifindfast.com/assets/images/prev.png
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
"6097cd7a-550"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1360
expires
Thu, 31 Dec 2037 23:55:55 GMT
next.png
tv.ifindfast.com/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tv.ifindfast.com/assets/images/next.png
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
"6097cd7a-546"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1350
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading.gif
tv.ifindfast.com/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tv.ifindfast.com/assets/images/loading.gif
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
"6097cd7a-211c"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8476
expires
Thu, 31 Dec 2037 23:55:55 GMT
close.png
tv.ifindfast.com/assets/images/ 		280 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tv.ifindfast.com/assets/images/close.png
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/assets/css/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.172.80.234 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/assets/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
last-modified
Sun, 09 May 2021 11:54:34 GMT
server
nginx
etag
"6097cd7a-118"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
280
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65085328-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3609
date
Sun, 17 Jul 2022 12:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 17 Jul 2022 14:56:08 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8ce109182039bfa45b86386fc381bdb1ea6b062817165a6f85beeb4f676fd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122412
x-xss-protection
0
server
cafe
etag
7301688003612347317
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Jul 2022 13:56:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 09EF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 05:51:52 GMT
etag
10429905676100781186
expires
Sun, 31 Jul 2022 05:51:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1322046347&t=pageview&_s=1&dl=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&ul=en-us&de=UTF-8&dt=%D7%A2%D7%A8%D7%95%D7%A5%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98%205%20%D7%9C%D7%A6%D7%A4%D7%99%D7%99%D7%94%20%D7%99%D7%A9%D7%99%D7%A8%D7%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1814881963&gjid=118496076&cid=2071584621.1658066178&tid=UA-65085328-1&_gid=1882053258.1658066178&_r=1&gtm=2ou7d0&z=1900903557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tv.ifindfast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tv.ifindfast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		217 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tv.ifindfast.com&callback=_gfp_s_&client=ca-pub-6979376228164642
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
187ca8fff15e6d801bc1bc0ffad4e2510ff28f7ac20544e245eebede66bebbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tv.ifindfast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tv.ifindfast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F9F2 		69 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
906e984d58a1c6b8a8940a1e354b2d30ad5136f7881d59b67664988db89776f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
28604
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:18 GMT
expires
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65085328-1&cid=2071584621.1658066178&jid=1814881963&gjid=118496076&_gid=1882053258.1658066178&_u=YEBAAUAAAAAAAC~&z=1774348549
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tv.ifindfast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 17 Jul 2022 13:56:18 GMT
content-type
text/plain
access-control-allow-origin
https://tv.ifindfast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A01F 		69 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
404245d2d2c4ebd2047875aa91e82240d95a414cf5cc7618d84823856ffe6085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
28378
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:18 GMT
expires
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9FE5 		130 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
452dd606e05bb4b6a2d91400bb78e737bb548eef6e1bd100b69d385755581778
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COauuOyJgPkCFcr37QodFWMPxw&gqi=AhXUYscez4b27w-MyZf4Ag&layout=/sadbundle/%24csp%253Der3%24/6356646847452108421/300x600.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
42978
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COauuOyJgPkCFcr37QodFWMPxw&gqi=AhXUYscez4b27w-MyZf4Ag&layout=/sadbundle/%24csp%253Der3%24/6356646847452108421/300x600.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:18 GMT
expires
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F626 		142 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40c7d956987b82de70548c4cfa08d934012051311ad190df054cb817af80ded6
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COb8uOyJgPkCFZbZ7QodX8kChQ&gqi=AhXUYoBo3aX27w-2lIXYCg&layout=/sadbundle/%24csp%253Der3%24/6356646847452108421/300x600.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46953
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COb8uOyJgPkCFZbZ7QodX8kChQ&gqi=AhXUYoBo3aX27w-2lIXYCg&layout=/sadbundle/%24csp%253Der3%24/6356646847452108421/300x600.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:18 GMT
expires
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BCB1 		262 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&adk=1812271804&adf=3025194257&lmt=1658066178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177898&bpp=1&bdt=181&idt=101&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600%2C255x600&nras=1&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=105
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dc39a844e1226d9cb7efe93814ba5160794ca43d5f1d4618af3fd0d3235cd88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
67502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:18 GMT
expires
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65085328-1&cid=2071584621.1658066178&jid=1814881963&_u=YEBAAUAAAAAAAC~&z=1962408243
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65085328-1&cid=2071584621.1658066178&jid=1814881963&_u=YEBAAUAAAAAAAC~&z=1962408243
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yzfdmoan.js
superfastcdn.com/script/ Frame C842 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/yzfdmoan.js
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:30cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e74c085ab5474861b63592f5e6155cad2d123d75fc74fc7ff8d520d49ebe1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=YRUxNg==, md5=NBfEtEYxXvZ+6fKP6ZM0YQ==
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3232
x-guploader-uploadid
ADPycdujv53BAVDkBaldzOw-kxxzi8uzJgEmzLoDPwJdNdHDEasH6vImTIsNIPLa1WOXzhtz-vidMI8DjMbhAi-vb5Hm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Jun 2022 06:48:06 GMT
server
cloudflare
etag
W/"3417c4b446315ef67ee9f28fe9933461"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5ZZgj80xojU%2FiS%2B5Jq1oBS2UQBXvgXWxes%2F1PIjyS7On2mf1pxh1TQxwrlOC%2Bgwo9D2G6TXUjCyCp5U69iJZ1h4%2FafgkgO5h7m6kP%2Faz4Ns69nwmoYBc%2B0UgmRNo1hD7BXeJHRjt92dgpHrJOJT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655966886099417
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
100787
cf-ray
72c37aee5fac59fb-MXP
expires
Sun, 17 Jul 2022 14:02:26 GMT
js15_as.js
s10.histats.com/ Frame C842 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:54:04 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
933167633
JMU
sbtlj.nergyflexibilit.pics/ Frame C8AD
Redirect Chain
  • https://excellernod.xyz/redirect?tid=953898
  • https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=ht...
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/ Express
Resource Hash
92ca49fb35fd69fa8f528df991928501cdf654547977d247b49c758b1493e325

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"325e-RW0N5+hvq2+RpM3/ckS51i6miYE"
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-length
0
content-type
text/plain
date
Sun, 17 Jul 2022 13:56:18 GMT
location
https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-id
bbH5Rr9W8N6AiFQZeeuDLFGj-r8B3JUtLMI1V5Kvvl7FflYnvnsW7g==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
0.php
s4.histats.com/stats/ Frame C842 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?2162676&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Ftv.ifindfast.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-168955090&@b3:1658066178&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddylive.one%2Fs2w%2Fstream-144.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
08b26bff29c8c0cd7b0005c8cf8b7c9a193ebf5f575b35b1706b858c068ee442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 13:56:18 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
ut.js
superfastcdn.com/script/ Frame C842 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1658066178358
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/yzfdmoan.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40d38a967a5b28fb5694bc58d6137b6a05755c8e278474cb65538cb15d7f966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=tcebUA==, md5=g9d5kmsRdHR+zLVJo+9B6g==
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsRKTP_hKMvU_YYgi9iUvZ-AiohwlFzUdf4T1K5xKfUt4sjr9kEP-zqM9wfCIKBJr5vVfA5ZYoCX_YBTn48QtlIXU3ZwgX4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jun 2022 13:17:23 GMT
server
cloudflare
etag
W/"83d779926b1174747eccb549a3ef41ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twK%2FXEEeVX86ur5%2BfRdKiKVnTigz70B4wAHMvuWt9xPM9KgGsEfa3kmUKtSBRXZ8EJSzFzwPCQ27%2FfaE5rnc%2F%2BGtPHXOHGF%2Bd2jPNw8%2FRVwi9vZLftOqR5u3Qba6nKv5Hb0Y1sXPHJFnH2ATTjA4"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654780643008405
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
68769
cf-ray
72c37aef0ab4839a-MXP
expires
Sun, 17 Jul 2022 14:35:19 GMT
suurl4.php
youradexchange.com/script/ Frame C842 		957 B
899 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5815570&cbur=0.45955721520631565&cbiframe=1&cbWidth=825&cbHeight=494&cbtitle=&cbpage=https%3A%2F%2Ftv.ifindfast.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0&chmob=?0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/yzfdmoan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
cd1a5e8bac81bef11c30d17f9d185898a95c12ec5c33612034ec2b6724b9d636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json; charset=utf-8
fullpage.min.css
www.xadsmart.com/ Frame C842 		0
0
ga.js
ssl.google-analytics.com/ Frame C842 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
314
date
Sun, 17 Jul 2022 13:51:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 17 Jul 2022 15:51:04 GMT
daddylive.php
rkc.primetubsub.xyz/premiumtv/ Frame C4BD 		78 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aafd90762cf0baccd5affc19ea69914ca3ad8d208f1c6a6e64830e4b4ab9ee2b

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
248142
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
72c37aef4f91374c-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Jun 2022 17:01:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DC6uEi5OS2GHTV%2FfCtxba2dUbObgub6q80FLGAFpzVQpGvQlAVOFb%2BHxirfir4W5YJwXr2gBo%2BmCqVwG73jiXtmLoBF65T7Uczi0RbgT3gWRKEsl0xqrVnqwYebhxf%2FmovB%2F8kbszRj0izuXpGqkJCvi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
stream-144.php
daddylive.one/s2w/ Frame C842 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://daddylive.one/s2w/stream-144.php
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2B%2Be3noaOdvdQJylCqTIqPfFSdFqSNz0KTifbtTNWGwXhRk0YbCQ1cc0CGTNRmDK0bBfmB5JPXtkTQC3jVmcHZTEWvytwxAyHK2ZGpPjA8hyi%2FyOUzKwO7yH8VzSQU5dkhybg40mTLojrVKi"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
greydedi
HIT
x-turbo-charged-by
LiteSpeed
cf-ray
72c37aef6ec483a8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
/
thaudray.com/5/4284414/ Frame C842 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thaudray.com/5/4284414/?oo=1&aab=1
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
91ab01258378245af1e62612c357e2a7eae1cc9f97f4a72efc8fb9bf49f64626

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
b4304e429a71c21b483c5874e691f3a8
pragma
no-cache, no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://daddylive.one
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
thaudray.com/ Frame C842 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thaudray.com/tag.min.js
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
22842
x-trace-id
f5e28d83f5ac94ed9a6a97ba8563ec13
pragma
no-cache
last-modified
Fri, 08 Jul 2022 11:36:53 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
300x600.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/ Frame A33B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01bfa269b8212f066bf425c10d13d750c66b182d7a84482a28d65623c6df9eee
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1166
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Jul 2022 22:37:02 GMT
expires
Sun, 16 Jul 2023 22:37:02 GMT
last-modified
Thu, 17 Jun 2021 15:17:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B25991098.306365351;dc_pre=CNqG1-yJgPkCFTX-uwgdUC8Ckg;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 2027
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CNqG1-yJgPkCFTX-uwgdUC8Ckg;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CNqG1-yJgPkCFTX-uwgdUC8Ckg;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CNqG1-yJgPkCFTX-uwgdUC8Ckg;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=3614320929;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2027 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMsKMAhXUYubzAZaztwffkouoCOCA5ZhrwqS9x7wQ-OuXiecYEAEgrPGJJ2CV4pCCoAegAfS4v8UDyAEJqAMByANIqgSYAk_QHNslL2iavEcATxjV6A9vel8YphDx-pyB_36rtEXYe8DLf_Ot9yc7_t2k5aY4ERzkKfz7DH28M_pPL6mUzkMydhJWpEyFv3KhdTVO9Buh-kES30wMoKvJfvL-fmeH1YJBGHBoUXegE10qVhtD8LiSL002j8sHig-CiMJtdBPmzgSnSsJiWiWbedVEe0XEx-wGiShExqcpWts95v72gZyAw2yTCS0VBcBOaBZGUIoqXO3n3DVNprJ4lWdDPrflDDQ5x0Nbd3JjVrIoAALxcyfXzqe-1PwTnQZS2ZKELGVA4mHbxWtd7IH2sZUTF-fgz7OmQTHSnjxdBmWXGtH3TaiXDwsFGMSq3MGZPjxxn-IrZVszf0C36AHABJze_NqHBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfsoaimAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIisAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=O7ctLfEndcY&uach_m=[UACH]&template_id=419
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 17 Jul 2022 13:56:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 2027 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:47:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2027 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:46:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2027 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:49:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2027 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:18 GMT
2384088834180617703
tpc.googlesyndication.com/simgad/ Frame F9F2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2384088834180617703?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklUJ8wGLDDvr60gVnEQwn4y1E9ng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e370fecce4e39a2960185acf1482babf68aface4bcb853ffcc2317908250cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 19:37:26 GMT
x-content-type-options
nosniff
age
152332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4062
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 02:11:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Jul 2023 19:37:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame F9F2 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:47:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F9F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9F2 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F9F2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:52:17 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F9F2 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:52:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12985
x-xss-protection
0
server
cafe
etag
7466239315051897255
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 11:52:22 GMT
300x600.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/ Frame 331C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01bfa269b8212f066bf425c10d13d750c66b182d7a84482a28d65623c6df9eee
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1166
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Jul 2022 22:37:02 GMT
expires
Sun, 16 Jul 2023 22:37:02 GMT
last-modified
Thu, 17 Jun 2021 15:17:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B25991098.306365351;dc_pre=CL372eyJgPkCFTiB_Qcd_zkMsQ;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 3A7A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CL372eyJgPkCFTiB_Qcd_zkMsQ;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CL372eyJgPkCFTiB_Qcd_zkMsQ;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25991098.306365351;dc_pre=CL372eyJgPkCFTiB_Qcd_zkMsQ;dc_trk_aid=498955199;dc_trk_cid=152931923;ord=2912369527;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3A7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSaZgAhXUYualAcrvtweVxr24DOCA5ZhrwqS9x7wQ-OuXiecYEAEgrPGJJ2CV4pCCoAegAfS4v8UDyAEJqAMByANIqgSSAk_QoZ1NpoqnopVRsGZqnZvnkM6yARYBxW-jmp2l0yfR8ZQRPBPMxi9nxet0Y9P5HBmLnw5fIESXlhDtOPQNz1HyDL2Z3doPCGJ7Uire37udOVCpdS4oClTGi7NunPWnqFT5CJsxCXa2lzEGPTBKuHql2Mls8ycxxxYkFrqf6ll0x6cYHPObfmdPeFKMr2chMKOQDV1l-tM6qBi3abmZ4rB-RPuSEJa4RTmp1PuRu_fj8-Icq5bgW11e1OQQ1n3GsVe0vwTjMH5pNist7r96rXBlOrjF25w1qS8oqZFSb1ILsNra2-ODLimyuw5bUvFzZQIYaAri2c1av2qvYpA7iBdMDKNSyHWT55EalYh8BU9jHuvABJze_NqHBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfsoaimAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM7wCtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=AFZCdDkgV6o&uach_m=[UACH]&template_id=419
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 3A7A 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:42:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3A7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A7A 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3A7A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:52:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F9F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdTzdAhXUYs1YqqD27w-4hYPoBoeurZFrkNymnOUPt6GN7r0pEAEgrPGJJ2CV4pCCoAegAaTdmosDyAECqAMByAPJBKoEjwJP0BOs1yyYg_Z5skGPHTcIwxJH6tkFnlS-goVmacC6MMWcBOewUwnp1rAxWAx09LXFkOQ-Obz4isMJQStxILXKw3YFSkQl-bSxqfe-YDLjf4bsT0nsfFyFa1DwA4R8YQFQhGrRHJ0U7rmBD8ysrmbBEYcLhU6XOmKU5mFKhXPGCJNSlfplcRMbN26P42e1-nTuu_PbCVnMXBq1dcaTapePVF6YnAO69F8XVwJLqbItEQs1LLweBDkMDsPCQ704h5Y5ZUZPmk9EXdBAAbL9rPs93QYLH0eoLBJP_I3gPKiRHaxbiAw-a-ohIuiFl_tTZQklI_xWaDRfQyk7LQM4CJVco-kGpV3i9vlUmM6zuVhtwASs7_jk8gOSBQQIBBgBkgUECAUYBKAGAoAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELm6CNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=h7XKVZuvUlg&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
6905151113103949573
tpc.googlesyndication.com/daca_images/simgad/ Frame A01F 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6905151113103949573
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72581d1913faf103dc70178a3b461de59b82d24c13ea198da5414609bc741346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:34:37 GMT
x-content-type-options
nosniff
age
1301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122403
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 10:24:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Jul 2023 13:34:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame A01F 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:42:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame A01F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A01F 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame A01F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:52:17 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame A01F 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:52:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12985
x-xss-protection
0
server
cafe
etag
7466239315051897255
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 11:52:22 GMT
psd.min.js
d11enq2rymy0yl.cloudfront.net/ Frame C842 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11enq2rymy0yl.cloudfront.net/psd.min.js
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:10:abc1:d740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3ad911079305129a9f40123c761d876d3239a2310cc4e6bbcd29809df92b2b4

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
Origin
https://daddylive.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 16:49:46 GMT
content-encoding
gzip
age
507992
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
x-amz-cf-pop
FRA60-P2
link
<https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
content-length
9892
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-id
mFcdfet4nWj1xXisxSm5_IZQadopNQwdi6AzTxoAJC0f9bae45C-nw==
expires
Mon, 18 Jul 2022 16:49:46 GMT
jquery-3.5.1.min.js
code.jquery.com/ Frame C4BD 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
x-hw
1658066178.dop141.fr8.t,1658066178.cds052.fr8.hn,1658066178.cds280.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
include2.js
vcdnads.ru.com/ Frame C4BD 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vcdnads.ru.com/include2.js
Requested by
Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d87059c479f69fea247153d796cfffeda0f80ec2a68d456267c219c9994e31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173916
max-age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 14 Jul 2022 17:19:54 GMT
server
cloudflare
etag
W/"62d0503a-10e17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ax9L1tjTXmL99zQDWM5j83LIIGy3%2BKVM10GD%2BHtnNvH1PQjCAwZaoyES5O9H0B1x8xE3hyor2bViqXDsTpFSXQOvCst1aYc96do%2BejgO7UaD8V%2Fmp8X0AeL1Btzf9kUdIpfilr2Z%2FeJgD%2FD5yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
72c37af09fc6bb25-MXP
adview
googleads.g.doubleclick.net/pagead/ Frame A01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CB8LxAhXUYueWAYGhtwf6lL7wD9D-p6Jro7H_gpwQ2pbrqKIwEAEgrPGJJ2CV4pCCoAegAb_L5oUCyAECqAMByAPJBKoEkgJP0NSuf3pHAZJcKvWJa4SBduBwaXYDILwBOYOT2cPeFrU4ngQhlnxum-Eoja_Gn1xQrZcg7O_CICaDBVDyMwL5_oPCboE7m8wjJDw3h_l2gH9T1_6HzECwDoNagjKguKPF8DQaI4n8ZUJnnJDnkcTYOaZa5dAnQh-gF3G6_J7LGNLWQ7NZl_dUFOhmmAytWtGSX-VwxNrMj8xIOEFYYxWX-LcI3OwnO28iRSZoOhJj6GuWPpw8N17DymJeVH-S0hGX-0GT31NCy8zFTV42gD6pd8bjrA5L1yJrsp0gvc11Ev45_rGwIWt-DtTeCIXqSoxd4LVWLU1S_sbhT24tJ5fZtPTupY7iNuSxlI4O_SI1wwQUwASgiOrclwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH_7yBswKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCGwBbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi02OTc5Mzc2MjI4MTY0NjQyGAA&sigh=4iORCaYtgr8&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Jul 2022 13:56:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
4938067
dozubatan.com/400/ Frame C842 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/400/4938067
Requested by
Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
897ce900328ac8ec2d4b4a79251c7525
pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
server
nginx
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
22
expires
Tue, 11 Jan 1994 10:00:00 GMT
apu.php
onvictinitor.com/ Frame C842 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://onvictinitor.com/apu.php?zoneid=4938033
Requested by
Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
07f3d61f2f1a7dcef81ae4e6092edf47
pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
968
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
toglooman.com/ Frame C842 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/1?z=5150086
Requested by
Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
851050b4a5f15bc9da33827d2c225c2ed0817df9af3eedd2f1e2c78b7cfbeef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
23d4ca993a4a4124aab39e0b8176210b
pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-sc
qH2y-QEL8ufA5wMQyGcVlG0a8J4fT3nrcOSGvZR_RLBbq9OI1j_mzeUBLU4IAFkHkWjHnRLEwBpqj4V6jbSufj-2jD0=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ Frame C842 		65 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=9da60cb7af334e25b5db034bfac44508
Requested by
Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6c614602eb17f78e8accd8993c6ab71ed68d5a1a5411051879053bca66f9f2a7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://daddylive.one
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8421 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:12:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A33B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Jul 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A33B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 23:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Jul 2022 23:33:43 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A33B 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Jul 2022 13:56:18 GMT
300x600.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/ Frame A33B 		149 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5124218b1f3f5d34596809507c2f53a3963478fb6b486c64a708668dbf00d6d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
55155
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32811
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 15:17:18 GMT
server
sffe
date
Sat, 16 Jul 2022 22:37:03 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 22:37:03 GMT
truncated
/ Frame 2027 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03276cf501ff795200e016350b13e8cec170e0a787d9b3c723f7936b76ef4518

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3efd7eb504d7979cfb9f05dcf8b734aa9bfb8c39903143996cc136ad03064191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54360
x-xss-protection
0
server
cafe
etag
11995277999580173472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Jul 2022 13:56:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-6979376228164642&eid=44759876%2C44759927%2C44759842%2C31068105
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6979376228164642&warn=12%2C13&w=1600&h=1200&pp=1&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220713_094608&sat=1657928282087&afm=0&as_count=4&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.620&alldns=0.620&allp=20&pgh=2388&abl=false&rr=n&su=tv.ifindfast.com&pvc=1893155627320842&r=0.1&eid=44759876%2C44759927%2C44759842%2C31068105
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0C70 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:12:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7A02 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:12:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame AD3E 		247 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
83f184080b669bbba7f36ccd8294a94ff05b8194d2ba060e4cca28c3839bf44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
205
content-security-policy-report-only
script-src 'nonce-sHGDLGznD385qpp4ZTCa4Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 331C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Jul 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 331C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 23:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Jul 2022 23:33:43 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 331C 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Jul 2022 13:56:18 GMT
300x600.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/ Frame 331C 		149 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6356646847452108421/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5124218b1f3f5d34596809507c2f53a3963478fb6b486c64a708668dbf00d6d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
55155
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32811
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 15:17:18 GMT
server
sffe
date
Sat, 16 Jul 2022 22:37:03 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 22:37:03 GMT
truncated
/ Frame F9F2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a06546621ddff0d361c828143984362e7a0eacf00437cea014c98037ab51e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 153A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:12:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3A7A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7a80e26b7e38adc2de36ab4f982259a3f4c2863dc10088f857a51e949eb4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A01F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587835862d3a22214b410a2060c07bbc51e6f0654b99f09c3505e4f3af6fa057

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
/
thaudray.com/ Frame C842 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thaudray.com/?rb=7KYmn81Th-4uG2iRpL1-SJDvkP-ya9c7PUqUBOITF09jOKbFqGvt-DrNwZH6X1EAEoPKjubWnyxqaop-J5vOSFm3EnQSgDKYvCPqmeKXnN83mUeNqfa2Lnt34WEzqemXUsN_dV7e0MozpDVZAHoxh9-xRkUoRrib1gE0RcaR9Ly1kD9QlQz08AhtvbC7D3j3momgvXB3BAN7W-WegKyXghFxNuZs4MZVCITxt8JfQ5u3T7OZav-7NGi8y-WPFmHCWY99UZzninjwGUaXtvSF2fLx3xG_NWb6TVkjrTJvteBO1JaWMpAV2Q%3D%3D&request_ab2=82001&zoneid=4284414&js_build=iclick-v1.401.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=825&wiw=825&wih=494&wfc=7&pl=https%3A%2F%2Fdaddylive.one%2Fs2w%2Fstream-144.php&drf=https%3A%2F%2Ftv.ifindfast.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.401.0&bs=9b97a22c-5d64-4c75-8b90-57942d883944&userId=9da60cb7af334e25b5db034bfac44508&m=link
Requested by
Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a158f2884295c84d053af0c29b3e6f3c6dbc95d24165ac6eb88ba9a878ea8fe3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-max-age
86400
x-trace-id
6d1a8542d52f27f19d9a8904376fc809
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://daddylive.one
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
stats
simplewebanalysis.com/ Frame C4BD 		40 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.132.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
00956008fcc91256e63463792b5704f4c86b1e9193225ffbc76a45bc8ecbaf9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://rkc.primetubsub.xyz
date
Sun, 17 Jul 2022 13:56:18 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
player.php
player.licenses4.me/ Frame DF22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.licenses4.me/player.php?id=premium144&test=true
Requested by
Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cd22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://rkc.primetubsub.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
72c37af28b47baed-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sun, 17 Jul 2022 10:50:47 GMT
max-age
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJG50%2FUfzeA3PylGRpPpRjv9bdVvc7V6P8ITheGwzBYknIFkQ90Bx1gp%2FbyaS4awBMlMBYNG0oEIzumOg7MIk2SOqCN87EcDq0NzCNOLbaStlJcRlrLkY2p%2FDdP6VMMkNWGKBCxl4XPDCYfNAaeJKAEL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
c.adsco.re/ Frame C842 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: d11enq2rymy0yl.cloudfront.net
URL: https://d11enq2rymy0yl.cloudfront.net/psd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
br
cf-cache-status
HIT
age
1813731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
72c37af2acfe020d-ZRH
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires
Wed, 17 Aug 2022 13:56:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-6979376228164642&eid=44759876%2C44759927%2C44759842%2C31068105
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tv.ifindfast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tv.ifindfast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame B611 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Jul 2022 16:14:11 GMT
etag
10429905676100781186
expires
Sat, 30 Jul 2022 16:14:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame D4DE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Jul 2022 16:14:11 GMT
etag
10429905676100781186
expires
Sat, 30 Jul 2022 16:14:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8f0cd2e68e97bc49d78b7e937003b6a1.json
hereditarylenientparents.com/8f/0c/d2/ Frame C4BD 		0
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hereditarylenientparents.com/8f/0c/d2/8f0cd2e68e97bc49d78b7e937003b6a1.json
Requested by
Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 13:56:19 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
a7e038ccb70ca5898f8cc1a9cca3827a
toglooman.com/27/ Frame C842 		398 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/27/a7e038ccb70ca5898f8cc1a9cca3827a
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=5150086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d2847d8eeb8e7f8d608718b3714e86101ce51b1967f7e8587a00a26da62c70c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 07:54:33 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cache-control
max-age:290304000, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Tue, 11 Aug 2082 07:54:33 GMT
38
toglooman.com/42/ Frame C842 		0
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/42/38?z=5150086
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=5150086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
741ff5e42dd392f33b22ef0370447ed2
pragma
no-cache
date
Sun, 17 Jul 2022 13:56:18 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
dlp
sbtlj.nergyflexibilit.pics/ Frame C8AD 		216 KB
139 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbtlj.nergyflexibilit.pics/dlp?st=1&lp=not_robot_3&geo=DE
Requested by
Host: sbtlj.nergyflexibilit.pics
URL: https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a74338a294b4ea86a89f0c051244c7dbc92ad0a8acf57c5b5b314f6f984b9cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"360eb-0XG37jOnlDjIN8jWss40EpxXoQg"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8421
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1543441221&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177885&bpp=1&bdt=168&idt=110&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280%2C255x600&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=uIht4HP2qo&p=https%3A//tv.ifindfast.com&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
iframe.html
p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame AD3E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
34d36fa4ec5cc3e1c20c349cfd68ace31f1681dbde7bb764f2689ce0473ed8fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1861
content-security-policy-report-only
script-src 'nonce-2cmHvWAnjMNGCWCjoe5SNQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
jubsaugn.com/ Frame C842 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jubsaugn.com/favicon.ico
Requested by
Host: thaudray.com
URL: https://thaudray.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1356
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KM8QtRN%2B259U0EZsU2UeHyhrQB3%2BBSBK3NmUL1BT79PIt01KzEeJNnN2zPO5ge9r0Em79Hx6ra6Y1ujCfjg9liZSoLaD0dAZ8ml59nxYHIwdHt4ESoUGo4y%2BifDch1ISzqzX4qGAUvceqBQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
72c37af34841bb2f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C70
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=600&slotname=1887103615&adk=1099239650&adf=1749149054&pi=t.ma~as.1887103615&w=255&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177884&bpp=1&bdt=166&idt=106&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90%2C825x280&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x65JnnQTvQ&p=https%3A//tv.ifindfast.com&dtd=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7A02
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
/
6.adsco.re/ Frame C842 		0
422 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
Origin
https://daddylive.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://daddylive.one
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
72c37af36d840215-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ Frame C842 		0
460 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
Origin
https://daddylive.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 13:56:19 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://daddylive.one
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
css2
fonts.googleapis.com/ Frame B611 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 17 Jul 2022 13:49:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 17 Jul 2022 13:56:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Jul 2022 13:56:19 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B611 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:24:38 GMT
x-content-type-options
nosniff
age
9101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 17 Jul 2023 11:24:38 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B611 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:45:57 GMT
x-content-type-options
nosniff
age
622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 17 Jul 2023 13:45:57 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame B611 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:28:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:28:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 153A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bcbd781f7728998ff721a9763b2e68f43d60439acb243d9052dae3dda85da2a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
171750
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
9847
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 14:13:49 GMT
expires
Sat, 15 Jul 2023 14:13:49 GMT
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame D4DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvFoKAhXUYv6oApm97gSG85uQBLCB49Fj3djRv7gOp_3SjdElEAEgrPGJJ2CV4pCCoAegAbiE5PkCyAEJqQK3jaj_-eizPqgDAcgDSKoEqQJP0N_kf557NZ9hPulcXT9-7HekktTYN0wUISaiT5z8nqdLio6jrL_vNgapIT0wq5eaIG2Xk4acyderT2yUi_cztI4gApd-SeOEk89666t240RaNgQGb8kcwBu1DQ90p9P3Q46-ek4Yqn6tXFS02x6AuneSgvalwjuLB9Tlx6epSy1sHAdrEKPheZHrSIaA4hYTmU8ssTMH0BLMwdTLp1rwVzE_yM-nyNVHE97ThEgASxlgLedtcKpBuOXevI4S7kGZxmbri5zeOtUafHbSDPVwx52UkgXGbej3aI08V3yqHSY1JULMwETJXj8cyz9kd95Y1uc-rrrxY2V2lUlrLG6S5LAZ2veM89dVyV8Ayo19n3Jsm6cbv4UKqXl94zGTk4EbDfBVIVOz6fDABNKYn_jVA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAew-5uGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP6lFtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTY5NzkzNzYyMjgxNjQ2NDIYAA&sigh=62TR-6itnC0&uach_m=[UACH]&template_id=419
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Jul 2022 13:56:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame D4DE 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:42:26 GMT
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame FC97 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=280&slotname=1887103615&adk=3976959788&adf=2170261427&pi=t.ma~as.1887103615&w=825&fwrn=4&fwrnh=100&lmt=1658066177&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177883&bpp=1&bdt=166&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=720x90&correlator=8424639460550&frm=20&pv=1&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WHZM8LJJ2C&p=https%3A//tv.ifindfast.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 14:43:47 GMT
/
4.adsco.re/ Frame C842 		46 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
d79a18445f55035202bcd032853c1715214f2edd37c38f90f7cc9572e1098d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 13:56:19 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://daddylive.one
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ Frame C842 		69 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620f78e6a6435285ef071ea978061d6eb35e856cab3561b8783c55cc29b0bf32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://daddylive.one
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
72c37af3b8632397-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ftmvdb16aolm.l4.adsco.re/ Frame C842 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ftmvdb16aolm.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 17 Jul 2022 13:56:19 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
ftmvdb16aolm.n4.adsco.re/ Frame C842 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ftmvdb16aolm.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 17 Jul 2022 13:56:19 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
ftmvdb16aolm.s4.adsco.re/ Frame C842 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ftmvdb16aolm.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 17 Jul 2022 13:56:20 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 733A 		61 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age
1813732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
72c37af3cc0ecc3e-ZRH
content-encoding
br
content-type
text/html
date
Sun, 17 Jul 2022 13:56:19 GMT
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 17 Aug 2022 13:56:19 GMT
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server
cloudflare
vary
Accept-Encoding
9
toglooman.com/ Frame C842 		7 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=5150086&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fdaddylive.one%2Fs2w%2Fstream-144.php&wy=0&wx=0&ww=1600&wh=1200&cw=825&wiw=825&wih=494&wfc=6&sah=1200&drf=https%3A%2F%2Ftv.ifindfast.com%2F&hil=1&ist=0&oaid=9da60cb7af334e25b5db034bfac44508
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/a7e038ccb70ca5898f8cc1a9cca3827a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer
https://daddylive.one/s2w/stream-144.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
468b5cc0138e260708e23a01c7219d18
pragma
no-cache
date
Sun, 17 Jul 2022 13:56:19 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://daddylive.one
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
toglooman.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=5150086&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fdaddylive.one%2Fs2w%2Fstream-144.php&wy=0&wx=0&ww=1600&wh=1200&cw=825&wiw=825&wih=494&wfc=6&sah=1200&drf=https%3A%2F%2Ftv.ifindfast.com%2F&hil=1&ist=0&oaid=9da60cb7af334e25b5db034bfac44508
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://daddylive.one
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://daddylive.one
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Sun, 17 Jul 2022 13:56:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
/
6.adsco.re/ Frame 733A 		0
347 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
72c37af4ba602397-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ Frame 733A 		0
457 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: daddylive.one
URL: https://daddylive.one/s2w/stream-144.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 13:56:19 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame A33B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 14:43:47 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 34F7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Jul 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 34F7 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 23:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Jul 2022 23:33:43 GMT
ST6D_24_90px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ST6D_24_90px.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
415267
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37693
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
date
Tue, 12 Jul 2022 18:35:12 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Jul 2023 18:35:12 GMT
TR6P_90px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/TR6P_90px.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
157027
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35526
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
date
Fri, 15 Jul 2022 18:19:12 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Jul 2023 18:19:12 GMT
Logo_in_Orange_Box.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/Logo_in_Orange_Box.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
546308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23485
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
date
Mon, 11 Jul 2022 06:11:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Jul 2023 06:11:11 GMT
CTA_DE_90px.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/CTA_DE_90px.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29219
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
date
Sun, 17 Jul 2022 13:56:19 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Jul 2023 13:56:19 GMT
mo_power_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/mo_power_DE.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
546308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3807
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
date
Mon, 11 Jul 2022 06:11:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Jul 2023 06:11:11 GMT
mo_performance_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame 34F7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/mo_performance_DE.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
546308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4987
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
date
Mon, 11 Jul 2022 06:11:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Jul 2023 06:11:11 GMT
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame 331C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 14:43:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D2A0 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2639
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:12:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D4DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4DE 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:19 GMT
css
fonts.googleapis.com/ Frame BCA2 		9 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CHeebo%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4128a07b1f4d7da5aa6e36e2cd1d6c792b76a91d2a4b468ddc133d45cab664e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 17 Jul 2022 12:25:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 17 Jul 2022 13:56:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Jul 2022 13:56:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame BCA2 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:54:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame BCA2 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:42:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame BCA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BCA2 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame BCA2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:52:17 GMT
9fbfea14cd545ec81bc54d3c558bfb70.js
www.gstatic.com/mysidia/ Frame BCA2 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 00:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13103
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:20:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 10 Oct 2022 00:40:37 GMT
/
c.adsco.re/ Frame 733A 		61 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:19 GMT
content-encoding
br
cf-cache-status
HIT
age
1813732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
72c37af53da0cc3e-ZRH
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires
Wed, 17 Aug 2022 13:56:19 GMT
/
6.adsco.re/ Frame 733A 		0
0
/
4.adsco.re/ Frame 733A 		0
0
sfp.js
addresseepaper.com/ Frame C4BD 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addresseepaper.com/sfp.js
Requested by
Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eafe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
d1c388b72bbfaddd8c4c4d9545e18439
last-modified
Sun, 17 Jul 2022 13:56:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX5GuRHQShkGVi2vgfqUalcUSjV0SLwzbwEmKt2LbaaVplVoSZ6e7F4W3hwHf6t1O2X5VtJ7A7cmCilur4z%2F4aSlZC6DSmOskX%2BzCv3sE%2FpmRMYwd34KPza60DrDWrgc%2F1PLapAbZK6ATadCw847h9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
72c37af64e46bb13-MXP
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
simplewebanalysis.com/ Frame C4BD 		40 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.132.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
00956008fcc91256e63463792b5704f4c86b1e9193225ffbc76a45bc8ecbaf9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://rkc.primetubsub.xyz
date
Sun, 17 Jul 2022 13:56:19 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
s
googleads.g.doubleclick.net/pagead/drt/ Frame D5C9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2639
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:12:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D2A0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame 34F7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 14:43:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D5C9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Jul 2022 13:56:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
push-wrap.js
sbtlj.nergyflexibilit.pics/ Frame C8AD 		0
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sbtlj.nergyflexibilit.pics/push-wrap.js?b=8
Requested by
Host: sbtlj.nergyflexibilit.pics
URL: https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
x-powered-by
Express
access-control-allow-methods
GET, POST
block.js
sbtlj.nergyflexibilit.pics/ Frame C8AD 		0
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sbtlj.nergyflexibilit.pics/block.js?b=4
Requested by
Host: sbtlj.nergyflexibilit.pics
URL: https://sbtlj.nergyflexibilit.pics/JMU?tag_id=953898&sub_id1=&sub_id2=6414052437949079824&cookie_id=571ba27e-37d6-4738-a853-b97d73639f1c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fexcellernod.xyz%2F%3Ftid%3D953898%26noocp%3D1&hop=7&geo=DE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
x-powered-by
Express
access-control-allow-methods
GET, POST
p
adsco.re/ Frame C842 		363 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
cfecd57c277a5c75c44a6e0331e6c84fbcdd6e6e2816a84e6c581cec315199e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

AS-P-G
OK
Date
Sun, 17 Jul 2022 13:56:19 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://daddylive.one
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
pxf.gif
dismantlepenantiterrorist.com/ Frame C4BD 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=28b24423-245a-4829-b456-4a2781aee454&eb=9b47e89dfc65ad002c6d58a8b4df3d9d&te=6d283cd4b3a0ba79ea26d1afdf15d561&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&dev=r&res=12.31&b_frame=1&pk=8f0cd2e68e97bc49d78b7e937003b6a1&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=13
Requested by
Host: tv.ifindfast.com
URL: https://tv.ifindfast.com/tv/147&=%D7%A2%D7%A8%D7%95%D7%A5_%D7%A1%D7%A4%D7%95%D7%A8%D7%98_5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 13:56:20 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
1
X-Request-ID
6222303dc7cb7f8c89b194560cd038ba
Expires
Thu, 01 Jan 1970 00:00:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D4DE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 13:52:17 GMT
truncated
/ Frame C8AD 		112 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6aa3d85765db4470382a52ae8fe72bbd9cde4afb0ed100046dbfb31ab243df63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
qY.asp
xadsmart.com/ Frame C842 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xadsmart.com/qY.asp?_=BAoAYtQVAwFi1BUDgAGBAsAAIIr7fBMifrnuHqfYdc00vrrCHmbF-RXuOqzaPNe1avWxwQBHMEUCIEuipfxHTDe2GmfDzvO3OQN7diDcc4DVfGvCJbQdC0qaAiEAokjFoXPvmJ4g-5XpEvmFvulK9a9b8CohD3efLyrnbRjCACCipLDY3kwDQO34T4YAKxsXq4_MsuTO8iIIa9PeRDHG0MQAECABCsgAIDoAEBGYcIcFLHfFABBiSX3a6ESQKuEdnEgtakoZwwBHMEUCICXXK6taVATx2BW-RWYvka1PYQ66LyyFNi0i2ODSIekQAiEAl4e0Z5L_o_6JPeILr6krPbOR7PNmRgy2GrxHJCk32F0&v=4&oKGTAzNt=4790191&sWMFmRGr=&umldqRoY=0,0&BSbhWEkl=&ZcYXUTKR=https%3A%2F%2Ftv.ifindfast.com%2F&s=1600,1200,1.94,3104,2328,1
Requested by
Host: d11enq2rymy0yl.cloudfront.net
URL: https://d11enq2rymy0yl.cloudfront.net/psd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.153.197.251 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
104-153-197-251.customer.totaluptime.net
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://daddylive.one/s2w/stream-144.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Jul 2022 13:56:19 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
truncated
/ Frame D4DE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
412ce5b043a95e3c9cbaa933c3ec7d17e5fc450261b8e8dcaf6a9f2df8e8c61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A01F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstymydTp2RtVsCGW03gko5lt9emYuWLIigvHJaHs1gIyD78I1G2eGOqoITp284wNWZvbIawjyb5pgZaWTujYHZtUyiaDdm13V4uV8sil2w2Z43AtfLEFjcVqOgitO2hArYbsvjyRM_InaQG&sai=AMfl-YTceUdnVqLlsV4Rv7u0KGzYpsYq4QPf-JOg45o7fd1K7-GLSga30AUSYn08vgtr9B0DqsusnLfZbQ7N&sig=Cg0ArKJSzGq_ypZqc8Q1EAE&id=lidar2&mcvt=1004&p=0,0,213,825&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3976959788&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658066177986&rpt=830&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F9F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVcfZlx_T83rlRMtblRM0ArgyHeNPNIksjEkfDCWDC27z0bnR6GBXOdV3Gpehq8Ks-9UE2ESQP-sRl_bWpSEFtATy2vbF1Npp1cqdGD0Ha767IAQ5cNMG_Pba6dMikt5iOG-D8sS4slZYa&sai=AMfl-YS8b4fLctW4X9vjiPq8ND0jXIP9Gf7LrY8ReKUmcHp8fqFtJvCkZAZWFOpSah5CsHZA_VfKkzMXToJk&sig=Cg0ArKJSzAPSNpl3zO_AEAE&id=lidar2&mcvt=1010&p=0,0,89,720&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=751607799&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658066177979&rpt=796&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A7A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTVskwTViaMyZM8o2-FN0sB-wSpB3OEOBZ_czUf33CKMaEBVUhq6xi8KdiW5cUzt64qc25W-jGNu8q50NqJNfm9iQvBtHhO6ADMOOa9T71h7Qw60-_6aa05PzQWp0fbPF1_U_uqj4vtsG7&sai=AMfl-YQGFAJrdQ6zUM-YQowHhbaAhBsMDszPLFWR8tidGLiSH9HOOjBzHtKhw3NlShTgyolVz_96DbY4Riv0&sig=Cg0ArKJSzEfoFJMsFDFREAE&id=lidar2&mcvt=1011&p=0,1,510,256&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=0.86&if=1&vu=1&app=0&itpl=2&adk=1099239650&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658066178522&rpt=239&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
feedback.php
www.facebook.com/plugins/ Frame 8042
Redirect Chain
  • https://www.facebook.com/v2.8/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3D...
  • https://www.facebook.com/plugins/comments.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.if...
  • https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.if...
142 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=31e027b869629cc618e94deb1c77569e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56858dbed91cb866e9cdb251b628b2de6ff5868cbe9ea8ddd67c80d08497375b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Sun, 17 Jul 2022 13:56:20 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
aOmgby9L4JQkwUynQ8yJa20B1S8FdqdR1BuZWsHWOwHa7zM3uCosSC8/uzdeOhLmsaHJMWOi9s/dtcBIceTckg==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
date
Sun, 17 Jul 2022 13:56:20 GMT
location
https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
YGylXzb6KqHKLQIrXvL67ybCpwFgd++IV2LAymQAGZX2PPpEssxo7djwxxzdmlTqk1Tf3hTvyP10WbW/4VGrkA==
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80efdf7bb91a0ce4002621ffb74ea367581e92f419ba932dcad73ba59d8a5022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Jul 2022 13:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11074
x-xss-protection
0
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame 0E76 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6979376228164642&output=html&h=90&slotname=5011888379&adk=751607799&adf=1724644460&pi=t.ma~as.5011888379&w=720&lmt=1658066177&psa=0&format=720x90&url=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147%26%3D%25D7%25A2%25D7%25A8%25D7%2595%25D7%25A5_%25D7%25A1%25D7%25A4%25D7%2595%25D7%25A8%25D7%2598_5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658066177880&bpp=3&bdt=162&idt=85&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=8424639460550&frm=20&pv=2&ga_vid=2071584621.1658066178&ga_sid=1658066178&ga_hid=1322046347&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=820&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105&oid=2&pvsid=1893155627320842&tmod=775335209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=o4conqGket&p=https%3A//tv.ifindfast.com&dtd=98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 14:43:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6979376228164642&plah=tv.ifindfast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Jul 2022 13:56:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2915 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:38:17 GMT
expires
Mon, 17 Jul 2023 13:38:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 358F 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2072beb5b342293fc698a70ed485738b1a4e77a333f29c2cb99644828b84007
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c4qif_MEl_iIJ5t3lmQYnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tv.ifindfast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-c4qif_MEl_iIJ5t3lmQYnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Jul 2022 13:56:20 GMT
expires
Sun, 17 Jul 2022 13:56:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame 2915 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 14:43:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 358F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1893155627320842&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D4DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAuo0Mhc_NuxU8YVN58nSfEuYJqazwOHSXlgr6bYdyziurFe93Iu7ihqRFoQZwUalvS-dJccp5E7X2xfhqIyCfRtzTEQmgREiot6cSvprlJVxEemKr7lCX2diFuKUJ-K1iOomF42jJ6xQo&sai=AMfl-YSRPbVdApXrHYhNFuNHabiEqO-0MrJ7BJ4fEdRL1r1AvqCKSDz2tMMKWqpVRetxt-MdQHmRU0KMPpD7&sig=Cg0ArKJSzMgz8Jaq3PxiEAE&id=lidar2&mcvt=1003&p=0,1,124.25,1006&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658066178957&rpt=747&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jul 2022 13:56:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2915 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?a-waaw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 8042 		721 B
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qVSJF/6ycs/5uNocEebDvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
392
x-fb-rlafr
0
x-fb-debug
rcwvmBElWOUFnEzx7gtoyyh/RE5ZH5BGo6Uhz1fe8FQRQ57NQbo1+SNki5QC1/kUrRY1EYgJeSDve1tD7HdDKQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 15 Jul 2023 15:10:57 GMT
3aYt3FrDzUD.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame 8042 		108 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/3aYt3FrDzUD.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
738fe67cf3e8e1c222dca36391243104ad782fe1d04d659d9007e0d1ccf5e478
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yuNbTYyL0CsshWUr/dIPxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
18139
x-fb-rlafr
0
x-fb-debug
dfZsbLuxdZuU+tGswVuuOBzkEeYahCFptZUnhvaNkoAKmCJaQ5v8cUceCZQYT3BAw86C5li9+qk8yFPPwysMBw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 16:04:09 GMT
1hMluT7aSRp.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame 8042 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/1hMluT7aSRp.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e05f3eac46092d99fb134762cc56d5ddac65c43ddd897129c8df2fb647601a8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9t3DCYdxIfrL+1i2gG0IoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2413
x-fb-rlafr
0
x-fb-debug
fxqnajyXM4r0EzbOxtyoegYuE88CcrdMgeGWEXcuuNMWgS/WjU0iG55+TcV5TcgqT6RbUbFlycui9fz2XdXf/g==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Jul 2023 15:24:07 GMT
wNWWb71hic0.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 8042 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nk52hgdMly+fHVkTyznJPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88116
x-fb-rlafr
0
x-fb-debug
rGcX9nH5fLuIMKgZOdsI/q23jUodmJXOkY1BeG/DNPDSiFbxckXs8OI2XvubfczPtGr/AhVjmTmMZrtMgugyEw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 23:49:04 GMT
cRqz9Ia5roI.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yI/l/en_US/ Frame 8042 		152 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yI/l/en_US/cRqz9Ia5roI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d50eeb9cf5bde6adf4443f4e4f83894a2ff7c518a1922082b4c8780aacf6c72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7fBTQpsvLCYJnS+mR3FnNA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
43247
x-fb-rlafr
0
x-fb-debug
63MfFQ3NvRynQtp0FfTaE2rNZI2Rr04+tA0A2hDFaVThsr8lJ1GpaKor9MWysAZTnEFwWD+ttg7Oj9cF4Z7/yQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 23:40:19 GMT
plw_ptI2UIZ.js
static.xx.fbcdn.net/rsrc.php/v3iuIz4/y2/l/en_US/ Frame 8042 		1 MB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iuIz4/y2/l/en_US/plw_ptI2UIZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fba1b4edcbf954f1b8b6fed2f8aa15374cda841ba907dd157c8d430752ac9fe4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
O9TBSZpN66MVqRfOEsNkdg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
248269
x-fb-rlafr
0
x-fb-debug
4L8KoZL9jxMOfTuN58bGMjKjtCbVLvYMe30mEm0yVKwFb+1hwQd2yuHGJuNLY3KMWwlFKEs2QY9X3GAvIP8MyQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 14 Jul 2023 20:53:10 GMT
KM4vffuo-0L.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 8042 		2 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SuHjmWcicjHzSu82QnUDDg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
788
x-fb-rlafr
0
x-fb-debug
BQLq63NFd5/YXDnK157Rr+G13t6KL0oMmYaIgAlS31vYZ94xPodeduExLtDF/lUp8wUYPuG7+bpmSgsQTzue8g==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:06:22 GMT
lbAKCbOhTns.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 8042 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/lbAKCbOhTns.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gnDv+5ZxfDdlMJoV4LsWMQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10342
x-fb-rlafr
0
x-fb-debug
hjUsH7Qoa7j+vP6Dx/6i+3YGHaRvuAmYFRW65BJFsWfLTV5gp7EFJ5RpUJ+WBInLdJOJE5nj+yH+X9jisZaPtw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Jul 2023 15:02:39 GMT
fZp7oN170YZ.js
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yX/l/en_US/ Frame 8042 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yX/l/en_US/fZp7oN170YZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
19347fa428d8c2c4edf14c653b36e8c0ac083313a45674fc2bddf53d5215cf9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
c7xXa6Ijs2oggPYdNZTDNw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12672
x-fb-rlafr
0
x-fb-debug
m0Utd0GbFXkhvdloNSk7HUiGEyLXkj+JM70UuQde1wjfyScSHMZCziux87FDEqmmn4yjM0Chywv2mOkSjjroIA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 16 Jul 2023 03:11:00 GMT
LAw-JabmDKn.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 8042 		306 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/LAw-JabmDKn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/wNWWb71hic0.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20c0eba4354532da4d8f08c79fe3b6c30cced84e4ad24011a6b592c6e0c174fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PoaUV+3MK6KiXDsc4+tUrQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46090
x-fb-rlafr
0
x-fb-debug
0XnyOR+V9W6GC64sNlIX31sDvYluynL1g1/t+Jlt5Apj+Y2KQDf5QnRbsfZGHZToOf+5kBB2RwTzxgOiUTfr9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 16 Jul 2023 16:24:50 GMT
Qw7gte45pV7.png
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame 8042 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/Qw7gte45pV7.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/1hMluT7aSRp.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28594c79c3fce60543f6b1c28fef163b8b41f2866af1971b23c0fc0714e0f5e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/1hMluT7aSRp.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
x-content-type-options
nosniff
content-md5
vRYgFFHSxo1N15Cgmm1HbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
264775
x-fb-rlafr
0
x-fb-debug
Usai+he6m/P5ZPIdit5Crn6//uaOb8VWnI8idbCdbAlquC03XP6p9RX4VYZP1dfFqqDqgFxvHc7NBTRZ+IWPnQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jul 2023 16:05:22 GMT
odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 8042 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:56:21 GMT
x-content-type-options
nosniff
content-md5
8E8V7SJfv5OQxsrCIaL7hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1131
x-fb-rlafr
0
x-fb-debug
HWiJqyh0Lphv4Q/ZBqBY0oBjtn+jBGvQ2cEbq7PM6H6vDhWwmRcmbgx6rmobIH6scYhNdvHVFR3M1C0LRYFuoQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Jul 2023 07:56:58 GMT
10904121_10152892838397321_4817916110181241217_o.jpg
scontent-frt3-2.xx.fbcdn.net/v/t31.18172-1/ Frame 8042 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t31.18172-1/10904121_10152892838397321_4817916110181241217_o.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=BiGdX6IFarEAX-chXRM&_nc_ht=scontent-frt3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT9hf65bY3kr0ZK151A6N5N0FusrOLvDG2nm3bxnVrz_ow&oe=62FA4436
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df0d1fa694a2eb85a40a076494e13b5c6ccb1ea9c5f67eb08e947c5275218255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum
1128872574
date
Sun, 17 Jul 2022 13:56:21 GMT
x-fb-trip-id
686109401
last-modified
Mon, 08 Jun 2015 09:26:21 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1000222289
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
365358177
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1662
143086968_2856368904622192_1959732218791162458_n.png
scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/ Frame 8042 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/143086968_2856368904622192_1959732218791162458_n.png?stp=cp0_dst-png_p48x48&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=LrRkDSLbr7MAX_l7sF1&_nc_ht=scontent-frx5-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT_pmPrRpj6Z2bxNIG8tXSRiJh2u-JfPv4z8zl6c2o8drA&oe=62F9EDF8
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8eb0a0b7cb7f5a2c06f9edc03c06c9891363db33f1ec8661d362b440b946fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum
2195128382
date
Sun, 17 Jul 2022 13:56:21 GMT
x-fb-trip-id
2050670934
last-modified
Wed, 27 Jan 2021 21:09:20 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=1099843478
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2193203146
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1280
30530906_1592068470861821_7873793626260635648_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/ Frame 8042 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/30530906_1592068470861821_7873793626260635648_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=100&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=0Svp4jxCVnAAX8HwyW4&_nc_ht=scontent-frx5-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-eKfx1JI5nfZ28uGoSU1xkxW34fU3EwjPNc9q3Asaz3g&oe=62F7D80F
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ba4bc0d8c159a76090af1818774d152c0a73e2d9bb41154e24ee28951afacbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum
852623824
date
Sun, 17 Jul 2022 13:56:21 GMT
x-fb-trip-id
917726464
last-modified
Mon, 09 Apr 2018 15:17:18 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2422737547
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2189155619
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1571
73233880_2376560199250539_3395912739799957504_n.png
scontent-ams2-1.xx.fbcdn.net/v/t1.6435-1/ Frame 8042 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams2-1.xx.fbcdn.net/v/t1.6435-1/73233880_2376560199250539_3395912739799957504_n.png?stp=cp0_dst-png_p48x48&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=0uodYiw6NA8AX_NTzB4&_nc_ht=scontent-ams2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9B7jhbh6GSOOnwTz9dOX-mJiOTbIJ_suqdMPI-ZGVixQ&oe=62FB20E2
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
faddc27bd45c8f200c7b0b21ad99fe5e33c3f1bfd14e7b257a6bbb3d7c38548c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum
294562157
date
Sun, 17 Jul 2022 13:56:21 GMT
x-fb-trip-id
1679558926
last-modified
Sun, 13 Oct 2019 13:54:28 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=2674273333
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2040552241
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3663
13501980_1425262704156325_3292143360584521552_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/ Frame 8042 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/13501980_1425262704156325_3292143360584521552_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=YAxRC9SjaNYAX-2leLj&_nc_ht=scontent-frt3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT_AlrXVJ-2LzDKdOPJB9LZZd5yT8sbA38Su0DJWptTR2Q&oe=62F93278
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=740810732743187&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246f0e6642dbc4%26domain%3Dtv.ifindfast.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftv.ifindfast.com%252Ffe3ea7cf108e6%26relation%3Dparent.parent&container_width=825&height=100&href=https%3A%2F%2Ftv.ifindfast.com%2Ftv%2F147&locale=en_US&numposts=5&sdk=joey&version=v2.8&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb0662da6f0265b30565b0b5b9b6106d41970a8a9bd118dd0aeac2900695d280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum
1316120461
date
Sun, 17 Jul 2022 13:56:21 GMT
x-fb-trip-id
686109401
last-modified
Sun, 03 Jul 2016 19:33:18 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1954864639
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2237777584
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1466
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1893155627320842&bg=!7-yl7KjNAAaYcLjmuHA7ACkAdvg8Wl7f1uxchI3VvNRny_ffkTb7ni9QuD369oipYEcvaEjp1vNb2gIAAABzUgAAAAFoAQeZApDkg0jZvJ4dlb6b6D1Y7H0EMCWg1o7ipjcl0sfgnILUZCAckQS1yz_oHZ_4culIYEy-kFlq-4tJLuqt2kEYLXIDvNExA3AQLXn86MwSb7fo1UUeaj0cZ8P0h9RXKVuaOCd-7Vy1bPIl9BEavqM5TslL41vZGC687z7oz0h2SKnB0P_PEw7jPI0ZUlhw5ZtBPAVos3SZGERlUmaLmANFZPxUfL5AZjaKxJiLkoacpQaZjrDSQQ4JiZVecQ-fKqJc_Fx7euiU2bW_1JABmS__scBn3aboyfMKd7G0t2rppczufR5KcWontqOO1k9XGpjTl_rQrmBUgaaFJBvjA-c7GgzrTx1pBKZTuS5W1RcslqPyc8Ja3PDD3gdxj4sgvK87e7UC1XtPyxaqKmueUY9ZnUfY2GPTw3m1pVp1nzoh4P-kPRlt4wfEK0v7KzaSOrNF7LYEFOrz_AopxuVq0MIF3TeeRNlWz8FNDHpLhh5iZBt3LyRDEvD7PbzWpqHhNyjsprJyXcVuMyjiePAOn00Xd6hGlX53VyAdFiimEErxyqUEIVSF2IZZ56Ar_E3LUulvaH0gar151OSbNxzDq_r8FRXvgsMP4AQbHIA5G7gZOdlukNLZvPsu4CdXUjDbERK576lQ3eb9jRsgbYCp_b3yq62mrFLjv37pPFP1oufRTB_dCPzVpXmF7Tr-nSjPbOBV3vIw1y__FnpI0PVzW33_lprrOocesMcRKpdI7TgvTYeAPFbYVmu6rDQ9xKnTtydPLypXhRtsbYjAWBA2pMpoOCM7KW3EWgBgnwFfGmbtB3b1prYyqgU6dK1tNyRNCPWVlumGMN8hSyrcMOEfWeY3022Iwli-jQ0jYoRUs23wq3MJYA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tv.ifindfast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sfp.js
addresseepaper.com/ Frame C4BD 		0
0
stats
simplewebanalysis.com/ Frame C4BD 		40 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: vcdnads.ru.com
URL: https://vcdnads.ru.com/include2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.132.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
00956008fcc91256e63463792b5704f4c86b1e9193225ffbc76a45bc8ecbaf9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://rkc.primetubsub.xyz
date
Sun, 17 Jul 2022 13:56:23 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
pxf.gif
dismantlepenantiterrorist.com/ Frame C4BD 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.xadsmart.com
URL
https://www.xadsmart.com/fullpage.min.css
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
addresseepaper.com
URL
https://addresseepaper.com/sfp.js
Domain
dismantlepenantiterrorist.com
URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=28b24423-245a-4829-b456-4a2781aee454&eb=9b47e89dfc65ad002c6d58a8b4df3d9d&te=6d283cd4b3a0ba79ea26d1afdf15d561&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&dev=r&res=13.31&b_frame=1&pk=8f0cd2e68e97bc49d78b7e937003b6a1&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=13

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adsbygoogle function| $ function| jQuery function| WOW object| jQuery111105023177420850848 object| lightbox object| Sk function| gtag object| dataLayer object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| __buffer function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| google_llp object| googletag object| GoogleGcLKhOms

21 Cookies

Domain/Path Name / Value
toglooman.com/42 Name: OAID
Value: dbd2221c779e4436a69a41118f7b856b
toglooman.com/42 Name: oaidts
Value: 1658066178
tv.ifindfast.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImhabVwvN0JJYlhhYmIycmVjY1kwYzJ3PT0iLCJ2YWx1ZSI6InlaTlwvR1ZXUFpsN2Q1NjA1M3JTSlhVVVdtK0s3QkVLckZkVmpuVHY2OGZjUmRuQkxrcXNzQTA1ZGMzV0w4NnB1WWpUXC9YUXY1WHFQXC9scUhNaE9yd0Z3PT0iLCJtYWMiOiI1NjljMGQ3YWYwNDVmNzZjNjcwMWZlOGNjMmE0NDhiOThjNjc2MzZkMDA3ZWM1Y2YyYTFkZmM3NmViODk4YzBmIn0%3D
tv.ifindfast.com/ Name: laravel_session
Value: eyJpdiI6IkxOZkpQYzhWYUpaazdvSXpnME1ISlE9PSIsInZhbHVlIjoib3JWbHlIK3VlaFwvY1hNVzlQaGdwdVZNcFRWcFwvTWZKVlwvb2N3UXRmRXB4WEFBTkswR2dYbmdXWDMrN1JuWndBZG1MRnBRTHJ6ZFVCNkZZMXBSaU1QYXc9PSIsIm1hYyI6ImM4ZmE3Zjg5MTkwODlkMDUyMjJhMGY3MDNiYzI1OWM3ZTRmMzk0OWIyMDQ2ODExMDYzMzE1NTU1NzliMTk4MzMifQ%3D%3D
.branddnewcode1.me/ Name: uuid
Value: 5b439fcc-d6a7-4c70-9197-9c670135ef16
.ifindfast.com/ Name: _ga
Value: GA1.2.2071584621.1658066178
.ifindfast.com/ Name: _gid
Value: GA1.2.1882053258.1658066178
.ifindfast.com/ Name: _gat_gtag_UA_65085328_1
Value: 1
.ifindfast.com/ Name: __gads
Value: ID=e983101828ad8ffe-227cf6cecfcd009e:T=1658066178:RT=1658066178:S=ALNI_MaftcpnVn42V7fN4yJRhTIQ1oytVg
thaudray.com/ Name: OAID
Value: 9da60cb7af334e25b5db034bfac44508
thaudray.com/ Name: oaidts
Value: 1658066178
.doubleclick.net/ Name: IDE
Value: AHWqTUn7jqkUWmUArYHD2EtW_xuo1QqEo3d3t7Xio3f3rwIHv2y6g9dt4qfwE-er7FE
my.rtmark.net/ Name: ID
Value: 9da60cb7af334e25b5db034bfac44508
toglooman.com/ Name: scm
Value: 1
toglooman.com/ Name: oaidts
Value: 1658066178
thaudray.com/ Name: syncedCookie
Value: true
simplewebanalysis.com/ Name: uid_id2
Value: 28b24423-245a-4829-b456-4a2781aee454:1:1
daddylive.one/ Name: a
Value: zJugueXXm0fPIBsW4yvDSrwdiVwMMmTJ
toglooman.com/ Name: OAID
Value: 9da60cb7af334e25b5db034bfac44508
daddylive.one/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYtQVAwFi1BUDgAGBAsAAIIr7fBMifrnuHqfYdc00vrrCHmbF-RXuOqzaPNe1avWxwQBHMEUCIEuipfxHTDe2GmfDzvO3OQN7diDcc4DVfGvCJbQdC0qaAiEAokjFoXPvmJ4g-5XpEvmFvulK9a9b8CohD3efLyrnbRjCACCipLDY3kwDQO34T4YAKxsXq4_MsuTO8iIIa9PeRDHG0MQAECABCsgAIDoAEBGYcIcFLHfFABBiSX3a6ESQKuEdnEgtakoZwwBHMEUCICXXK6taVATx2BW-RWYvka1PYQ66LyyFNi0i2ODSIekQAiEAl4e0Z5L_o_6JPeILr6krPbOR7PNmRgy2GrxHJCk32F0
.doubleclick.net/ Name: DSID
Value: NO_DATA

9 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
javascript error URL: https://daddylive.one/s2w/stream-144.php
Message:
Access to script at 'https://www.xadsmart.com/fullpage.min.css' from origin 'https://daddylive.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.xadsmart.com/fullpage.min.css
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://dozubatan.com/400/4938067
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://onvictinitor.com/apu.php?zoneid=4938033
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
javascript warning URL: https://c.adsco.re/(Line 55)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://c.adsco.re/(Line 55)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://hereditarylenientparents.com/8f/0c/d2/8f0cd2e68e97bc49d78b7e937003b6a1.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
ad.doubleclick.net
addresseepaper.com
adsco.re
adservice.google.com
adservice.google.de
branddnewcode1.me
c.adsco.re
code.jquery.com
connect.facebook.net
d11enq2rymy0yl.cloudfront.net
daddylive.click
daddylive.eu
daddylive.one
dismantlepenantiterrorist.com
dozubatan.com
excellernod.xyz
fonts.googleapis.com
ftmvdb16aolm.l4.adsco.re
ftmvdb16aolm.n4.adsco.re
ftmvdb16aolm.s4.adsco.re
googleads.g.doubleclick.net
hereditarylenientparents.com
jubsaugn.com
maxcdn.bootstrapcdn.com
my.rtmark.net
onvictinitor.com
p4-b3dutlsaj6tru-cua7eyt2yxzpsgwc-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.licenses4.me
rkc.primetubsub.xyz
s0.2mdn.net
s10.histats.com
s4.histats.com
sbtlj.nergyflexibilit.pics
scontent-ams2-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
scontent-frx5-2.xx.fbcdn.net
simplewebanalysis.com
ssl.google-analytics.com
static.xx.fbcdn.net
stats.g.doubleclick.net
superfastcdn.com
thaudray.com
toglooman.com
tpc.googlesyndication.com
tv.ifindfast.com
vcdnads.ru.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.xadsmart.com
xadsmart.com
youradexchange.com
4.adsco.re
6.adsco.re
addresseepaper.com
dismantlepenantiterrorist.com
www.xadsmart.com
104.153.197.251
107.22.28.167
139.45.195.8
139.45.197.237
139.45.197.238
139.45.197.239
142.250.184.227
142.250.186.166
162.252.214.5
185.177.94.89
185.200.116.90
185.200.118.90
192.243.59.12
192.243.61.227
192.99.13.63
2001:4de0:ac18::1:a:2b
2600:9000:2250:fc00:10:abc1:d740:21
2606:4700:3033::6815:4b27
2606:4700:3034::6815:30cd
2606:4700:3034::ac43:b286
2606:4700:3036::ac43:decf
2606:4700:3037::ac43:c753
2606:4700:3038::6815:ea4d
2606:4700:3038::6815:eafe
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6812:acf
2606:4700:e6::ac40:cd22
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
31.172.80.234
35.190.41.116
38.132.109.186
46.105.201.240
52.222.214.124
52.29.132.48
00956008fcc91256e63463792b5704f4c86b1e9193225ffbc76a45bc8ecbaf9c
01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2
01bfa269b8212f066bf425c10d13d750c66b182d7a84482a28d65623c6df9eee
02d87059c479f69fea247153d796cfffeda0f80ec2a68d456267c219c9994e31
03276cf501ff795200e016350b13e8cec170e0a787d9b3c723f7936b76ef4518
051a58a8adcdd3760185cc295626f5aba285002c1ccee541c29d3ec93032384c
08b26bff29c8c0cd7b0005c8cf8b7c9a193ebf5f575b35b1706b858c068ee442
0aed09ee4732bc2f4ed5074c15f03f14fb676aa4f2978eadf8f8d1a07284b47c
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187ca8fff15e6d801bc1bc0ffad4e2510ff28f7ac20544e245eebede66bebbcb
191042ba153a2d60daa09dd507eb6ccf71b05006cf773278ca0b5b8a980fe6ad
19347fa428d8c2c4edf14c653b36e8c0ac083313a45674fc2bddf53d5215cf9a
1956bb1d1eba27d3240d9ae1abbb0529e528cbf7ddc3c3deb0756e9a5cf8e18e
20c0eba4354532da4d8f08c79fe3b6c30cced84e4ad24011a6b592c6e0c174fa
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824
26968435703f42f548195e31049e1f621c267346a0295be2bafa457b5904ace9
28594c79c3fce60543f6b1c28fef163b8b41f2866af1971b23c0fc0714e0f5e4
28eb4f183218e11c46c6ce032c76881efe4c20e36a1bbd3b567211d5a8bdedd4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bcbd781f7728998ff721a9763b2e68f43d60439acb243d9052dae3dda85da2a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1
341c1014109f273040169372f49ce68b0927eb699a7ba61aec94d2c9ed6f5465
34d36fa4ec5cc3e1c20c349cfd68ace31f1681dbde7bb764f2689ce0473ed8fa
38beba8deebd2a8d990f795130b970c669c5024b25c4773efbe8431aaae91ec4
3a06546621ddff0d361c828143984362e7a0eacf00437cea014c98037ab51e92
3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153
3dc39a844e1226d9cb7efe93814ba5160794ca43d5f1d4618af3fd0d3235cd88
3efd7eb504d7979cfb9f05dcf8b734aa9bfb8c39903143996cc136ad03064191
3faf97587e8696e87cee4109534f3ca4f34fc6d6dbff733df4ce12eb11da5e9f
404245d2d2c4ebd2047875aa91e82240d95a414cf5cc7618d84823856ffe6085
40c7d956987b82de70548c4cfa08d934012051311ad190df054cb817af80ded6
412ce5b043a95e3c9cbaa933c3ec7d17e5fc450261b8e8dcaf6a9f2df8e8c61b
452dd606e05bb4b6a2d91400bb78e737bb548eef6e1bd100b69d385755581778
4a6dbbc267f2ddec9271d72eb89d7c4f6e88288dd54cba58a46e0ace58f68deb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5124218b1f3f5d34596809507c2f53a3963478fb6b486c64a708668dbf00d6d5
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56858dbed91cb866e9cdb251b628b2de6ff5868cbe9ea8ddd67c80d08497375b
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
587835862d3a22214b410a2060c07bbc51e6f0654b99f09c3505e4f3af6fa057
58baa65a42c26461673d916f55edbb801de83e2d10f02f13e8ca2ef098aa2a25
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620f78e6a6435285ef071ea978061d6eb35e856cab3561b8783c55cc29b0bf32
6aa3d85765db4470382a52ae8fe72bbd9cde4afb0ed100046dbfb31ab243df63
6c614602eb17f78e8accd8993c6ab71ed68d5a1a5411051879053bca66f9f2a7
6d2847d8eeb8e7f8d608718b3714e86101ce51b1967f7e8587a00a26da62c70c
6e370fecce4e39a2960185acf1482babf68aface4bcb853ffcc2317908250cba
6e74c085ab5474861b63592f5e6155cad2d123d75fc74fc7ff8d520d49ebe1a0
72581d1913faf103dc70178a3b461de59b82d24c13ea198da5414609bc741346
7338c69b447bb0d02ab75295d20a5527138e27cfb63acf90c4cc94400fdc14be
738fe67cf3e8e1c222dca36391243104ad782fe1d04d659d9007e0d1ccf5e478
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7699871555d1cfba1d7ea8e1b5f9f417bcadd2810266ea166e692d32fd33b26f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
80efdf7bb91a0ce4002621ffb74ea367581e92f419ba932dcad73ba59d8a5022
83f184080b669bbba7f36ccd8294a94ff05b8194d2ba060e4cca28c3839bf44c
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
851050b4a5f15bc9da33827d2c225c2ed0817df9af3eedd2f1e2c78b7cfbeef2
874c4bdc201a59e602432811b04905b94224486a4b082cc608f6f6a820a0bd4c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d182d0d0d81123c896f23afc91e0c3af0866b6032565211de9e3dbe18761ba4
8d50eeb9cf5bde6adf4443f4e4f83894a2ff7c518a1922082b4c8780aacf6c72
8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7
906e984d58a1c6b8a8940a1e354b2d30ad5136f7881d59b67664988db89776f5
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
91ab01258378245af1e62612c357e2a7eae1cc9f97f4a72efc8fb9bf49f64626
92ca49fb35fd69fa8f528df991928501cdf654547977d247b49c758b1493e325
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99a253a69ffb1139d83f5d5ad502120a67b1ed68082d0c9f86bc5a0d29747d4d
9ba4bc0d8c159a76090af1818774d152c0a73e2d9bb41154e24ee28951afacbe
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a158f2884295c84d053af0c29b3e6f3c6dbc95d24165ac6eb88ba9a878ea8fe3
a16f2892563f5fd497af832e8b27876bc93e5be9d435abd410bba28cde376132
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61d99915f5d27e8161ff2640c89b47f9e7cb368443783a4636b62b91741548f
a74338a294b4ea86a89f0c051244c7dbc92ad0a8acf57c5b5b314f6f984b9cea
a8eb0a0b7cb7f5a2c06f9edc03c06c9891363db33f1ec8661d362b440b946fa1
aa00fbe7d08b8497e093308576b833d82b6453fccc243af014023414ee167746
aafd90762cf0baccd5affc19ea69914ca3ad8d208f1c6a6e64830e4b4ab9ee2b
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23fc3e24a4f8ca9e480761f1bdde949020ef4d1beaa18f475b0613dcce6329e
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
c2072beb5b342293fc698a70ed485738b1a4e77a333f29c2cb99644828b84007
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
cb0662da6f0265b30565b0b5b9b6106d41970a8a9bd118dd0aeac2900695d280
cd1a5e8bac81bef11c30d17f9d185898a95c12ec5c33612034ec2b6724b9d636
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
cfecd57c277a5c75c44a6e0331e6c84fbcdd6e6e2816a84e6c581cec315199e2
d232260d3bcca7336f759e3ba8f6919cada23872ae20f412a60f7f2dd32a02e8
d40d38a967a5b28fb5694bc58d6137b6a05755c8e278474cb65538cb15d7f966
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d79a18445f55035202bcd032853c1715214f2edd37c38f90f7cc9572e1098d11
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0d1fa694a2eb85a40a076494e13b5c6ccb1ea9c5f67eb08e947c5275218255
e05f3eac46092d99fb134762cc56d5ddac65c43ddd897129c8df2fb647601a8b
e3ad911079305129a9f40123c761d876d3239a2310cc4e6bbcd29809df92b2b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f4128a07b1f4d7da5aa6e36e2cd1d6c792b76a91d2a4b468ddc133d45cab664e
f4f09dea12f5d1524e13a0a00e7f22c8f2d7cb19bf705e7ba4e98ae4c1efc54d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81cf47223d61d871657ae1e73ab17bc49a8805db8196e44f54d39d203279785
f8ce109182039bfa45b86386fc381bdb1ea6b062817165a6f85beeb4f676fd6e
fa7a80e26b7e38adc2de36ab4f982259a3f4c2863dc10088f857a51e949eb4f3
faddc27bd45c8f200c7b0b21ad99fe5e33c3f1bfd14e7b257a6bbb3d7c38548c
fba1b4edcbf954f1b8b6fed2f8aa15374cda841ba907dd157c8d430752ac9fe4